In this Kali Linux tutorial you will learn how we can run a MITM assault with Net Creds. Net credits are a python-based script that sniffs victim log-in credentials on the site. Download the software here for Net Creds.
Run the script on windows or on Linux machines, so you can run the script on the windows compiler using python.
Here I used Kali Linux for snipping network victims. It is not important to install Python in Kali Linux.
System Attackers(Kali Linux)
- Run the script using a command: net-creds.py python -i andh0-
- Choose your interface, here I choose -i eth0 as my interface.
Username Sniff Out & Password
- Net-creds sniff out URLs visited to capture clear protocols for network text.
- Over illustrated image, sniffed data displays interesting juicy items in the HTTP protocol GET & POST query.
- Banking login credentials can be found here in POST Demo.testfire.net website request.
Check the Credentials of Victims
- Let’s check out the sniffed credentials to login.
- Bingo!!! Bingo! Successful username and password login.
Net-creds protocols capable of sniffing
- POST loads sent,HTTP logins/passwords form,HTTP basic auth logins/passwords,HTTP searches,POP logins/passwords.
- The following protocols are all supported: IMAP logins/passwords,Telnet logins/passwords,SMTP and SNMP,SNMP community-string,NTLMv1 and v2: HTTP,SMB, LDAP and Kerberos.
Protocols Vulnerable for MITM attack
- HTTP: Sends passwords in clear text
- TELNET: Transfer commands in plain text
- SNMP: Sends passwords in clear text
- POP: Sends passwords in clear text
- FTP: Sends passwords in clear text
- NNTP: Sends passwords in clear text
- IMAP: Sends passwords in clear text
Attack mitigation for MITM
- Packet sniffer defense is first to use strong authentication, for example with one-time passwords.
- Anti-sniffing tools to detect the use of network sniffers.
- Includes Secure Shell Protocol (SSH) and Secure Sockets Layer (SSL), which implement cryptographic protocols for network management.