Warning. This is a non-real simulation. If you do harm to other people by exploiting the following, you will be punished by law.
This sniffing simulation has been implemented by ARP spoofing(Link).
In the end, the attacker can take target's traffic.
❑ Detail procedure
First, The attacker deliberately transmits ARP reply packets to change the MAC address of the target's gateway to attacker's MAC address.
This is the change of target's ARP table. If the attack is not terminated, the above changed state will continue.
The attacker sets the forwarding so that the traffic that should be sent to the gateway goes normally.
Now, the environment for sniffing is ready.
Such as telnet, If the plain password is transmitted to somewhere, the attacker can steal it.
This is attacker's screen. When the traffic fragments are collected, The ID and password is exposed.
Therefore, we should install IDS on our PC, not connect to an unknown network, and avoid using plain text communication applications.
This sniffing simulation has been implemented by ARP spoofing(Link).
In the end, the attacker can take target's traffic.
❑ Overview
1. arpspoof -t [Target IP address] [Ip address to forge]
2. fragrouter -B1
3. Capture and analyze the traffic
❑ Detail procedure
First, The attacker deliberately transmits ARP reply packets to change the MAC address of the target's gateway to attacker's MAC address.
This is the change of target's ARP table. If the attack is not terminated, the above changed state will continue.
The attacker sets the forwarding so that the traffic that should be sent to the gateway goes normally.
Now, the environment for sniffing is ready.
Such as telnet, If the plain password is transmitted to somewhere, the attacker can steal it.
This is attacker's screen. When the traffic fragments are collected, The ID and password is exposed.
Therefore, we should install IDS on our PC, not connect to an unknown network, and avoid using plain text communication applications.