Is it possible to do arp spoofing on remote system?

Question

I am new to Linux/ Kali but I am trying to learn as much as I can. From past 5 days I have been googling and learning it all by myself. but I got stuck on this. I saw every video on ARP spoofing tutorial and I can perform this attack on my virtual host but I want to know how to perform this attack on other computers?

Answer 1

ARP packets are communicated within the boundaries of a single network, never routed across internetwork nodes, so you can only perform ARP attacks on computers being on the same network as you are (eg. phones, computers connected to the same Wifi).

To find hosts on your network you can do the following:

1. Figure out your IP and the subnet mask. Run the ifconfig command and look for a line like this inet addr:192.168.1.101 Bcast:192.168.1.255 Mask:255.255.255.0 This indicates that your IP is 192.168.1.101 and the subnet mask is 255.255.255.0. This means, that hosts with IP of 192.168.1.x (where x can be anything between 1 and 254) are on your network so potentially vulnerable to ARP spoofing.

2. To find hosts on your network you can use nmap. Nmap has a lot of options, but as a quick start you can run it like this: nmap -v -A 192.168.1.101/24. The option -v stands for verbose output, -A is used to perform OS detection and other stuff, the IP needs to be yours, and /24 stands for the subnet mask. (It is the number of 1s in the binary representation of the subnet mask. In the beginning it is enough to know, that 255.0.0.0 = /8, 255.255.0.0 = /16 and 255.255.255.0 = /24).

Now you can perform the same attacks as you did with your virtual machine. On a home network it will most likely work, although on larger network they might have some defense system. See this answer for more info.

And as always: only perform any test on a network you own or if you have permission beforehand. Running nmap itself might trigger an alarm (eg. NOD32 will display an alert), so be careful.