Man-in-the-Middle (MitM) Attack
Learn how an attacker can intercept and potentially alter communication between two parties.
Live Attack Scenario: Coffee Shop
You are the attacker. Use the terminal below to intercept a victim's bank credentials.
Victim
Attacker (You)
Bank Server
Attacker Terminal
Attacker terminal initialized. Type `help` for commands.
Intercepted Data
Mission Briefing
Your goal is to intercept the victim's bank credentials. Follow the steps below.
Step 1: Create an "Evil Twin" Hotspot
Create a malicious Wi-Fi hotspot with an enticing name to lure the victim into connecting to you instead of the legitimate coffee shop Wi-Fi.
create_hotspot "Cafe_Free_Wifi"Step 2: Sniff Network Traffic
Now that the victim is connected to your hotspot, start a packet sniffer to capture all data they send and receive.
sniff_trafficStep 3: Capture Credentials
Wait for the victim to log into a non-secure (HTTP) site. Their credentials will appear in the "Intercepted Data" window.