Introduction
In this post, You will learn what is urlsnarf and how does it work and below is the video format of the post, check it out.
What is urlsnarf ❓
urlsnarf outputs all requested URLs sniffed from HTTP traffic in CLF (Common Log Format, used by almost all web servers), suitable for offline post-processing with your favourite weblog analysis tool (analog, wwwstat, etc.).
Useful commands in urlsnarf
There are only a few commands in urlsnarf they are
- -n: Do not resolve IP addresses to hostnames
- -i: Interface
- -p: pcapfile
- -v: versus mode
The urlsnarf tool was invented by dugsong@monkey.org
How to use urlsnarf
It is very easy to use urlsnarf, But you should understand where you should use the tool.
The tool is useful after exploitation, or at the Information gathering point.
Once you have compromised the targets network using aircrack-ng or any other wireless attack tool the use urlsnarf to listen to what exactly the target is searching for or what is happening in the target network.
To use the tool yu can just enter
urlsnarf -i eth0
urlsnarf -i <Target network>
I am using eth0 as the target network and there is also a disadvantage that is the tool is built to sniff only in ports 80, 8080, 3128.
Where is the popular port 443 is not listed so, Mostly probably we can’t sniff using urlsnarf in HTTPS sites?
Conclusion
Urlsnarf is a great tool to do sniffing but the tool doesn’t sniff port 443 which is a big disadvantage.
Also Read: Arpspoof full tutorial from noob to pro
