Book Image

Kali Linux Cookbook

Book Image

Kali Linux Cookbook

Overview of this book

In this age, where online information is at its most vulnerable, knowing how to execute the same attacks that hackers use to break into your system or network helps you plug the loopholes before it's too late and can save you countless hours and money. Kali Linux is a Linux distribution designed for penetration testing and security auditing. It is the successor to BackTrack, the world's most popular penetration testing distribution. Discover a variety of popular tools of penetration testing, such as information gathering, vulnerability identification, exploitation, privilege escalation, and covering your tracks. Packed with practical recipes, this useful guide begins by covering the installation of Kali Linux and setting up a virtual environment to perform your tests. You will then learn how to eavesdrop and intercept traffic on wireless networks, bypass intrusion detection systems, and attack web applications, as well as checking for open ports, performing data forensics, and much more. The book follows the logical approach of a penetration test from start to finish with many screenshots and illustrations that help to explain each tool in detail. The Kali Linux Cookbook will serve as an excellent source of information for the security professional and novice alike!
Table of Contents (16 chapters)
Kali Linux Cookbook
Credits
About the Authors
About the Reviewers
www.PacktPub.com
Preface
Index

URL traffic manipulation


In this recipe, we will perform a URL traffic manipulation attack. URL traffic manipulation is very similar to a Man In The Middle attack, in that we will route traffic destined for the Internet to pass through our machine first. We will perform this attack through ARP poisoning. ARP poisoning is a technique that allows you to send spoofed ARP messages to a victim on the local network. We will execute this recipe using arpspoof.

How to do it...

Let's begin the process of URL traffic manipulation.

  1. Open a terminal window and execute the following command to configure IP tables that will allow our machine to route traffic:

    sudo echo 1 >> /proc/sys/net/ipv4/ip_forward
    
  2. Next, we launch arpspoof to poison traffic going from our victim's machine to the default gateway. In this example, we will use a Windows 7 machine on my local network with an address of 192.168.10.115. Arpspoof has a couple of options that we will select and they include:

    • –i allows us to select our...