Eavesdropping is an act of intercepting the data in a communication progress between two points.
Digitally, Eavesdropping is in form of sniffing the data that is changed in the network communication. Eavesdropping can be done by using specialized tool for packet sniffing such as Wireshark and TCPDUMP which can be found in the KaliLinux. The step by step demonstration of Eavesdropping will be discussed in this post.
1.Start TCPDump and start capturing packet
TCPDump is the tool that is used for capturing the packet/data in the network traffic.
In this demonstration the captured packet/data will be written into a .pcap file
.pcap file can be created by typing the command:
tcpdump -vnn -i eth0 host [target ip] -w [filename].pcap
to stop the sniffing press on ctrl + C to stop the process and the .pcap file will be automatically created in the document directory.
2.Use WireShark to do analysis on the .pcap file
Similar to TcpDump, WireShark is a packet sniffing tool. However, unlike the TCPdump wireshark has user interface which make data analyzer easier to beginner.
Now we can see on the TCP traffic that belong to the target.
The image Below show the IP address of the victim