XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Dos attack


Xerosploit is a penetration testing toolkit whose goal is to perform man in the middle attacks for testing purposes. It brings various modules that allow to realise efficient attacks, and also allows to carry out denial of service attacks and port scanning. There are many open source tools available online for this attack like Ettercap , MITMF , Xerosploit, e.t.c

Xerosploit is default installed in Kali Linux 2017.2 or 2017.3 ,if not installed you can installed from github.

This article is on Xerosploit which provides advanced MITM attack on your local network to sniff packets , steal password e.t.c


Dependencies :-

  • nmap
  • hping3
  • build-essential
  • ruby-dev
  • libpcap-dev
  • libgmp3-dev
  • tabulate
  • terminaltables

Features :-


Step 1 : Open Terminal and Type xerosploit


XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack


Step 2 : There are various modules are available which you can see by just typing again "help" command.

  • pscan – Port Scanner
  • dos – Dos Attack
  • ping – Ping Request
  • injecthtml – Inject HTML code
  • injectjs – Inject Javascript code
  • rdownload – Replace files being downloaded
  • sniff – Capturing information inside network packets
  • dspoof – Redirect all the http traffic to the specified one IP
  • yplay – Play background sound in target browser
  • replace – Replace all web pages images with your own one
  • driftnet – View all images requested by your targets
  • move – Shaking Web Browser Content
  • deface – Overwrite all web pages with your HTML code

These are the available attacks you can perform.


XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack


Step 3 : And then type scan and press enter so that you can see all the IP addresses in your network.


XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack


Step 4 : Choose you target and type its IP, so that now it has been targeted.


XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack


Step 5 : Then again type help to see all the command your can now use.


XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack


Step 6 : For sniffing, type "sniff" in same terminal followed by "run" command and type y if you want to use sslstrip for sniffing HTTPS packets.


XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack


Step 7 : Run


XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack


Step 8 : Now you can see that as our victim is trying to open Way2sms site. Thus, the victim will be hacked


XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack


Step 9 : And see the sniffing attack is now working.


XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack


Step 10 : Enjoy !


XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack


For References :-




I hope you enjoyed this article.


Sharing is caring

google
linkedin

About Author

Akash is a co-founder and an aspiring entrepreneur who keeps a close eye on open source, tech giants, and security. Get in touch with him by sending an email (akashchugh1994@gmail.com).


You may also like :-




Leave a Comment

Your email address will not be published. Required fields are marked *




Reader Comments [2]

cialis

What's up, its fastidious article on the topic
of media print, we all understand media is a wonderful source
of facts.

Reply

Children songs

This paragraph is genuinely a fastidious one it assists new net people, who are wishing for blogging.

Reply

Popular Posts

Who Should Read TechTrick?

All the tricks and tips that TechTrick provides only for educational purpose. If you choose to use the information in TechTrick to break into computer systems maliciously and without authorization, you are on your own. Neither I (TechTrick Admin) nor anyone else associated with TechTrick shall be liable. We are not responsibe for any issues that caused due to informations provided here. So, Try yourself and see the results. You are not losing anything by trying... We are humans, Mistakes are quite natural. Here on TechTrick also have many mistakes..