Your English teacher is a creep.
The way he looks at your girlfriend, the way he always spends ages with the girls in the class going over their work but not the boys, just the way he is.
You want to get rid of him, but you need some proof first.
If you can know for sure that he accesses inappropriate content online then you can start to put together a case for firing him.
So let's use this lunchtime to see what he's really up to on his laptop...
You're going to execute a Man In The Middle attack, so let's scan the network using NMap like so:
nmap -sP 192.168.1.0/24
-sP means a Ping scan
192.168.1.0/24 is the range of IP addresses using CIDR notation.
Aha! His laptop that he uses in lesson has a sticker on the lid saying "English 7"!
In the scan report above we can see that english07 has the IP 192.168.1.66
Now we have his IP we can start our Man In The Middle attack.
First, let's enable IP forwarding so all his traffic can be routed through us. We'll use the echo command to put a "1" in the relevant file to enable the packets to be forwarded.
echo 1 > /proc/sys/net/ipv4/ip_forward
Now let's use Arpspoof to poison the ARP caches of the school router and his laptop, to intercept all his internet traffic.
Since we need to trick the router and his laptop into thinking we're the other, we need to simultaneously run two arpspoof commmands, so open two terminals and type one of the following in each:
- arpspoof -t 192.168.1.66 192.168.1.254
- arpspoof -t 192.168.1.254 192.168.1.66
Where 192.168.1.66 is his IP and 192.168.1.254 is the IP of the router.
You should see some feedback from arpspoof about what it's doing.
Now that all his internet traffic is being routed through us, we can see if he's accessing anything inappropriate, so let's open a terminal and type
which, as I'm sure you can guess, will fire up driftnet. This will allow you to see the images that he's viewing online.
As the images pop up on your screen, you can see that they are most definitely inappropriate for a school teacher! (I won't show you a screenshot as I wouldn't want to contaminate all your your pure minds)
You now know that your teacher is a paedophile.
Next step: expose him!
In part 2 of this tutorial we'll cover how we go about trying to fire him without letting on that we've been sniffing about the school network...
Hope you enjoyed, thanks for reading.
img credits: tails.boum.org
Want to start making money as a white hat hacker? Jump-start your white-hat hacking career with our 2020 Premium Ethical Hacking Certification Training Bundle from the new Null Byte Shop and get over 60 hours of training from ethical hacking professionals.