Arp Spoofing 2 : Carrying out the attack

In this article we will see how to carry out an arp spoof attack which will lead to sniffing packets along with stealing credentials as well. So without further ado let’s begin…

NOTE: Please carry out this attack on the machines you own or use virtual box/VMware.

Stuffs I’ll be using: –

  1. Windows Machine (Target/Victim)
  2. Kali Linux (Attacker)
  3. Ettercap (Tool present in kali for performing MITM attacks)
  4. Wireshark (Used for sniffing packets)

Both the machines are connected in a single network.

Scenario:

Suppose the victim wants to go to a website and login there but he can’t go there directly so he will forward packets through its default gateway or the router. But the attacker will poison the arp table of the victim’s machine that the IP address of the router maps to the MAC address of the attacker, thus he will be present in the middle of the communication and as a result would sniff all the packets.

Steps:

1) Go to Kali Linux and turn on the IP forwarding or else it will drop all the packets between the target and the router.

Use the command to turn on IP Forwarding:

echo 1 > /proc/sys/net/ipv4/ip_forward

and again cross check it by the command:

cat /proc/sys/net/ipv4/ip_forward

Make sure the value is 1

2) Check your default gateway or IP of the router by the following command:

ip route

3) Go to your windows machine, open cmd and check its IP address by typing: ipconfig

4) Start the Ettercap tool GUI by typing: ettercap –G

5) Go to sniff tab and click on unified sniffing

6) Then it will ask you for the network adapter, select your own network adapter. In my case its wlan0 as because I am using a wireless network card for my KALI.

7) Click on Targets tab and select Current targets.

8) In place of target 1 add the IP address of the default gateway and in the place of target 2 add the IP address of the target (Windows machine).

9) Click on the MITM tab and select arp poisoning

10) Now select sniff remote connection and then click ok.

11) Now open Wireshark which will sniff all the packets of our target.

12) After opening select your network interface and click the start button.

13) Now go to your windows machine and try to login in any website.

14) Come back to Wireshark and try using filters like ip.addr == 192.168.0.106(target’s IP address) to show all packets related to our target only.

15) Now search for the packets for any sensitive information, but passwords mostly are sent in post requests so try looking for any post request and if you get lucky you might get something like this ? .

So that’s for now. See you next time … Goodbye

Loved what you read?

If so, then kindly follow and share our website for much more interesting stuffs ?

For any queries please send a Hi to my Linkedin Handle: Here

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *