Seculabs eBook - Sniff Router Password With Ettercap Sniffing Tool

7/29/2019 Seculabs eBook - Sniff Router Password With Ettercap Sniffing Tool

http://slidepdf.com/reader/full/seculabs-ebook-sniff-router-password-with-ettercap-sniffing-tool 1/9



SECUGENIUS SECURITY SOLUTIONS

--------------------------------------------------------------------------------------

(A UNIT OF HARKSH TECHNOLOGIES PVT. LTD)

Company Profile:

Secugenius Security Solutions is a Student Entrepreneurial Company started by 2 Social Student

Entrepreneurs in 2010 with an aim to make our country Cyber Crime Free. We at SECUGENIUS

are headquartered at Ludhiana, the Manchester of Punjab. The main activities of Secugenius

Security Solutions are providing training in Information Security and various professional courses.

Secugenius Security Solutions is an organization which believes in inventing and implementing newideas to influence the technological minds of the youngsters

Looking at the number of Cyber Crimes since last many years, We at Secugenius Security

Solutions provides training on Ethical hacking & Cyber Security to students, IT Professionals, Bank

Employees, Police officials.

Secugenius conducts workshops in all parts of the country in various Colleges/institutions for the

benefit of the students & making them aware of the latest trends in technological era of the

Computer age. We believe in spreading knowledge to all the youngsters & growing minds of the

nation so that they could serve the nation with perfect skill-sets in the field of Cyber Crime

Investigation & Forensic Sciences

Secugenius provides various security solutions to its clients by securing their websites from cyber

attacks. We provide training to college students, graduates and professionals in various fields.

Education is delivered to students through two modes i.e. Regular mode and Distance mode which

are available as short term and long term courses.

In the workshops conducted by Secugenius, participants can claim to be trained by the highly

experienced & skilled corporate trainers from different parts of the nation. We believe in making

the base of students to be as strong as possible. All the modules have been designed in order to

provide students with specialized knowledge by specialized trainers.

This library was furnished, managed and funded by the Founders and Directors of Secugenius

Er. Harpreet Khattar & Er. Kshitij Adhlakha. The overall resource person for the content of

the series of this Digital Library is Er. Chetan Soni - Sr. Security Specialist, Secugenius Security

Solutions.

This Online Digital Library has been initiated as a free resource & permanent

resource on specialization basis for every student of Team Secugenius.



Sniff Router Password with ETTERCAP Sniffing Tool

Product ID No: SG/ODL/13048

Founder & Director: Harpreet Khattar & Kshitij Adhlakha

Resource Person: Chetan Soni & Navdeep Sethi

Secugenius Security Solutions

SCO-13A, Model Town Extn, Near Krishna Mandir,

Ludhiana-141002, Punjab – India

[email protected], [email protected]

www.secugenius.com , www.seculabs.in

mailto:[email protected]





http://www.secugenius.com/

http://www.seculabs.in/




http://www.secugenius.com/





In this EBook, Our main objective is to sniff the router password with the help of Ettercapsniffing tool which is already installed in backtrack operating system. So using backtrack, Iwas able to successfully SE (social engineer)/ sniff the password of the router.

What is Sniffing?

Sniffing is a data interception technology. Sniffer is a program that monitor or reading all

network traffic passing in and out over a network. Telnet, Relogin, FTP, SMTP, HTTP, IMAPthat all protocols are vulnerable for sniffing because it sends data in clear text.

What is ETTERCAP?

Ettercap is a tool for network protocol analysis and security auditing. It has the ability to

intercept traffic on a network, capture passwords, and conduct active eavesdroppingagainst common protocols.



Requirements

1. Backtrack Operating System

2. VMware Workstation (Make sure that your network must be in BRIDGED ) 3. Ettercap Sniffing Tool (Already Installed in BT)

Steps –

So I will assume that you now have Backtrack installed. Make sure that your Backtrack must beupdated.

The update is not mandatory if you download backtrack 5r3 but it's always good to have an up to date version. In my experience, the updates on backtrack are sometimes very buggy so it's up to you.

To update the Backtrack Operating System,

root@bt:~# apt-get update

We will now be using a tool named as Ettercap.

What we will do with this tool is use the dns_spoof plugin.

What this will do is wait for someone to enter in a specific URL (which you will choose) andredirect them to another IP (which will be your IP so that they are connected to you).



First, we are going to have to specify what URL to wait for them to type in. To do this, go to thefile etter.dns which is located in.

To locate the dns file, type this command in your terminal,

root@bt:~# locate etter.dns

Now you must know your default gateway address.

For this type “dig” in your terminal.

So in this case, our default gateway is “192.168.0.1”

So when we open this gateway in our browser http://192.168.0.1

http://192.168.0.1/

http://192.168.0.1/

http://192.168.0.1/

http://192.168.0.1/



Now open your etter.dns file with the help of nano editor

root@bt:~# nano /usr/local/share/ettercap/etter.dns

Now to specify what URL to redirect from and to, delete everything inside that section and enter inthis.

www.google.co.in A 192.168.0.1*.google.co.in A 192.168.0.1

www.google.co.in PTR 192.168.0.1

Press CTRL+X and then type Y.This will redirect anyone on the LAN to your router login page whenever they use google.co.in orany google searches.

Keep in mind that you can also add other things to the list to annoy the person even further.Remember, the goal is to annoy the person who has the router password so much that he/she logsin to the router to find out what's wrong.

http://www.google.co.in/








Now, finally we will commence the sniffing and redirecting. Enter this command into anotherterminal.

root@bt:~# Ettercap – Tqi eth0 – P dns_spoof – M ARP // //

Replace eth0 with whatever it was that was displayed when you used "ifconfig"

There are other variations of this command, other options you can use, other targets you cantarget.In this example, we will be redirecting everyone in the whole network (hence the "// //")

When it starts listing some IPs, it means that it has started to sniff the network and everythingshould now be working.

You can test it yourself by trying to go to one of the websites that you put in the etter.dns file. You should be redirected to the router login window.



The minute that someone logs into the router, it will start spamming the window with the user andpass.

As you can see, the username was " navdeepchetan " and the

password was " chetannavdeep "

Date post:	14-Apr-2018
Category:	Documents
Upload:	rifqi-multazam
View:	221 times
Download:	0 times

Seculabs eBook - Sniff Router Password With Ettercap Sniffing Tool

Documents