#sniffing #wifi network with #ettercap and #wireshark

First of all connect to access point that you want to sniff.

Open ettercap.

Click "Sniff => Unified Sniffing"

Choose your interface. In this case i use "en0"

Now we scan all hosts in the network with shortcut "ctrl+s" or click "Hosts => Scan fot hosts"

Look at the box below, it will show you alive hosts.

Now show the hosts list by click "Hosts => Hosts list" or just press "H".

Add the gateway into Target 1. In this case the gateway is
Select gateway IP address and click "Add to Target 1".
As you can see below has been added to TARGET1

Add the rest of the clients to Target 2.
Block all clients and click "Add to Target 2"

Now start the MITM attack (ARP Poisoning).

Thick the option "Sniff remote connections" and click OK.

Start the sniffing by clicking "Start => Start sniffing".

Open wireshark to capture packet.

Click "Interface List" to choose your interface.
My interface is "en0" and click "Start".

Let wireshark capture packet a while.
Filter packet with "http.cookie" to see clients cookies.

I have clients who open instagram app using iPhone.
I can see the username igfl=blablabla (the one that i blured).
As we can see, we got instagram cookie now.

In order to paste this cookie into browser, you need to install Greasemonkey plugin + Cookie injector in firefox (right corner).

Right on the "Request URI", choose "Copy => Value" and paste it into firefox.

The page will be like this coz you not logged in ({"status":"fail","message":"login_required"}).

When i open the target instagram on my phone, the user is private.

Now copy the instagram cookie on wireshark.
Right click on "Cookie:", choose "Copy => Bytes => Printable Text Only".

Paste "Wireshark Cookie Dump" on firefox by press "alt+c".

Refresh the page and you will see like a line of code but it's not. It's the instagram users.
We are now logged in to instagram.

Here is the profile page. As you can see on the right profile, i now have access to her instagram.

Happy sniffing guys.. :))

One Response so far.

  1. Blogger says:

    You might be qualified for a free Apple iPhone 7.