1,234
edits
Changes
→Objectives
= Objectives =
* Understand how DHCP works and set up aworking server/client.* Understand which types of traffic can be captured where, from the point of view of an attacker.* Practice capturing traffic, and browsing it using Wireshark.
= PART 1: PREREQUISITES =
* This time the traffic will be between alice and lin1, and we'll do the packet capture on lin1a1, which is the gateway out of the asg1 network:<source>tcpdump -i eth1 tcp -w gatewaytcp.pcap</source>
* Which will capture all TCP traffic going through the gateway, including the communication we want to sniff.
* Open Firefox in the alice machine, close the extra tabs, and go to lin1.yourusername.ops. Type in the username and password to see your webpage.
* Stop the packet capturing on the gateway, scp the gatewaytcp.pcap file to c7host, and open it with wireshark.
* Look for a line with GET / HTTP/1.1 in the info column, and an "Authorization" line in the Hypretext Transfer Protocol section of that packet.
* With just a bit of browsing you should be able to find the username and password you've typed in when you logged in. Notice that no cracking of brute-forcing was needed.
