» eavesdropping/MITM

[TheXero]

hi

me and some other students had a security adminstrator from our college network give us a lesson on security 2day

he used something along with wireshark to collect every packet that was running from my computer but also coming in

he wouldn't tell us what he did, but he did say that he didn't know my mac address

does anyone have any idea what this software could be?

cheers

[MaXe]

Download and use Ettercap-ng (works best on Linux)..

It's called MITM (Man/Monkey in the Middle) which you can perform
on LAN's, his method weren't probably as good as one i would have
done which would have included me being able to see everything
going on, on the desired LAN network.

Ettercap-ng -> CTRL-S -> MITM -> Tick some Arp thing -> Start / Listen
and you're all going, or you can just google Arp Spoofing or MITM attack :)


~ MaXe

[TheXero]

nice

when i get my (recently) spare pc up and working, i'll probably use cain and abel, or dual boot with ubuntu and run ettercap

cheers for the help maxe

[Drathnar]

Arp Poisoning/MiTM Attack

See above :P

[MaXe]

It should work, though there's a GUI for ettercap-ng as well if you want to use that :)

To run it straight from console or the run-bar on linux, enter this: ettercap -G , in case
you don't have root privileges, issue this command: sudo ettercap -G ;)

Thanks for the guide Drathnar, i've given you rep for it as you can see :P


~ MaXe

[Zero Cold]

with mitim attacks if u want to gather passwords i have mixed ettercap with ssl sniff to gather msn passwords etc as the old filter im ettercap will not bypass ssl authentication

[gruenfeld777]

I am on a wireless ISP(broadcast/reciever routers) and my neighbors appear on the LAN.

I used Cain and I was able to eavesdrop on some VOIP sessions. but it's irregular, sometimes you can't hear the other side it usually saves small wav files that sound like outer space.

Im trying to figure out how to recreate the long session logging.

[MaXe]

Still, it sounded pretty cool gruenfeld xD

[gruenfeld777]

hehe yep it was fun. btw, maxe im thinking of learning python going all in. what do you recommend. I suppose php (your master art) ?

my purpose is to learn profiling websites and boxes.

Im also interested about the idea of "bouncing" after rooting a box. like using the metasploit framework as a payload. i'm curious about how exactly this increases your evasion.

[Norph]

There are of course tools to do so, but if you think of making your own, consider the following:
Profiling websites requires knowledge of HTML, JS and the like
Profiling boxes requires knowledge of the different protocols and exploits and tools (a lot of attack vectors).
Bouncing requires knowledge about TCP/IP (more specific sockets.)

But as said, there's tools for all of the above. I'm in a hurry, so please correct me. :P