During this session, I'll investigate themes such as footprinting, spoofing and denial of service attacks.
I spin up the rogue VM and open Zenmap to target IP 10.1.0.1/24, the server, the click scan.
Through the topology tab, we quickly identify all our active network nodes
Clicking 'host details' brings you to a window that describes the selected network node. Zenmap tries its best to determine what OS the nodes are running, and you also get a view of how man y ports are open. The bomb shows you that a machine is open for attackers, the safe shows that it is 'safe'.
We now use the well-known protocol analyzer Wireshark to set up sniffing on the comm. between the client and the server. As this picture shows, we get a detailed overview over the communications between the two.
For MiTM (Man in the middle) atacks, we first take note of the mac and IP adress of the client and server.
After noting the mac and IP address, we plot them into the following command, replacing placeholders;
'netsh interface ipv4
add neighbors Ethernet server_IP server_MAC'
We then see that the IP mode changed from dynamic to static.
For our planned man-in-the-middle attack, we set up Ettercup to sniff and scan
After activating the ARP poisoning, we see the IP's returning to dynamic, but now under new addresses. The eagle-eyed will also detect that we can actually see the Rogue running on the network, something we could be way more subtle about
We once again set up Wireshark to record, and go to or client to do some browsing. After having spun up some network traffic on the client, we return to the rogue and find Ettercap having successfully sniffed and replaced original IP's and macs.
For the last part of this lab, we construct a DDOS attack on our server. First, we go to our client to get a feel for the loading speed of our webpage.
On the Rogue, we utilise Low Orbit Ion Cannon (LOIC) and lock it onto our server's IP. We launch our attack and wireshark goes ballistic. We return to the client and observe the load speed of the website having substantially fallen.
Lab Two Review
As sniffing and man-in-the-middle attacks get more usual, I think this was a good primer on the subject. It provides a basic understanding of how one plans, initialises and executes an attack, but it also shows how easy it is for these tools to end up in wrong hands. Be it a teenager shutting down a school website, or a terrorist wanting to hurt someone.
Overall I really learned a lot from this lab, and am definately looking forward to the next one!