I would like to clarify that this is not aimed at being a malicious attack and is being assisted by my school's IT department and my computer science teacher. It is fully sanctioned.
The primary goal is to intercept a computer, then using the driftnet
program to intercept all pictures being loaded to the client's computer.
The syntax of my commands is correct (proved by me testing at home with perfect results), but I think my failure is related the school's networking. This is supported by the fact that when I run bettercap
with targets specified correctly, it returns that it is unable to determine the router's MAC. When I run arpspoof
, the output appears to be completely normal, but the client's Internet is completely interrupted, it is stuck at loading then displays a connection error. This is fixed when I stop arpspoof
. And yes, I have run: $sudo sysctl -w net.ipv4.ip_forward=1
My procedure:
- 10.47.68.107 is the client
- 10.47.0.1 is what the client says is the router in preferences
Other clients are always assigned 10.47.x.x, the x appears to increase as the spots are leased. All clients show 10.47.0.1 as the router. However there are clearly around 100 access points in the school.
I start an arpspoof
session from the client (10.47.68.107) to the router (10.47.0.1) and vice versa. Next, I start driftnet
. This same exact procedure worked at my house, which leads me to the conclusion that this is a networking problem. What am I doing wrong?
I'm using Parrot Sec OS 3.5 (Full)