How to Perform Sniffing Attack with Xerosploit Framework?

How to Install Xerosploit – An Advanced MITM Framework on Linux?

Step 1: Launch the Xerosploit Framework

Now that Xerosploit is fully installed, we can launch the core framework to access its web penetration testing capabilities. To do this by running the main execution script xerosploit.py from within our cloned repository directory :

xerosploit

Launching Xerosploit Framework

Step 2: List of the Modules

The Xerosploit console now running, our next step should be to see the available modules and commands before proceeding with scanning or exploitation. The help command will output a listing of all built-in Xerosploit modules we can use.

help

List of the Available Modules

Step 3: Scanning the Network

Now that we have an overview of Xerosploit’s capabilities, we can begin reconnaissance and information gathering on our web application target. The scan module provides automated crawling, mapping, and auditing of the target site to detect surface vulnerabilities. We can run a scan using:

scan

Scanning the Available Networks

Step 4: Select the Target

We simply copy our intended IP Address target into the input, paste it at the prompt, and hit enter to confirm the selection.

Select the Target IP address & Paste it

After Pasting the IP address you can see the Prompt of that your Target is Set.

Target is Set

Step 5: Setting up the Sniffing Module

After Setting up the Target we need to set the Module that we want to use. Use the following Command to list the Modules.

help

This is the List of our Modules Below :

List of the Modules using the “help” Command

Step 6: Using the Sniff Module

Xerosploit has a useful sniff module that lets us intercept and analyze web traffic to and from the target during assessments. We can enable network sniffing in Xerosploit using a three-step process:

1. First, we load the sniffer module:

sniff

2. Next, we activate continuous sniffing by running:

run

3. Finally, we permit the inclusion of Loading the SSLstrip data with:

Using the Sniff Module

Step 7: Captured & Intercepted Data from the IP Address

After Running all the above commands you can see Some windows popping up, which captures the data. When the Victim opens the Browser and Surf the websites, then all the surf data will be sniffed and shown in the opened windows.

Intercepting the Victim’s IP Address.

In the below screenshot, you can see the Captured Data and the Visited Sites from the victim’s Computer and Overall Data Packets.

Visited Websites and Overall Data

Sniffing with Xerosploit – An Advanced MITM Framework

Xerosploit is an open-source framework that makes it easy to perform man-in-the-middle (MITM) attacks on networks you have access to. The goal of an MITM attack is to get between two parties communicating and intercept or even alter their communications without them realizing it. The key advantage of Xerosploit is it automates many complex MITM attack techniques so even a beginner can sniff lots of sensitive information off a network. However, it is meant only for ethical, authorized testing, as MITM attacks capture private data and can violate wiretapping laws.