Eavesdropping Lab

Eavesdropping is an act of  intercepting the data in a communication progress between two points.

Digitally,  Eavesdropping is in form of sniffing the data that is changed in the network communication. Eavesdropping can be done by using specialized tool for packet sniffing such as Wireshark and TCPDUMP which can be found in the KaliLinux. The step by step demonstration of Eavesdropping will be discussed in this post.

Target IP:192.168.1.102

1.Start TCPDump and start capturing packet

TCPDump is the tool that is used for capturing the packet/data in the network traffic.

In this demonstration the captured packet/data will be written into a .pcap file

.pcap file can be created by typing the command:

tcpdump -vnn -i eth0 host [target ip] -w [filename].pcap

 

 

to stop the sniffing press on ctrl + C to stop the process and the .pcap file will be automatically created in the document directory.

2.Use WireShark to do analysis on the .pcap file

Similar to TcpDump, WireShark is a packet sniffing tool. However, unlike the TCPdump wireshark has user interface which make data analyzer easier to beginner.

 

Now we can see on the TCP traffic that belong to the target.

 

3.Proof

The image Below show the IP address of the victim

 

References:

https://www.techopedia.com/definition/13612/eavesdropping

Leave a Reply

Your email address will not be published. Required fields are marked *