Xplico: pentest tool di kali linux

From OnnoWiki
Jump to navigation Jump to search

sumber: https://codingsec.net/2016/04/xplico-penetration-testing-tools-kali-linux/


The goal of Xplico is extract from a network traffic capture the applications data contained. For example, from a pcap file Xplico extracts each email (POP, IMAP, and SMTP protocols), all HTTP contents, each VoIP call (SIP), FTP, TFTP, and so on. Xplico isn’t a network protocol analyzer. Xplico is an open source Network Forensic Analysis Tool (NFAT). Xplico is released under the GNU General Public License and with some scripts under Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported (CC BY-NC-SA 3.0) License. For more details seeLicense.

Disclaimer – Our tutorials are designed to aid aspiring pen testers/security enthusiasts in learning new skills, we only recommend that you test this tutorial on a system that belongs to YOU. We do not accept responsibility for anyone who thinks it’s a good idea to try to use this to attempt to hack systems that do not belong to you

instalation

to instal xplico open a new terminal ans type

apt-get install xplico

using xplico

to use xplico open your web browser and type http://localhost:9876

22

If xplico was not started :

877

open a new terminal and type service xplico start

75

open your browser and logg in as admin , you will see a webpage like that

sellect new case , type case name then creat

xp

then sellect that case

xp1

then select new session

xp3

name a session and click creat

xp4

and you will get a webpage like that

xp5

now we gonna launch “ettercap” to start capturing traffic

open a new terminal and type ettercap -G

xp6

now we gonna select unified sniffing

xp7

here we need to chose our network interface and then click OK

xp8

now we gonna make a scan for hosts

xp9

now we have all hostes in our local network, next we need to chose a target to do that just select an ip address and click Add to target 1 also we can add more than one target .

in this tutorial im gonna select a windows xp machine as a target

xp10

select mitm and click ok to launch that

xp11

and then start sniffing

xp12

now we are enable to sniff traffic going between the systeme and our gateway

now we go back to xplico select eth0 interface and click start

xp13

then we move over to our windows xp machine and go to internet explorer and search for exempel for cats as we can see here

xp14

then go back to our kali linux machine and click stop sniffing xp15

browse through between data collected on that traffic graphs,web, mail,chat ….

we can show the google traffic

xp16

and if we select images we can see all images traffic



Referensi