I think you are not a newbie in Ethical hacking field because Man in the middle attack is not for newbie, you’re the great learner that’s why you’ are reading this post.
Now friends here I’ll not tell you that what is Kali Linux, and how to use it. And how to give the command and execute them because this is not the part of my blog post, I hope you’ll understand.
Note: This post is only for educational purposes.I didn’t harm anyone, I used my own device during explaining of this method so please don’t use this method any kind of illegal or malicious activities because hacking is a crime if you do this then it’s can land you in jail. I’m not support any kind of illegal or malicious hacking.
Here I am not going to waste your time so just follow the steps and know how you can use Ettercap tool in Kali Linux os for performing MITM attack very easily.
- You have installed two operating systems (kali linux+windows or any other) in your computer because you’ll need to consider Kali Linux machine as the attacker machine, and windows machine as the victim.
Attacker Machine >>> Kali Linux
Victim Machine >>> Windows 10 (In my case you can use any os for checking how MITM attack work)
- Ettercap tool
- Basic knowledge of how to execute the command in Kali Linux terminal
- High-speed internet connection
- How to set up a guest WiFi network at your home?
- Download Mobile Friendly Facebook Phishing Page for All Smartphone Users 2020
- How to Control Android phone from PC or another Android Phone remotely | Android Remote Access!
- Follow these Simple Steps to Detect and Remove Malware from your Windows10 PC!
- How to Increase Active Followers on Instagram | Get Real Instagram Followers 2020
- How to Unsubscribe from unwanted Emails in Gmail | Unsubscribe from Emails!
- How to perform Lock Screen Phishing Attacks using Lockphish Tool
- 5 Attacks Which are Harmful For Your Whatsapp Account & How to be safe in 2020!
- Top 5 Free, and Secure VPN Apps for Android in 2020
How To Perform MITM Attack Using Ettercap
STEP1; First of all, open your Kali Linux machine, and you need to search ettercap tool by going to the search bar, here you’ll see 2 ettercap one is the command line and another is GUI. So before using this ettercap tool we’ll need to configure it so follow below some point for configuring it👇
a. Open terminal window of Kali Linux machine
b. Give this command nano /etc/ettercap/etter.conf , after executing this command you’ll see a file called ettercap.conf open in nano text editor.
Note: There is one space between nano and /etc/ettercap/etter.conf
c. Now, a ettercap.conf file will open, simply scroll down, and try to find [privs] section. first, change the value of ec_uid and ec_gid so, change the default value. the value is 0
d. Now, the second change in ettercap.conf file. simply scroll down and try to find Linux section, now in Linux section you will see there are 2 iptables below this sentence if you use iptables. Simply remove the # sign from both of iptables which is in the starting point. And after that save this file by going to file then save option.
STEP2; After configuring ettercap tool you need to open Kali Linux terminal again, and now you need to start the Apache server. I think you know about the Apache server if you don’t know then try to know about it here I am not discussing upon it, simply for hosting any file from your system to globally, you’ll need to use a server. Apache server comes inbuilt in Kali Linux. So simply for starting Apache server execute below command 👇
service apache2 start
Note: There is one space between service and apache2 and also one space between apache2 and start in the above-given command.
STEP3; Now, testing this MITM attack, I make a small website, and save that site in the Apache server. If you don’t know how to host any file from your computer to any other computer anywhere in the world.
STEP4; Now, friend you’ll need a static ip , you can check your IP by executing this command in terminal of kali machine ifconfig And you’ll get your ip , suppose your IP is 192.168.19.129 (Remember it)
STEP5; After that again go to the terminal window, and enter below command👇
After entering this command a file will open called etter.dns
Note: There is one space between nano and /etc/ettercap/etter.dns
STEP6; Now, scroll down the file etter.dns, and try to find out This line redirect it to www.linux.org, Now here you need to set your target. So suppose you are going to hack facebook.com using MITM attack simply make an entry of facebook.com and associate your IP address with Facebook. After that, now save the etter.dns file.
STEP7; Now, the time comes to do a DNS spoofing attack on the victim’s machine (windows machine in my case).Now again open the terminal of Kali Linux, and execute this command👇
STEP8; After that, ettercap tool will open, Simply click on the sniff option given the upper side of the ettercap tool, and then click on unified sniffing.
STEP9; After that, a popup will come asking for selecting your network interface, In my case, my network interface is Ethernet (eth0). Select your own network interface and click okay.
STEP10; Now, you need to stop unified sniffing by going to the start option, and then click on stop sniffing option.
STEP11; After stopping the sniffing you’ll need to select your targeted system which is connected with your LAN connection. so, simply click on the Target option listed upper side of the ettercap tool and then click on hosts and then scan for hosts. Now you’ll see the list of connected systems with your’s system.
STEP12; Now again go to the hosts list, here you will need to select the gateway IP (just select only) and click on add to target 2.Basically gateway IP listed in the above of all IP and it looks like 255.0.1.4.
STEP13; And again select your victim machine IP (just select only) and click on the add to target 1.
STEP14; So in this way you successfully add gateway IP in target 2 location and victim machin’s ip in target 1 location.
STEP15; Now click on the MITM option which is listed on the upper side of ettercap tool and then click on ARP Poisoning. Now a popup comes where you need to select the sniff remote connection and then click on okay.
STEP16; Now, go to the plugin option which is situated on the upper side of the ettercap tool then click on manage plugins and then activate the dns spoofing plugin by tapping on it double.
STEP17; Now, the full set up has completed. Now our attacker machine is ready for doing MITM attack on the targeted machine. Simply click on the start button and then start sniffing.
Now if your victim will try to open the site facebook.com then instead of it your hosted site will open because of your IP address which you mention in the ettercap.dns file after www.facebook.com.
LAST WORD: So friend this is the overall post, if you like this post please share it with your friends. Or in case if you want to ask me something then drop your mail by going to the contact us section of this site,I’ll try to resolve your issue as soon as possible.