-

Perform Man in the Middle Attack in Network using Xerosploit

Xerosploit is a penetration testing toolkit whose goal is to perform man in the middle attacks for testing purposes. It brings various modules that allow realising efficient attacks, and also allows carrying out denial of service attacks and port scanning. Powered by bettercap and nmap
First of all the github repo with command:
git clone https://github.com/LionSec/xerosploit.git
Now install xerosploit by running the python script in cloned folder with command:

./install.py

Now run xerosploit with command:
xerosploit

Now run the following command on xerosploit console to know the initial commands:
help
And now scan the network for connected devices with command:
scan

Now enter the IP of the targeted system on the terminal.

Now enter help command on the console to view all the available modules

We will be using the 4 modules in this article:
DRIFTNET
First of all we will use driftnet module to capture all the images the victim is surfing on the web with following commands:
driftnet
run

All the captured images will be saved in the /opt/xerosploit/xedriftnet directory.

REPLACE
Now we will use a replace module to replace the all the images on the victim’s web browser with command:
replace
And then to execute the module enter command:
run
And then give the path to the image file you want to be replaces with.
Hit ctrl^c to stop the attack.

As you can see the images on the victim’s browser are replaced with our image.

SNIFF
Now run the following module to sniff all the traffic of the victim with command:
sniff
and then enter the following command to execute that module:
run
Now it will ask you if you want to use SSLTRIP to strip the HTTPS URl’s to HTTP so that we can the catch the login credentials in clear text. So enter y.
Now it will open a separate terminal in which we can see all the credentials in clear text. As you can see it has successfully captured the login credentials.



This toutrial is for educational purpose only please do not miss use this to harm others......

Comments

Post a Comment

Popular posts from this blog

-
Image
  How To Hack A CCTV Camera? Hi Friends. Now a days CCTV cameras are used many place like shops, malls, offices, warehouse etc and more. for security reason and for many more purposes. This articles show you how to hack CCTV cameras. If search on Google for CCTV camera hacking , you will be find tricks for public CCTV camera hacking tricks. But here you will be hack private CCTV cameras Step 1 Download Angry Ip Scanner Angry Ip scanner is powerful GUI Port scanner . Angry Ip scanner available for all major OS.   Step 2 Choose Ip Address Range Its important that how to choose proper ip address range for CCTV camera hacking. CCTV cameras are connected with broadband internet connection. If your accessing broadband router then find your public ip address. Just type 'My IP' in Google or Bing search bar. Google will show your public ip address Here 77.247.181.165 is my public ip . So ip range can be 77.247.181.1 o 77.247.181.255 or 77.247.
Read more
-
Image
  ALL IN ONE HACKING APPS DOWNLOADER( BUGTROID PRO).... About Bugtroid Pentesting PRO Bugtroid Pentesting PRO is a Tools app developed by Bugtraq-Team. The latest version of Bugtroid Pentesting PRO is 5.0.1. It was released on . You can download Bugtroid Pentesting PRO 5.0.1 directly on Allfreeapk.com. Over 133 users rating a average 4 of 5 about Bugtroid Pentesting PRO. More than 5000 is playing Bugtroid Pentesting PRO right now. Coming to join them and download Bugtroid Pentesting PRO directly! What's New Version 5.0 bugtroid fixed for android 2.x Version 5.0.1 Flu android fix Details :::::::::::::: ROOT NEEDED!!:::::::::::::: :::::::::::::: INTERNET NEEDED!! :::::::::::::: ANDROID VERSION COMPATIBLE => 2.x, 3.x y 4.X Bugtroid is an innovative tool developed by the team ofBugtraq-Team. The main features of this apk, is that it has more than 200Android and Linux tools (PRO) for pentesting and forensics throughits Smarthphone or tablet. It has a
Read more
-
Image
How To Download Crack Avast Antivirus + Licence Key+Serial Key |   until   2022 WHAT IS AVAST? You probably already know that Avast Free Antivirus 2019 is  totally free  and you don’t have to pay a cent to be protected. At least if you’re using it in your household for non-commercial activities. However, there is one thing you have to do within the  first 30 days  and  each year  after. Even though you will get the license only for 1 year, you can get a new one when it expires. So you can basically keep using Avast  for free forever . It’s called  activation  for a  license key  (activation code) or  serial key , and it’s very simple.  It also works in any older version like Avast 2018, 2017, 2016, 2015, 2014, 8, 7, 6, 5 or v4.8. In the past, Avast was also using  license files  which were generated for a specific e-mail address. License files are luckily not used anymore and the only thing you need is a  simple  28-character long unique code. Look inside Avast Premi
Read more