Jump to content

Man In The Middle, What Next

Recommended Posts

Depends what you want to do, for sniffing passwords dsniff is good, to see what images are being looked at try driftnet and to see who is talking to who etterape.

And with Wireshark, if you learn to use the filters well then you can quickly get through the forest of data to see the juicy bits, it takes a lot of practise though and it helps if you know what you want to look for in the first place.

Link to comment
Share on other sites

Thanks, Iv used driftnet, but actually I would like to see websites and Iv used a lot wireshark, but it still gives a lot data, its good.

The only problem is that I see fon+ as one device, so all data seems to come from one ip.

Link to comment
Share on other sites

Hamster and Ferret is also pretty useful when your mitm. Although I usually just stick to SSL Strip since it gets you the most data and you don't need to use any other programs to log data it gets.

Also filtering wireshark for http POST's works well if your looking for passwords.

Link to comment
Share on other sites

If you are sat on that side of the router then everything will be nat'ed so you won't see individual client IPs. Nothing you can do about that.

What if im also connected to pineapple should I then aprspoof me to man in the middle?

Link to comment
Share on other sites

If you have the pineapple going into your machine then you are in the middle already, no need for arpspoof.

A nice trick if you have a pcap, say you collected it with tcpdump, is to do

strings x.pcap |grep -i -C 3 password

It will show you any mentions of the word password and give 3 lines of context on both sides.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...