How to Simulate Password Sniffing Attacks Using OMNeT++

To simulate a password sniffing attack in OMNeT++ has needs to generate a network environment in which a malicious node interrupts network traffic to extract sensitive information, like passwords. This attack is common in networks that send data in plaintext without encryption (such as using protocols such as HTTP, Telnet, or FTP), enabling the attacker to read packets and extract login credentials.

In this simulation, we need to setup a client-server network in which login credentials are transmitted, and an attacker node sniffs the traffic to capture the credentials. The attack can be utilized to familiarize the significance of encryption and the susceptibilities of transmitting meaningful data over unsecured channels.

Key Components for Password Sniffing Attack Simulation:

  1. Legitimate Nodes: The client and server that are interacting over the network.
  2. Attacker (Sniffer Node): A malicious node that passively track and captures network traffic to extract meaningful information.
  3. Login Protocols: The communication protocol utilized for transferring login credentials (e.g., HTTP, Telnet, FTP).
  4. Sniffing Mechanism: The process by which the attacker eavesdrops to the network traffic and captures unencoded data.

Step-by-Step Guide to Simulate Password Sniffing Attacks Using OMNeT++:

  1. Install OMNeT++ and INET Framework
  • Download and install OMNeT++.
  • Download and install the INET framework from INET GitHub repository. INET supports network communication protocols (TCP/IP, UDP, HTTP) and can be utilized to replicate both legitimate and malicious traffic.
  1. Understand Password Sniffing
  • Password sniffing refers to the process of intercepting uuencoded traffic (such as HTTP, FTP, or Telnet) to capture sensitive data like login credentials.
  • The attacker can perform in a passive mode, capturing packets without changing the traffic, making this attack hard to identify.
  1. Set up Network Topology in NED

Describe a simple client-server network in which login credentials are routed over an unencrypted protocol. The attacker node will sniff the network traffic to capture these credentials.

Example NED File for Password Sniffing Simulation:

network PasswordSniffingNetwork {

submodules:

client: StandardHost {

@display(“p=100,200”);

}

server: StandardHost {

@display(“p=300,200”);

}

attacker: StandardHost {

@display(“p=200,250”);

}

router: Router {

@display(“p=200,150”);

}

connections allowunconnected:

client.ethg++ <–> Eth100M <–> router.ethg++;

server.ethg++ <–> Eth100M <–> router.ethg++;

attacker.ethg++ <–> Eth100M <–> router.ethg++;  // Attacker on the same network

}

Explanation:

  • Client: The legitimate node that transmit login credentials to the server.
  • Server: The server that accepts the login credentials.
  • Router: Intermediate router that forwards packets among the client and the server.
  • Attacker: A malicious node that eavesdrops to network traffic and tries to capture the login credentials.
  1. Configure Login Traffic (Unencrypted Communication)

Configure an HTTP or Telnet session among the client and the server to replicate the transmission of login credentials.

Example omnetpp.ini Configuration for HTTP Login:

network = PasswordSniffingNetwork

sim-time-limit = 100s

# Server configuration (listening on HTTP port 80)

**.server.numApps = 1

**.server.app[0].typename = “HttpServerApp”

**.server.app[0].localPort = 80  # HTTP communication over port 80

# Client configuration (sending login credentials)

**.client.numApps = 1

**.client.app[0].typename = “HttpClientApp”

**.client.app[0].serverAddress = “server”  # Sending data to the server

**.client.app[0].serverPort = 80

**.client.app[0].sendInterval = 1s  # Login attempts every 1 second

**.client.app[0].request = “POST /login HTTP/1.1\r\nUser=admin\r\nPassword=secret\r\n”

This configuration replicates an HTTP client transmitting login credentials (User=admin, Password=secret) to the server in plaintext using a POST request.

  1. Implement Sniffing Attack

The attacker node will passively capture the network traffic, measure the packets, and extract sensitive data such as passwords.

Example C++ Code for PasswordSnifferApp (Sniffing Application):

#include “inet/applications/base/ApplicationBase.h”

#include “inet/common/packet/Packet.h”

#include “inet/networklayer/common/L3AddressResolver.h”

#include “inet/common/INETDefs.h”

class PasswordSnifferApp : public inet::ApplicationBase {

protected:

virtual void initialize(int stage) override;

virtual void handleMessage(cMessage *msg) override;

virtual void capturePacket(inet::Packet *packet);

public:

PasswordSnifferApp() {}

virtual ~PasswordSnifferApp() {}

};

Define_Module(PasswordSnifferApp);

void PasswordSnifferApp::initialize(int stage) {

if (stage == inet::INITSTAGE_APPLICATION_LAYER) {

// Start sniffing at the beginning of the simulation

scheduleAt(simTime(), new cMessage(“startSniffing”));

}

}

void PasswordSnifferApp::handleMessage(cMessage *msg) {

if (strcmp(msg->getName(), “startSniffing”) == 0) {

// Sniffing happens automatically as we capture packets from the network

}

delete msg;

}

void PasswordSnifferApp::capturePacket(inet::Packet *packet) {

// Check if the packet contains HTTP traffic (TCP port 80)

auto tcpHeader = packet->peekAtFront<inet::tcp::TcpHeader>();

if (tcpHeader->getDestPort() == 80 || tcpHeader->getSrcPort() == 80) {

// Extract payload to check for login credentials

const auto &payload = packet->peekDataAt(inet::b(0), packet->getTotalLength());

// Search for sensitive keywords (e.g., “User”, “Password”)

if (payload.contains(“User=”) && payload.contains(“Password=”)) {

EV << “Captured credentials: ” << payload << endl;  // Log the credentials

}

}

}

In this code:

  • PasswordSnifferApp eavesdrops to all incoming traffic and validate if the payload contains HTTP traffic over port 80.
  • If the packet contains a login request (e.g., containing the words “User” and “Password”), the credentials are extracted and logged.
  1. Configure Attacker Node for Sniffing

In the omnetpp.ini file, set up the attacker node to executes the PasswordSnifferApp and capture traffic.

# Attacker configuration for sniffing passwords

**.attacker.numApps = 1

**.attacker.app[0].typename = “PasswordSnifferApp”

This makes sure that the attacker node passively captures traffic and tries to extract sensitive information.

  1. Monitor and Capture Traffic

Allow packet capture in OMNeT++ to track the traffic and measure it using Wireshark. We can validate if the attacker is able to capture sensitive data.

Enable Packet Capture in omnetpp.ini:

# Enable packet capture to analyze password sniffing

**.pcapRecorder.enable = true

**.pcapRecorder.packetFilter = “all”

**.pcapRecorder.file = “output/password_sniffing.pcap”

This will create a .pcap file, that can be measured using Wireshark to validate if login credentials are routed in plaintext and either the attacker captures them.

  1. Run the Simulation

Execute the simulation in OMNeT++ and monitor on how the client transmit login credentials to the server and how the attacker sniffs the traffic and extracts the credentials.

  1. Analyse Results

Once the simulation is complete, evaluate the following:

  • Captured Packets: Validate whether the attacker captured any login credentials from the network traffic.
  • Packet Analysis: Utilize Wireshark to open the .pcap file and examine the HTTP traffic for unencrypted login requests and responses.
  • Intrusion Detection: We can also validate if the network can identify and log the sniffing activity (if an IDS is executed).
  1. Extend the Simulation

We can expand the password sniffing attack simulation by adding more complex behaviours:

  • Encrypted Communication: Execute encrypted communication (e.g., HTTPS) and validate if the attacker can still capture credentials.
  • Man-in-the-Middle Attack: Replicate a MITM attack in which the attacker intercepts and change the traffic among the client and the server.
  • Intrusion Detection System (IDS): Execute IDS to identify unauthorized sniffing activities and cause alerts.
  • Different Protocols: Test with other vulnerable protocols like Telnet or FTP that send data in plaintext.

Example Projects for Password Sniffing Simulation:

  1. HTTP Password Sniffing: Apply a password sniffing attack on HTTP traffic to capture login credentials routed in plaintext.
  2. Telnet Password Sniffing: Replicate a Telnet session in which login credentials are routed in plaintext, and an attacker captures them.
  3. FTP Password Sniffing: Replicate an FTP session in which an attacker sniffs login credentials and file transfer commands.
  4. Defending Against Sniffing Attacks: Execute encryption (e.g., HTTPS or SSH) and evaluate on how it mitigates the attacker from capturing sensitive data.
  5. MITM and Sniffing Combined: Mimic a Man-in-the-Middle attack in which the attacker interrupts and change communication among a client and server.

We have achieved successful the password sniffing attack project delivered by utilizing the OMNeT++ simulation environment and it contain the simulation procedures and the explanation that helps to execute the simulation. Additional specific detail regarding this process will also be provided.

The team at phdprime.com is ready to take on any kind of Password Sniffing Attacks. Just let us know what you need for your research, and we’ll come up with excellent project topics related to Password Sniffing Attacks that are tailored to your requirements. Trust phdprime.com to manage your simulation, and we guarantee that you’ll receive your simulation results promptly and with outstanding quality.

Opening Time

9:00am

Lunch Time

12:30pm

Break Time

4:00pm

Closing Time

6:30pm

  • award1
  • award2