Follow us on Twitter!
You cannot teach a man anything; you can only help him find it within himself. - Galileo
Friday, April 18, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 28
Guests Online: 23
Members Online: 5

Registered Members: 82829
Newest Member: mmoclauq
Latest Articles
View Thread

HellBound Hackers | Computer General | Hacking in general

Author

MitM / Listening and Forwarding


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 06-01-11 06:24
Short Version - I have physical access to a machine. I want to intercept packets coming out to find the password to a router in the HTTP headers, I have no idea how to go about this. Should I setup my laptop as a router that will act as the first hop from that machine, and then it simply listens to all the packets before passing them along to the actual router?

Long Version - Alright, here's what I'm trying to do. My dad had 2 ports forworded for my use, I was running a minecraft server on one, and a webserver on the other. Anyway, old router crapped out after 10 years, and we got a new one (Linksys E3000, if you care). I also recently got my own laptop, instead of using the communal PC. Linux Mint, if you care. Anyway, I asked him to forward the ports again, and he told me to do it myself. Of course, the thing is password protected. My dad is a pretty cool guy, he only helps me out when I really need it, forcing me to learn on my own. So, here is what I came up with to try and get the password: After a bit of social engineering, I'll get him to access the router, sending in the username and password along as part of the HTTP authentation. I want to capture those packets. I tried simply using wireshark, but I'm not getting all the traffic from the network. I need a listener somewhere between him, and the router. This gave me an idea, setup my laptop as a router and have it be the first hop between him and the router. Is this feasible? Are there better ways? I'm not too adverse to hacking together something in C that simply listens and passes on packets, but I'm betting that would be the hardest way to go about it Wink

Thanks
Author

RE: MitM / Listening and Forwarding

GTADarkDude
Member



Posts: 142
Location: The Netherlands
Joined: 23.02.08
Rank:
Newbie
Posted on 06-01-11 09:28
Google 'ARP Poisoning'. Stuff becomes harder when the router uses SSL for logging in.


...
- - -
Author

RE: MitM / Listening and Forwarding


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 06-01-11 10:48
You have physical access??

Use a keylogger..preferably one that you compile yourself..

Theres an ok one in the codebank..but its uses loads of memory.

As for making a C program to catch and send packets..Whoa..Thats over my head..I need to learn up I suppose.Smile

Added:
Forgot to mention..you can set the priority to idle class on the keylogger in the codebank...that would prevent it from grabbing ALL possible resources.Smile




Edited by on 06-01-11 10:49
Author

RE: MitM / Listening and Forwarding

GTADarkDude
Member



Posts: 142
Location: The Netherlands
Joined: 23.02.08
Rank:
Newbie
Posted on 06-01-11 23:19
If his dad won't even allow him to access their router, I doubt he will allow him to run his own software on his dad's pc. Or were you going to make him type the password on your own laptop? In either case, a keylogger is certainly easier. If you can't access your dad's pc and he's making the connection from his own pc, then ARP poisoning/spoofing is the way to go.


...
- - -
Author

RE: MitM / Listening and Forwarding

stealth-
Member



Posts: 1003
Location: Eh?
Joined: 10.04.09
Rank:
Mad User
Posted on 07-01-11 01:50
You're on Mint you said?

Code
sudo apt-get install ettercap
sudo ettercap -M arp -i <interface> -w packets.pcap -T "/<RouterIP>,<DadsIP>/"
# Get him to login to the router (not over HTTPS)
# Press "q" in the terminal to close ettercap
wireshark packets.pcap





Problem solved.
If you actually care to learn from this experience, then (like already mentioned) research ARP poisoning and how it works, and then read the ettercap manual to see what exactly the command does. It's really pretty simple.

Just starting up Wireshark and running it isn't doing a MitM attack. That's just sniffing, which will only show you your own traffic if you are on a switch. On a hub, you'll see other's traffic, but switches are more common these days. ARP spoofing is generally the easiest way to achieve a LAN MitM, and then tools like ettercap will do both the capturing and Man In The Middle setup. You can later review the packets captured with ettercap in a program you are more comfortable with (eg: Wireshark).


The irony of man's condition is that the deepest need is to be free of the anxiety of death and annihilation; but it is life itself which awakens it, and so we must shrink from being fully alive.
http://www.stealt. . .

Edited by stealth- on 07-01-11 01:55
http://www.stealth-x.com
Author

RE: MitM / Listening and Forwarding


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-01-11 02:36
ARP Poisoning, I'll look into that. I knew Wireshark was only a sniffer, but it was all I had at the time. Yes, I have physical access, but I do not, however, have logical access to his computer. A keylogger is out of the question, it's inelegant and dirty when other things will work. I'll resort to a keylogger if I have to, but I'd rather not. I'll look into ettercap. Thanks guys!

Edit: Just read up on ARP and the ettercap man pages, it's exactly what I was looking for. Once again, thanks.

Edited by on 07-01-11 05:23
Author

RE: MitM / Listening and Forwarding


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-01-11 19:08
Arbolito wrote:
ARP Poisoning, I'll look into that. I knew Wireshark was only a sniffer, but it was all I had at the time. Yes, I have physical access, but I do not, however, have logical access to his computer. A keylogger is out of the question, it's inelegant and dirty when other things will work. I'll resort to a keylogger if I have to, but I'd rather not. I'll look into ettercap. Thanks guys!

Edit: Just read up on ARP and the ettercap man pages, it's exactly what I was looking for. Once again, thanks.


Just get on the HBH IRC if you need help. - Fritzo


Author

RE: MitM / Listening and Forwarding

fashizzlepop
Member



Posts: 482
Location: Old folks home.
Joined: 08.04.08
Rank:
Moderate
Posted on 11-01-11 07:40
Are you sure it's not just the default password and user?


"The definition of insanity is doing the same thing over and over again and expecting different results.
~Albert Einstein~


csullivan.codeinspire.net/images/boomsig2.png
fashizzlepop@gmail.com http://csullivan.codeinspire.net/
Author

RE: MitM / Listening and Forwarding


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 15-01-11 02:09
fashizzlepop wrote:
Are you sure it's not just the default password and user?


I may be uninitiated, but I'm not stupid Pfft