This will work only if user is not using ssl for facebook i.e. his URL don’t have https and is in your LAN
Man In The Middle Attack :
First of all we need some introduction to MITM. As its name suggests its a situation when a person(attacker) intercepts your connection with some other user or site and gains access to your data. This data may be your user name, password, cookies or credit card number. But if your connection is ssl secured then it’ll not be possible for attacker to decrypt your data .
We gonna need following tools during this tutorial
- Wireshark : To sniff data packets
- Can & Abel (windows) or Ettercap (linux): To perform MITM attack
- Firefox : Its more developer friendly
- Greasemonkey Addon : To insert cookies into the browser
How this gonna work
Well what we are going to do is… we will divert all internet traffic from victim’s computer to us . Then using Wireshark we will read particular cookie values which uniquely defines a user for faceboook . For example if you check cookies stored by facebook in your browser, you’ll find two cokies namely datr and c_user. These are the main cookies we are trying to steal. Then we’ll insert those cookies into our browser using addons(we’ll come to that later).
Step 1 : Perform MITM attack
Install and open Cain & Abel.
- Start Sniffer by clicking button shown in red box. Then go to Sniffer tab.
- Right click on screen and select “Scan Mac Addresses”. Screen will be populated with all users in your LAN.
- Make sure the user you want to attack is on list.
- Now click on “ARP” on bottom and then click on “Plus” icon to add user in victim list. A windows named “New ARP Poisoning Routing ” will pop up.
- You will see windows divided in two parts. Select the victim’s ip in left part and your default gateway in right half. For example i’ll select 10.10.107.19 as victim and my gateway is 10.10.107.254
- Click on start ARP option shown in red box. You’ll see ip listed in lower half window.
Now the data of victim is flowing through your computer. We will find out how to read that data and get access to user’s credentials in Next tutorial.