From the course: Ethical Hacking: Session Hijacking

Unlock the full course today

Join today to access over 22,600 courses taught by industry experts or purchase this course individually.

Using Subterfuge to hijack sessions through ARP poisoning

Using Subterfuge to hijack sessions through ARP poisoning - Linux Tutorial

From the course: Ethical Hacking: Session Hijacking

Start my 1-month free trial

Using Subterfuge to hijack sessions through ARP poisoning

- [Teacher] Subterfuge is a testing tool which provides a number of capabilities, including denial of service, Man in the Middle, and session hijacking, and is designed to be very easy to use. The tool is available from GitHub as shown, and can be loaded into Kali through cloning. Subterfuge runs an ARP poisoning attack on the local network to enable Man in the Middle and session hijacking. The latest release of Subterfuge requires that MITM proxy also be installed. It's installed on Kali, but if you're using another Linux distribution, then the instructions for installing this are in the preconfiguration file associated with this course. Subterfuge was hugely popular when it first came out due to its ability to do SSL stripping and intercept user accounts and passwords easily. While many sites now use more sophisticated security, and no longer fall prey to this attack, there are still a significant number that remain vulnerable. Before we demonstrate the Subterfuge tool, let's look…

Contents