I assume most of you know what a Man in the Middle (MitM) attack is, but here is a diagram of a Man in the Middle attack. I will be using the Parrot Security OS, but you can use most Linux distributions.
For this MitM attack we are going to need Websploit, so let’s get it now. Anything in bold needs to be run in a console.
Step 1: Install Websploit
First open up a terminal and type:
sudo apt-get install websploit
Step 2: Launch Websploit
Once that finishes, you will need to launch Websploit by typing:
By doing this it will open a nice interactive console for us!
Step 3: Select the MitM Module
Next let’s type:
so we can see which one to use.
The one we want to use is “network/mitm”. We can select it by typing:
Step 4: Set the Options
Let’s take a look at the options we need to set by doing:
We can see that we need to set all of the options, so let us do that!
set Interface wlan0
set ROUTER 192.168.8.1 (To find yours do a netdiscover in a new terminal and it should be the first IP that appears. Normally it ends with a 1 or 0.)
set TARGET 192.168.8.112 (I’m just targeting my computer, but you should replace this with your target’s IP)
set SNIFFER urlsnarf (Or you can use other sniffers available in the list.)
Step 5Run the Attack!
Now we are going to do what we have been waiting for… Run the attack! All you have to do is type:
Now if the target navigates to a website, we will see it appear in our console!
This is only one of the sniffers that you can use, so I would recommend you trying out the others!