WINDOWS 7 - SNIFFING
- Layout for this exercise:
- Metasploit
provides the module sniffer, what be loaded from a meterpreter
session:
- Checking
how many interfaces are available for sniffing, let's take one with
parameter "usable:true":
- The sniffing process starts on interface 2, allocating 10000 packets to the buffer:
- Some traffic is generated, for instance pinging from the attacker Kali to the victim Windows 7:
- Statistics of the sniffing process:
- Captured packets can be dumped to a file with pcap format, for instance let's name it readable_with_wireshark.pcap:
- Stopping the sniffing process:
- From
another console, captured packets can be read with Wireshark
application:
- Wireshark
shows all the traffic generated by the ping's between the attacker
and the victim:
