實驗一 網路攻擊軟體之操作
DESCRIPTION
實驗一 網路攻擊軟體之操作. 實驗場景. 實驗目的 1. 利用 arp poisoning 達到 man-in-the-middle attack 。 2. 學習 NetTools 的安裝及使用方法。 何謂 arp poisoning ? 又稱為 ARP 欺騙( ARP spoofing ),是針對乙太網路地址解析協議( ARP )的一種攻擊技術。此種攻擊可讓攻擊者取得區域網路上的資料封包甚至可篡改封包,且可讓網路上特定電腦或所有電腦無法正常連線。 攻擊程式 1. ettercap NG-0.7.3 win32 。 2. NetTools 5.0 。. - PowerPoint PPT PresentationTRANSCRIPT
-
1. arp poisoningman-in-the-middle attack2. NetTools
arp poisoning ARPARP spoofingARP
1. ettercap NG-0.7.3 win32 2. NetTools 5.0
*InternetIP address : 192.168.1.189MAC address : 0-1d-72-88-94-cbIP address : 192.168.1.188MAC address : 0016.d33e.ba5fIP 192.168.1.254MAC address : 001d.45ec.fdc0
-
Ettercap arp poisoning ettercap Sniff Unified sniffing *
-
Ettercap arp poisoning *
-
Ettercap arp poisoning Hosts Scan for hosts *
-
Ettercap arp poisoning Hosts Hosts list () *
-
Ettercap arp poisoning IP192.168.1.188IP192.168.1.254 Host List192.168.1.254IPAdd to Target 1Host List192.168.1.188IPAdd to Target 2
IP*
-
Ettercap arp poisoning Targets Current Targets () () *
-
Ettercap arp poisoning Mitm Arp poisoning
Arp poisoningOK*
-
Ettercap arp poisoning 192.168.1.1880016.d33e.ba5f()001d.7288.94cb () *
-
Ettercap arp poisoning 192.168.1.188arp table00-1d-45-ec-fd-c000-1d-72-88-94-cb *
-
Ettercap arp poisoning 192.168.1.188*
-
Ettercap arp poisoning 192.168.1.188
ettercap NG has a new unified sniffing method. This implies that ip_forwarding in the kernel is always disabled and the forwarding is done by ettercap. Every packet with destination mac address equal to the host's mac address and destination ip address different for the one bound to the iface will be forwarded by ettercap. Before forwarding them, ettercap can content filter, sniff, log or drop them. It does not matter how these packets are hijacked, ettercap will process them. You can even use external programs to hijack packet. You have full control of what ettercap should receive. You can use the internal mitm attacks, set the interface in promisc mode, use plugins or use every method you want. IMPORTANT NOTE: if you run ettercap on a gateway, remember to re-enable the ip_forwarding after you have killed ettercap. Since ettercap drops its privileges, it cannot restore the ip_forwarding for you.
ettercapWindows XP TCP/IP
*
-
Ettercap arp poisoning Windows XP /(TCP/IP)
TCP/IP (Regedit.exe) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\ParametersIPEnableRouter REG_DWORD 1 1 TCP/IP
*
-
Ettercap arp poisoning Stop mitm attacks(s) *
-
NetTools NetTools Ping Tracert NetStat NetTools
NetTools 5.0
*
IP Address ScannerIP CalculatorIP ConverterPort ListenerPort ScannerPing NetStat (2 ways)Trace Route (2 ways)TCP/IP ConfigurationOnline - Offline CheckerResolve Host & IPTime SyncWhois & MX LookupConnectorConnection Analysator and protectorNet SenderE-mail seekerNet PagerActive and Passive port scannerSpooferHack TrapperHTTP flooder (DoS)Mass Website VisiterAdvanced Port ScannerTrojan Hunter (Multi IP)Port Connecter ToolAdvanced SpooferAdvanced Anonymous E-mailerSimple Anonymous E-mailerAnonymous E-mailer with Attachment SupportMass E-mailerE-mail BomberE-mail SpooferSimple Port Scanner (fast)Advanced Netstat MonitoringX PingerWeb Page ScannerFast Port ScannerDeep Port Scanner
-
NetTools NetTools
Setup.exe *Setup.exe
-
NetToolsNextI accept the agrrement *NextI accept the agrrement
-
NetToolsNextFinish * NetTools 5.0
-
NetTools NetTools 5.0
NetTools 5.0 NetTools NetTools 5.0 *NetTools 5.0
-
NetTools Get Local IP IP
Get Local IP Get Local IP IP Find External IP IP Clipboard *Find External IP
-
NetTools IP Scanner
Start Address IP
End Address IP
Resolve IPs To Their Host Name
*IP Scanner
-
NetTools Fastest Host Scanner (UDP ping)
IP address
Port Number
Scan Fastest Host Scanner
*
-
NetTools Port Listen/
Port/
Protocol TCP/IP UDP
Listen
Stop *Port Listen ( netstat a)
-
NetTools Port Scanner
IP IP
Ports
Scan Port Scanner
Stop Port Scanner *Port Scanner
-
NetTools Open Port Scanner
Address IP
Ports To
Scan Open Port Scanner
Stop Open Port Scanner
Clear Results Open Port Scanner *
-
NetTools NetStat
NetStatUse NetStat With APIUse NetStat Built Into Windows
*Use NetStat With API Use NetStat Built Into Windows
-
NetTools Trace Route
Trace RouteUse Trace Route With APIUse Trace Route Built Into Windows
IP / Host
Trace Route Trace Route
Resolve IP
*Use Trace Route With API Use Trace Route Built Into Windows
-
NetTools UDP flooder UDP protocol UDP broadcast
140.125.32.15 IP
Data
Start UDP flood
Stop UDP flood
Speed *
-
NetTools Web Server Scanner Web
Web
Port Web 80 Port
Start Scan Web
Clear
Force Restart
*
-
NetTools Domain to IP (DNS) Domain Name IP
Automatically copy to clipboard if found IP
Navigate when found IP IP
Query Domain to IP
*
-
NetTools HTML Encrypter/Decrypter
Original
Compiled
Compile
Decompile
*
-
NetTools Encryption/
Text
12345
Encrypt
Decrypt *
-
NetTools Subnet MAC Address Scanner MAC Address
Subnet
Discover MAC Addresses Subnet MAC Address Scanner
IP Address IP ( 1 ~ 255 )
MAC Address MAC Address IP
*
-
NetTools Sniffer.NET
Start monitoring Sniffer.NET Stop monitoring Sniffer.NET
Packet FormPacket FormPacket form
*
-
NetTools MAC Editor Physical Address
Select Network Adapter Physical Address
Update MAC Physical Address
*
-
NetTools MD5 HasherMD5 MD5 MD5
Open MD5
MD5 from file MD5
MD5 from string MD5 *
-
*
-
http://ettercap.sourceforge.net , Ettercap http://support.microsoft.com/kb/315236/zh-tw ,Microsofthttp://users.telenet.be/ahmadi/nettools.htm http://cha.homeip.net/blog/archives/2006/05/_vs.htmlhttp://forums.remote-exploit.org/showthread.php?t=9231
*
**