For This Tutorial:

• Victim IP address : 192.168.8.90
• Attacker network interface : eth0; with IP address : 192.168.8.93
• Router IP address : 192.168.8.8

Requirements:

• Arpspoof
• Driftnet
• Urlsnarf

Step by Step Man in the Middle Attack :

1. Open your terminal and configure our machine to allow packet forwarding, because act as Man in the Middle Attacker, Your Machine must act as router between "real router" and the victim. 

2. You can change your terminal interface to make the view much more friendly and easy to monitor by splitting terminal window.

3. The next step is setting up arpspoof between victim and router.arpspoof -i eth0 -t 192.168.8.90 192.168.8.8

4. And then setting up arpspoof from to capture all packet from router to victim.




5. After step three and four, now all the packet sent or received by victim should be going through attacker machine.

6. Now we can try to use driftnet to monitor all victim image traffic. According to its website.

Driftnet:

Driftnet is a program which listens to network traffic and picks out images from TCP streams it observes. Fun to run on a host which sees lots of web traffic.

7. To run driftnet, we just run this


When victim browse a website with image, driftnet will capture all image traffic as shown in the screenshot below.

To stop driftnet, just close the driftnet window or press CTRL + C in the terminal

8. For the next step we will try to capture the website information/data by using urlsnarf. To use urlsnarf, just run this code



and urlsnarf will start capturing all website address visited by victim machine.

9. When victim browse a website, attacker will know the address victim visited.