3

I'm trying to learn ethical hacking and I'm starting with ARP SPOOFING. I used driftnet but seems I can't get the images on my target. I'm running Kali Linux on VirtualBox and my target is my Windows machine. I'm connected to the same network. Can someone give me a clue why I can't get the images?

Details:

  • Router: 192.168.1.1
  • Target: 192.168.1.5
  • My IP: 192.168.1.7
  • VM Connection type: Bridged
  • Interface: eth0

Kali Commands

Windows URL I am browsing on Google.

enter image description here

schroeder
  • 123,438
  • 55
  • 284
  • 319
nethkennnnn
  • 161
  • 2
  • 3
  • 7

1 Answers1

1

It's because you can only browse Google over https only and not http.Even if you force http, the response for that request will be a redirect to https.Along with the arpspoof, you will have to use a tool which will be a middle man doing the ssl handshake with the target's browser and Google. MITMproxy works great.There is still a catch though, the target's browser will flag the connection to be insecure, because MITMproxy will be using its own selfsigned certificate for handshake.Beacuse your other end is Google, target won't be able to add an exception in the browser and continue browsing because HSTS is set.To force the browsing, you will have to add MITMproxy's cert to the trustable root certificates manually in the browser.

Mitmproxy

How to use MITMPROXY

Edit: If you are seeing this problem for 'only' http connection too, check the Network settings for your bridge adapter in VirtualBox.You should set Promiscuous Mode to Allow All.

Vinod Pn
  • 385
  • 1
  • 4
  • 11
  • Check SSLstrip too, long time I used it.If it works, you will not need mitmproxy. – Vinod Pn Mar 11 '18 at 08:51
  • This doesn't solve the specific problem, as the OP tested plain HTTP sites as well in the comments. We still don't know if OP can see any traffic at all either. – multithr3at3d Mar 11 '18 at 15:00