ThosepacketscanbeexaminedforvariousattributessuchasthesourceanddestinationIPaddress,whatportisgoingtoandcomingfrom,theASCIIcharactersinthepacket,andifwe'relucky,maybeapasswordortwo.UsuallyoursniffingisvisualizedliketheWiresharkoutputbelow.
Whatnoneofthesetoolsdoisdetectanddisplaygraphicfilesthatarepassingoverthewire.Thiswouldrequirethatsuchatoolwouldbeableto...
Thatisquiteataskforanytooltodo.
Let'sfireupKaliandopendriftnet.GotoApplications,KaliLinux,Sniffing/Spoofing,WebSniffers,andthendriftnet
Whenyoudo,youwillbegreetedbythisdriftnethelpscreen.
Usingdriftnetisverysimplewithoutanyoptions.Simpletypethefollowingattheprompt.
Whenyoudoso,driftnetwillopenasmallXwindowscreenintheupperleft-handcornerasseeninthescreenshotbelow.Expandthatscreenaslargeaspossible,ifyouwanttoseetheimagesgoingacrossthewire.
Ifyoudonotdesignateadirectorytostoretheimagesin(-dswitch),driftnetwillcreateadirectorywithinyour/tmpdirectorytostoretheimagesitcaptures.
Ofcourse,ifit'syourownAPandyou'recuriousastowhatyourchild,spouse,orgirlfriendisviewingonline,youwon'tneedtodoanycracking.Yousimplystartsniffingthetrafficandcapturingthegraphicimageswithdriftnet.
Now,let'sgobacktothedriftnetXwindowscreentoseewhatareneighborhasbeenviewing
Hmm...lookslikehehasn'tbeenviewingpornatall,butratherthelatestSportIllustratedSwimsuitissue!
Theviewerindriftnetisgreattoviewwhatiscrossingthewireinreal-time,butdriftnetalsocapturestheimagesandplacesthemonyourcomputerinthe/tmpdirectory.Navigatetothe/tmpwiththefollowing.
Then,listallthedirectoriesthere.
Attheverytopofmyscreenandthedirectorylisting,youcanseeanewdirectorynameddrifnet-y46mNv.Notethatdriftnetisspelledincorrectly.Afterall,itisonlyabeta.
Next,navigatetothatdirectory.
Andthenlistthecontents.
Herewecanseealltheimagesthatdriftnetcapturedasweweresniffingourneighbor'straffic.DriftnetcanalsobeusedtocaptureMPEG4filesandaudiofiles,butI'llleavethatforanotherday.