XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Dos attack


Xerosploit is a penetration testing toolkit whose goal is to perform man in the middle attacks for testing purposes. It brings various modules that allow to realise efficient attacks, and also allows to carry out denial of service attacks and port scanning. There are many open source tools available online for this attack like Ettercap , MITMF , Xerosploit, e.t.c

Xerosploit is default installed in Kali Linux 2017.2 or 2017.3 ,if not installed you can installed from github.

This article is on Xerosploit which provides advanced MITM attack on your local network to sniff packets , steal password e.t.c


Dependencies :-

  • nmap
  • hping3
  • build-essential
  • ruby-dev
  • libpcap-dev
  • libgmp3-dev
  • tabulate
  • terminaltables

Features :-


Step 1 : Open Terminal and Type xerosploit


XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack


Step 2 : There are various modules are available which you can see by just typing again "help" command.

  • pscan – Port Scanner
  • dos – Dos Attack
  • ping – Ping Request
  • injecthtml – Inject HTML code
  • injectjs – Inject Javascript code
  • rdownload – Replace files being downloaded
  • sniff – Capturing information inside network packets
  • dspoof – Redirect all the http traffic to the specified one IP
  • yplay – Play background sound in target browser
  • replace – Replace all web pages images with your own one
  • driftnet – View all images requested by your targets
  • move – Shaking Web Browser Content
  • deface – Overwrite all web pages with your HTML code

These are the available attacks you can perform.


XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack


Step 3 : And then type scan and press enter so that you can see all the IP addresses in your network.


XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack


Step 4 : Choose you target and type its IP, so that now it has been targeted.


XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack


Step 5 : Then again type help to see all the command your can now use.


XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack


Step 6 : For sniffing, type "sniff" in same terminal followed by "run" command and type y if you want to use sslstrip for sniffing HTTPS packets.


XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack


Step 7 : Run


XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack


Step 8 : Now you can see that as our victim is trying to open Way2sms site. Thus, the victim will be hacked


XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack


Step 9 : And see the sniffing attack is now working.


XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack


Step 10 : Enjoy !


XeroSploit Advanced MITM Attack -Sniffing|Spoofing|Injecting JS|Replacing Images|Dos attack


For References :-




I hope you enjoyed this article.


Sharing is caring

google
linkedin

About Author

Akash is a co-founder and an aspiring entrepreneur who keeps a close eye on open source, tech giants, and security. Get in touch with him by sending an email (akashchugh1994@gmail.com).


You may also like :-




Leave a Comment

Your email address will not be published. Required fields are marked *




Reader Comments [14]

cialis

What's up, its fastidious article on the topic
of media print, we all understand media is a wonderful source
of facts.

09-Apr-2019

Reply

Children songs

This paragraph is genuinely a fastidious one it assists new net people, who are wishing for blogging.

11-Apr-2019

Reply

domain names available for purchase

I have been exploring for a bit for any high quality
articles or weblog posts in this kind of area .

Exploring in Yahoo I eventually stumbled upon this web site.
Studying this information So i am happy to exhibit that I have an incredibly just right uncanny feeling I discovered just what I needed.

I such a lot certainly will make sure to do not overlook this site and provides it a look regularly.

04-May-2019

Reply

Topcon FC-2500

Do you mind if I quote a couple of your posts as long as I provide credit and sources back to your blog?

My website is in the exact same area of interest as yours and
my visitors would definitely benefit from some of the information you present here.
Please let me know if this okay with you.
Many thanks!

11-May-2019

Reply

SNR900 Manual

Pretty section of content. I just stumbled upon your weblog and
in accession capital to assert that I acquire in fact enjoyed account
your blog posts. Anyway I will be subscribing
to your augment and even I achievement you access consistently quickly.

17-May-2019

Reply

FC-120 Data Sheet

Thanks designed for sharing such a good opinion, post is pleasant, thats why i have read it fully

22-May-2019

Reply

gamefly free trial

Heya i am for the primary time here. I found
this board and I in finding It really helpful & it helped
me out much. I hope to offer one thing again and help others like you helped
me.

24-May-2019

Reply

how to get help in windows 10

I do trust all the ideas you have presented
in your post. They're very convincing and will certainly work.
Still, the posts are very short for novices. Could you please
extend them a little from subsequent time? Thank you for the
post.

25-May-2019

Reply

gamefly free trial

Remarkable! Its genuinely awesome post, I have
got much clear idea about from this piece of writing.

25-May-2019

Reply

how to get help in windows 10

I blog quite often and I truly thank you for your information. Your article has really peaked my interest.

I will take a note of your site and keep checking for new details about once a week.
I subscribed to your RSS feed as well.

27-May-2019

Reply

administration services

Because the admin of this web page is working,
no question very shortly it will be renowned, due to its feature contents.

03-Jun-2019

Reply

???????

Great delivery. Outstanding arguments. Keep up the good spirit.

10-Jun-2019

Reply

Cruz

What's up to all, it's genuinely a pleasant for me to visit this web site, it consists of
valuable Information.

08-Jul-2019

Reply

zzp

Pretty! This was a really wonderful article. Thank you for providing this information.

11-Jul-2019

Reply

Popular Posts

Get Latest Stuff Through Email


Stay Connected

Who Should Read TechTrick?

All the tricks and tips that TechTrick provides only for educational purpose. If you choose to use the information in TechTrick to break into computer systems maliciously and without authorization, you are on your own. Neither I (TechTrick Admin) nor anyone else associated with TechTrick shall be liable. We are not responsibe for any issues that caused due to informations provided here. So, Try yourself and see the results. You are not losing anything by trying... We are humans, Mistakes are quite natural. Here on TechTrick also have many mistakes..