Ok so this one is similar to the other thread i posted but this time is about the MITM attack. I'm just starting and i'm a bit overwhelmed with all the ways this can be done over wireless.
Right now i'm using airbase-ng to create a fake AP with no encription, the i create a bridge between the interface airbase-ng creates and the interface actually connect to the internet and i use dnsspoof and burpsuite to get the packages.
I have two questions:
the first is about something i can't explain with my method. Here is the code i use:
at this point, my connection to eth0 goes away,
airmon-ng start wlan0
iwconfig mon0 channel 1
iwconfig wlan0 channel 1
airobase-ng --essid test mon0
ifconfig at0 up
brctl addbr mitm
brctl addif eth0
brctl addif at0
ifconfig eth0 0.0.0.0 up
after this i still get a connection to the internet. How? Please understand i'm really a beginner and i am pretty sure i'm missing something obvious.
ifconfig at0 0.0.0.0 up
ifconfig mitm up
My second question is about the MITM attack itself. I know you guys hate when people ask how something is done, but i just wanted to know if ther are better ways than mine to accomplish what i did. I've heard about using ettercap/Arpspoof and sslstrip, is it easier / works better?