hello.
I am new to the null-byte forums.
I have a few questions in regards to MITM attacks.
I am wanting to perform an attack on my own Wireless Network.
I have a full house here with over 10 devices connected to my WiFi, Majority of them mobiles.
was wondering if there was a specific way to capture network activity from say an iPhone (jail-broken) and Android devices.
What I was hoping for was to be able to see basically see whatever the iPhone or Android device was doing.
for example. the iphone was running "angry birds, Tinder, looking at porn on xtube".
not sure if this is what you call "man in the middle", but i was hoping for a solution to achieving this on my network.
(I have used "ettercap" and I am not getting the information that I want)
if i could screen capture every device on my network, that would do the trick. Id be happy...
PS - about me. I currently just started studding IT at a university in Australia. not that I am learning anything to do with penetration testing just yet. But i am trying to learn as much as I can about it so i am prepared for when it comes... so your ideas, resources and solution are much appreciated.. cheers..
I am running Kali 2.0 64bit dual boot with Window 7.
9 Responses
im aware ill get down voted. i dont care. as long as i get results.
Hello Matt,
You can arpspoof the entire network and watch all their traffic through your machine. What they are using the Internet for.
And for the Android part as in you want to see what they are playing or have installed, You need to install a payload on the phone. Feel free to type: arpspoof, mitm, mitmf, ettercap, urlsnarf, dnsniff in the search bar above. Welcome to Null-Byte.
Cheers dude. I'll have a look about and see what I can find.
for testing purposes. I have a jail-broken iPhone (which is mine) id like to end up seeing more than just images threw "driftnet" and random usernames and passwords inputted threw a http URL's.
Https URL's are not even loading when using ettercap on my wireless.
would be awesome if I could force http instead of https.
anyways cheers...
Well, you are lucky.
https://null-byte.wonderhowto.com/how-to/defeating-hsts-and-bypassing-https-with-dns-server-changes-and-mitmf-0162322/.
I was able to sniff part of the Android browser traffic and strip all the https (default browser). Might not work on new browser with recent mitigation techniques. Never tried on and iDevice, you may be the first.
Cheers man.
this will defiantly help obtaining the answer that I am after..
A bit or research ahead of me but thanks to everyone who contributed to this curiosity.
up-voted every contribute.
If you got an android rooted.. you can maybe install an app called dsploit.. its easier but limited...
If you want to do it on linux... try source forge... see the mitmf section in howtos ;);)
dSploit is outdated and got replaced by zAnti with the next installment right around the corner. You should use these applications only against devices you are permitted to do it against or atleast not for stalking purposes, otherwise you are a hell of a scriptkiddie...
For Android MITM you should try Zanti. That works really well and requires pretty low skill to execute; the only issue is of course the bottleneck of having a mobile phone. The victim will experience slow loading rates and may try restarting their devices or recconecting to wifi or even switching to mobile data as a result. https://www.zimperium.com/zanti-mobile-penetration-testing
You can use Ettercap for ARP Poisoning and then sniff packets with Wireshark. Here is something about how to use Wireshark:
https://null-byte.wonderhowto.com/how-to/spy-your-buddys-network-traffic-intro-wireshark-and-osi-model-0133807/
and tutorial for ARP Poisoning with Ettercap:
https://null-byte.wonderhowto.com/how-to/spy-web-traffic-for-any-computers-your-network-intro-arp-poisoning-0131785/
Share Your Thoughts