Networking can be built largely on trust. Most devices do not verify of which another device can be what the item identifies itself to be, so long as the item functions as expected. inside the case of a man-in-the-middle attack, we can abuse of which trust by impersonating a wireless access point, allowing us to intercept in addition to modify network data. of which can be dangerous for private data, although also be fun for pranking your friends.
In of which case, we’ll be intercepting in addition to manipulating traffic via within a local area network, often times a Wi-Fi network connected to a wireless router. Keep in mind of which a man-in-the-middle (MitM) attack still involves intercepting in addition to modifying traffic, in addition to without permission, of which could be illegal depending on your jurisdiction.
Step 1: Install the Prerequisites
The primary tool we’ll be using to intercept in addition to modify network traffic in of which guide can be the Man-in-the-Middle Framework, better know as MITMf. the item’s intended for use on Linux although could be potentially compiled for use on macOS or Windows. the item’s a command-line tool, so we’ll have to learn a bit about how the item works to use the item.
Don’t Miss: How to Conduct a Simple Man-in-the-Middle Attack
We can find the item available inside the repositories of several distributions, including Kali Linux in addition to BlackArch. After searching to confirm package availability with apt-cache search mitmf, we can install MITMf using apt-get, as seen inside the example below.
sudo apt-get install mitmf
We may also wish to install the “mitmflib” package if there are any library errors during use of MITMf. You can do so using a similar command.
If we wish to build MITMf via source, we can download a copy via GitHub by running the following in a terminal window.
git clone https://github.com/byt3bl33d3r/MITMf
If you run into any issues with dependencies, the rest of the utilities needed for MITMf can be installed by running the setup script. To do so, we will initialize in addition to clone the submodules in addition to install any needed dependencies by copying the text below into a terminal window.
cd MITMf && git submodule init && git submodule update –recursive
pip2 install -r requirements.txt
If these commands fail or display errors, there may be a need to individually find in addition to install dependencies for the framework. A full manual installation guide can be available on the developer’s GitHub.
The lines above will install MITMf within the directory the git repository was cloned into. If MITMf can be installed using of which method, the tool will also need to be run via within of which same folder. The script can be run by calling Python directly with python2 in addition to specifying the script name, as shown below.
sudo python2 mitmf.py
If MITMf can be installed in its own folder, all of the commands within of which tutorial will need to be run with the command above, rather than simply by running mitmf.
Step 2: Configure MITMf
After installing MITMf, we can confirm its functionality by requesting the help page. Do so by typing the command below. The program must be run as the superuser, either by being logged in as “root” or by using sudo as shown. If the help page can be returned successfully, we can begin to add our usage parameters.
sudo mitmf –help
The first flag we’ll want to select can be our -i flag, or network interface. We can list our available network interfaces using ifconfig, run without arguments.
If we’re running of which in a virtual machine, we will see the software adapter bridge which the VM can be connected over, as well as the loopback adapter. Assuming of which the VM can be on a machine which can be successfully connected to the network, the adapter in use should be functional for running MITMf.
inside the case above, the network adapter can be eth0. On a machine directly connected to the network, of which might indicate of which the connection can be over the Ethernet adapter. Over a wireless connection, the adapter can be more likely to be wlan0 or a similarly titled adapter.
inside the example of the host machine below, the machine has both wireless in addition to Ethernet adapters available, referred to as eth0 in addition to wlan0, respectively.
Once we’ve identified the name of the adapter connected to the network we intend to target, we can add of which to our MITMf parameter string without running the item yet. In of which case, we’ll use wlan0.
sudo mitmf -i wlan0
Next, we’ll want to identify our network gateway IP, or the address of the router within our network. We can do of which quite a few ways, one of which can be by using netstat.
After identifying the IP of the router by locating the item under the Gateway column in addition to the appropriate Interface row, we can add the argument to our MITMf string. In most cases, the router address will be similar to 192.168.0.1 or 192.168.1.1.
Finally, if we wish to choose a specific target on the network, we can scan for their IP address within the network using arp-scan in addition to nbtscan in another terminal window. Nbtscan can be run using the potential network range as an argument, as seen inside the example below using every host including in addition to between 192.168.0.1 in addition to 192.168.0.255.
When running an arp-scan, we can use the -l flag to view network devices, as seen below.
If one of these MAC addresses or hostnames match of which of our target device, we can specify of which IP later as an argument.
Step 3: Flip the Internet Upside-Down
With our network right now explored, we can add our arguments to our MITMf command string in addition to run the plugins of our choice.
In of which case, we follow the -i with the network interface we wish to use, such as wlan0. We indicate we wish to use the spoof in addition to arp plugins before specifying our network gateway after the –gateway part of the string. Finally, we add –upsidedownternet to use the Upsidedownternet plugin. of which plugin will flip all images possible upside-down before forwarding them on to the user.
After putting the item together, your string should look something like below.
sudo mitmf -i wlan0 –spoof –arp –gateway 192.168.0.1 –upsidedownternet
right now, you can run the item by pressing enter in addition to observe the result. On our side, we will be able to see a log as images are flipped.
On the target device, however, all of which will be seen can be a load of upside-down images.
Much like the attack above, we can also attempt to intercept every image in addition to replace the item with one of our choice or a random image via a folder. First, we’ll want to prepare a folder of images, as we’ll need to specify of which folder as an argument for the command.
We can download a whole set of images straight via a Google Search by using “Save Page As” in addition to selecting “Web Page, complete.”
While the images downloaded using of which method will be mixed in filetype, we can move all images with matching extensions to a subdirectory. via the command line, cd into the folder containing the images in addition to make the directory with mkdir images.
Next, move all of the matching image files into of which subdirectory with the mv command below.
mv *.jpg images/
After all the usable images are inside the same directory, you can sort through them in addition to delete the ones which we do not wish to keep.
Don’t Miss: Managing Directories & Files in Linux
right now, we can use of which folder as an argument in our MITMf command. Keep in mind of which the full directory path can be needed, so rather than just /images, we’ll need to specify /home/user/images or wherever your folder can be located.
The full string will look something like the one below.
sudo mitmf -i wlan0 –spoof –arp –gateway 192.168.0.1 –imgrand –img-dir /home/user/images/
We can also target a specific device by adding a “target” IP address to the command, as seen below.
sudo mitmf -i wlan0 –spoof –arp –gateway 192.168.0.1 –target 192.168.0.2 –imgrand –img-dir /home/user/images/
Once run, we’ll be able to log in addition to view the MITMf activity.
On the client, all images will be replaced by whatever scary images we decide they deserve to see.
The attack, implemented as above, should be used with caution, as the item could cause the internet to become too downright spooky for any mere human to use without being crippled by fear.
sudo mitmf -i wlan0 –spoof –arp –gateway 192.168.0.1 –inject –js-file /home/user/script.js
of which code will open an alert window containing the text “Hacked” on any website the user connect to over the network which can be capable of being injected. We can save of which file as “script.js” or any additional file name, so long as the item’s referred to inside the MITMf command used. When run, of which script will be injected into the target’s web requests.
While of which establishes functionality for the sake of a prank or annoyance, a personal favorite can be injecting an automatically playing audio file. Yet again, of which will be saved as a specific script file in addition to added to the MITMf command.
In of which string, URL can be replaced with the web location of an audio file such as an MP3. of which audio file will play automatically on every page the user opens in addition to could be near impossible to trace the origin of. As before, the modifications will be logged to the console.
Protecting Yourself via MitM Attacks
As much fun as MITM attacks are to conduct, they present a real privacy concern in addition to danger. The most effective protection against of which variety of attack can be standard network security in addition to being aware of who can be present on a network. We can use the network scanning techniques introduced in Step 1 to identify who can be present on a network in addition to to discover potential rogue devices on your network.
MitM attacks are fundamentally only possible if someone can be allowed in between the client in addition to server of a request. A strong network password enforced with WPA2 security can enforce of which only authorized users are allowed to connect, as can the protection of an entirely wired network.
Beyond local networks, careful use of end-to-end encryption means of which even when traffic can be captured, the item cannot be deciphered. One step can be to enforce HTTPS using HTTPS Everywhere. Even with these precautions used, public networks will continue to be untrustworthy, in addition to websites will continue to fail to implement encryption. Hackers will continue to be able to hack networks … or perhaps, just prank them.
Thanks for reading! If you have any questions, you can leave a comment below or reach out to me on Twitter @Tahkion.