As all hacker and pentester know,how secure is http (port 80) protocol? .Anyone who have little knowledge of kali linux or any other packet capturing tool can make dump a http traffic via single click.After dumping the data of network ,it will be easy for hackers and pentester to know all the incoming and outgoing traffic, like URL of website surfed,Login credential etc...
Forget about http (port 80),i want to know how secure is https (Port 443) protocol? is it really secured?.If really think,https is secured than Don't forget about NSA Spying.As per edward snowden leaked document,NSA spying the entire web even if site|Network is https protected.
Follow the below steps to encrypt the http port traffic from MITM attack
Requirement
How To Encrypt The HTTP Port Traffic From MITM
1.Start a SSH Server on the localhost
service ssh start
2.Now Go to directory of SSH Tunnel by command
cd ssh_tunnel
3.After Changing the directory to ssh_tunnel,Run the python script using command:
sudo python ssh_tunnel.py
4.Script prompt for the password to gain root access,Please enter the password of root user
5.Now Open the new terminal and change the current directory to toriptables2
cd /toriptables2
6.Start toriptables2 script using command given below:
sudo python toriptables2.py -l
7.Set your browser to use local socks port as shown in below image:
8.Now http traffic is encrypted with MITM attack
Proof Of Concept
1.To check weather http traffic is encrypted,Open the wireshark tool in kali linux using command:
wireshark
2.Now GUI mode of wireshark is open as shown in below image,select the interface and Click on start button
3.Now see the wireshark Captured session as shown in below image:
Have a look on Red highlighted line which shows all the traffic is encrypted.
Contributor:Rupert Edwards