I use Kali linux VirtualBox VM with its network adapter attached to NAT.
I checked that it is connected to the internet [made a simple apt-get update].
I run this command in a terminal:
for ip in $(seq 1 254); do ping -c 1 192.168.2.$ip>/dev/null; [ $? -eq 0 ] && echo "192.168.2.$ip UP" || : ; done
And it returned:
192.168.2.1
[the router]192.168.2.2
[android phone or box]192.168.2.3
[android phone or box]192.168.2.6
[kali VM, I got it from the Win10 host with ipconfig]
I have an android phone and a tv box on the LAN. I just want to capture the phone traffic to learn the MiTM attack.
So I run:
ettercap -Tqi eth0 -M arp /192.168.2.2// /192.168.2.1-10//
[for now I suppose 192.168.2.2 is the phone] and it returns:
ettercap 0.8.2 copyright 2001-2015 Ettercap Development Team
Listening on:
eth0 -> 05:00:15:28:06:D4
10.0.2.15/255.255.255.0
fe90::a00:28ff:fe28:6d4/64
SSL dissection needs a valid 'redir_command_on' script in the etter.conf file
Ettercap might not work correctly. /proc/sys/net/ipv6/conf/eth0/use_tempaddr is not set to 0.
Privileges dropped to EUID 65534 EGID 65534...
33 plugins
42 protocol dissectors
57 ports monitored
20388 mac vendor fingerprint
1766 tcp OS fingerprint
2182 known services
Lua: no scripts were specified, not starting up!
Scanning for merged targets (10 hosts)...
* |==================================================>| 100.00 %
0 hosts added to the hosts list...
FATAL: ARP poisoning needs a non empty hosts list.
I found here that 'If you run it on an interface that is enabled, but not connected to a network, Ettercap will complain that "ARP poisoning needs a non empty hosts list"' .
How can I check which is the case with the eth0 interface?