How to Use Ettercap and SSLstrip for a Man in the Middle Attack

What’s a Man in the Middle Attack (MITM)?

A MITM is a kind of cyber attack where a Hacker/Penetration tester compromises your network and starts redirecting all the network traffic through his own device (Laptop, Phone, Raspberry Pi, etc.).

What’s bad in these attacks is that the hacker, between attacking you, can see all your browsing information like your Passwords, Usernames, Emails, and even the messages you’re sending across.

How to Use Ettercap and SSLstrip for a Man in the Middle Attack

These kinds of attack don’t tend to work with a website using “HTTPS.”

But, with a tool like SSLstrip, it can easily strip of the user “https” back to “http”. This means the attack will get your information in plain text.

Basic Ways to Mitigate an Attack

• Always check if a site is using “https”.  If the site does use “https,” and it automatically changes to“http”, know there’s a “MITMA” happening on the network.
• Don’t share your WiFi password with people you don’t know or trust.
• Be careful about the kinds of details and websites you visit when using a public computer.

 

Using Ettercap and SSLstrip for a Man in the Middle Attack

The script can be found on github: https://github.com/Phexcom/Ettercap-and-sslstrip

#MITM Attack using Ettercap-and-sslstrip

This script was written in Bash to fire up Ettercap and SSLstrip during a Network Penetration testing. Here’s how to run it:

1. chmod +x sniffer.sh

2. ./sniffer.sh

3. Enter the network interface when prompted

4. When the other tab is opened, just click the enter key

Requirements:

1. Ettercap  – https://ettercap.github.io/ettercap/

2. SSLstrip  – https://moxie.org/software/sslstrip/

Installed on Kali by Default:

Kali OS  – https://www.kali.org/downloads/

This script helps us utilize Ettercap and SSLstrip by first enabling IP forwarding and then setting our IP table to listen at port 10000.

Thanks, Ettercap and SSlstrip!  This information is for educational purposes only.