{"id":3673,"date":"2012-06-03T17:39:19","date_gmt":"2012-06-03T20:39:19","guid":{"rendered":"http:\/\/www.ethicalhacker.com.br\/site\/?p=3673"},"modified":"2019-07-18T12:25:06","modified_gmt":"2019-07-18T15:25:06","slug":"interceptando-dados-com-wireshark","status":"publish","type":"post","link":"https:\/\/www.ethicalhacker.com.br\/site\/2012\/06\/tutorial-backtrack\/interceptando-dados-com-wireshark\/","title":{"rendered":"Interceptando Dados com Wireshark"},"content":{"rendered":"<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p style=\"text-align: justify;\">\u00c9 espantoso quando vejo alunos utilizando a rede da faculdade para acesso a e-mails particulares ou at\u00e9 mesmo acesso a bancos, acredite \u00e9 verdade! O desconhecimento sobre intercepta\u00e7\u00e3o de dados e escuta de rede \u00e9 quase geral e muitos n\u00e3o levam em considera\u00e7\u00e3o a seguran\u00e7a da informa\u00e7\u00e3o.<\/p>\n<p style=\"text-align: justify;\">Diante do exposto, decidi escrever esse pequeno artigo sobre captura de dados utilizando o analisador de tr\u00e1fego Wireshark, t\u00e9cnica tamb\u00e9m conhecida com sniffer.<\/p>\n<p style=\"text-align: justify;\">Bastaria um usu\u00e1rio mal intencionado rodar o aplicativo na rede e a captura seria executada com sucesso.<\/p>\n<p style=\"text-align: justify;\">A seguir veremos a captura de dados de usu\u00e1rio e senha em um pequeno script que constru\u00ed em PHP. \u00c9 logico que o ambiente \u00e9 fict\u00edcio e executado em m\u00e1quina virtual e deixo claro que ningu\u00e9m teve os dados capturados.<\/p>\n<p style=\"text-align: justify;\">Bem, o primeiro passo \u00e9 rodar o sniffer, vamos faz\u00ea-lo no BacklTack, mas vale deixar claro que existem tamb\u00e9m vers\u00f5es para Windows e inclusive vers\u00e3o \u201cPortable\u201d.<\/p>\n<p style=\"text-align: justify;\"><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t1.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-3675\" title=\"t1\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t1.png\"  alt=\"\" width=\"600\" height=\"103\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t1.png 600w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t1-300x51.png 300w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/><\/a><\/p>\n<p style=\"text-align: justify;\">O Wireshark ser\u00e1 carregado conforme figura a seguir:<\/p>\n<p style=\"text-align: justify;\"><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t2.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-3676\" title=\"t2\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t2.png\"  alt=\"\" width=\"600\" height=\"416\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t2.png 600w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t2-300x208.png 300w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>Carregado o \u00a0Wireshark basta selecionar a placa de rede conforme figura abaixo:<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t3.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-3677\" title=\"t3\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t3.png\"  alt=\"\" width=\"500\" height=\"256\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t3.png 500w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t3-300x153.png 300w\" sizes=\"auto, (max-width: 500px) 100vw, 500px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>O Wireshark come\u00e7ar\u00e1 a escuta, ent\u00e3o vamos acessar nosso site laborat\u00f3rio e digitar o usu\u00e1rio admin e senha 123<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t4.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-3678\" title=\"t4\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t4.png\"  alt=\"\" width=\"600\" height=\"254\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t4.png 600w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t4-300x127.png 300w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>O pr\u00f3ximo passo, \u00a0filtraremos nossa escuta para verifica\u00e7\u00e3o de protocolos http<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t5.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-3679\" title=\"t5\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t5.png\"  alt=\"\" width=\"600\" height=\"94\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t5.png 600w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t5-300x47.png 300w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>A seguir faremos uma an\u00e1lise do tr\u00e1fego capturado:<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t6.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-3681\" title=\"t6\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t6.png\"  alt=\"\" width=\"600\" height=\"312\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t6.png 600w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t6-300x156.png 300w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>Ap\u00f3s verificarmos a captura do endere\u00e7o site\/index\/loga.php , vamos dar um clique com o bot\u00e3o direiro do mouse sobre o pacote e selecionarmos<\/p>\n<p>Follow TCP Stream\u00a0conforme figura a seguir:<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t71.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-3682\" title=\"t7\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t71.png\"  alt=\"\" width=\"600\" height=\"465\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t71.png 600w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t71-300x232.png 300w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>Vamos ent\u00e3o verificar o conte\u00fado do pacote:<\/p>\n<p><a href=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t8.png\" class=\"gallery_colorbox\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-3683\" title=\"t8\" src=\"http:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t8.png\"  alt=\"\" width=\"600\" height=\"312\" srcset=\"https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t8.png 600w, https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/t8-300x156.png 300w\" sizes=\"auto, (max-width: 600px) 100vw, 600px\" \/><\/a><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n<p>Bem, ai est\u00e1 ! \u00a0user=admin&amp;senha=123<\/p>\n<p>Isso tamb\u00e9m ocorrer\u00e1, com outros protocolos que transitam em texto pleno, exemplos: FTP, Telnet, TFTP, etc.<\/p>\n<p>A contramedida para o tipo de ataque se faz atrav\u00e9s de conte\u00fado criptografado, isto diminuir\u00e1 a exposi\u00e7\u00e3o dificultando a a\u00e7\u00e3o do invasor.<\/p>\n<p>At\u00e9 a pr\u00f3xima.<\/p>\n\r\n\t\t<div class='author-shortcodes'>\r\n\t\t\t<div class='author-inner'>\r\n\t\t\t\t<div class='author-image'>\r\n\t\t\t<img src='https:\/\/www.ethicalhacker.com.br\/site\/wp-content\/uploads\/186048_100001838322519_1550894_n-11668_57x57.jpg' alt='' \/>\r\n\t\t\t<div class='author-overlay'><\/div>\r\n\t\t<\/div> <!-- .author-image --> \r\n\t\t<div class='author-info'>\r\n\t\t\t<p>Autor:\u00a0<strong>S\u00edlvio C\u00e9sar Roxo Giavaroto<\/strong><\/p>\n<p>\u00c9 MBA Especialista em Gest\u00e3o de Seguran\u00e7a da Informa\u00e7\u00e3o,\nTecn\u00f3logo em Redes de Computadores, C|EH Certified Ethical Hacker,\natua como Pentest e Analista de Seguran\u00e7a em Servidores Linux no\nGoverno do Estado de S\u00e3o Paulo, Professor Universit\u00e1rio , \u00a0Instrutor\nC|EH e C|HFI.<\/p>\n<p><em>\u00a0<\/em>\r\n\t\t<\/div> <!-- .author-info --><\/p>\r\n\t\t\t<\/div> <!-- .author-inner -->\r\n\t\t<\/div> <!-- .author-shortcodes -->\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; \u00c9 espantoso quando vejo alunos utilizando a rede da faculdade para acesso a e-mails particulares ou at\u00e9 mesmo acesso a bancos, acredite \u00e9 verdade! O desconhecimento sobre intercepta\u00e7\u00e3o de dados e escuta de rede \u00e9 quase geral e muitos n\u00e3o levam em considera\u00e7\u00e3o a seguran\u00e7a da informa\u00e7\u00e3o. Diante do exposto, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":3674,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[101],"tags":[],"class_list":["post-3673","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tutorial-backtrack"],"_links":{"self":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/3673","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/comments?post=3673"}],"version-history":[{"count":6,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/3673\/revisions"}],"predecessor-version":[{"id":10558,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/3673\/revisions\/10558"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/media\/3674"}],"wp:attachment":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/media?parent=3673"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/categories?post=3673"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/tags?post=3673"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}