I'm finding hard to understand how it is possible to perform a man in the middle attack to a whole network.
It is easy for the attacker to tell every victim in the subnet that his mac address is the gateway's mac, so he can intercept all requests sent by the victims. But how can the attacker do the reverse: tell the gateway that he is all the victims simultaneously to get back their responses?
I know that it is possible since I've used some tools that implement that, but I can't figure out the internals details. Can someone enlight me, please?
Thanks in advance.