IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [arp-spoofing]

ARP spoofing is an attack technique which sends spoofed Address Resolution Protocol (ARP) messages to Local Area Network (LAN). The idea is to identify attacker's MAC address as the address of another network host and redirect traffic intended for another IP address to the attacker's IP address instead.

ARP spoofing is an attack technique which sends spoofed Address Resolution Protocol (ARP) messages to Local Area Network (LAN). The idea is to identify attacker's MAC address as the address of another network host and redirect traffic intended for another IP address to the attacker's IP address instead.

ARP spoofing, if successful, enables an attacker to intercept LAN data packets, shape traffic, or stop it altogether. This type of attack is often used as an attacker's opening gambit for other attacks, such as denial of service (DoS), man in the middle (MiTM), or session hijacking. This attack can only be staged on local networks that use Address Resolution Protocol (ARP).

209 questions
1
vote
1 answer

How well the OpenVPN router defend against mitm

I'm not an expert in VPN, so I'm curious about how well does a router with installed vpn defend against an mitm attack. Since ARP Spoofing can decrypt https, I'm concerned if it's able to decrypt a vpn too. Also will the hacker be able to DOS your…
Corbee
  • 113
  • 5
1
vote
1 answer

how to arpspoof when the AP prevent clients from seeing each others?

I am trying to perform man-in-the-middle attack on my home network.I can fool the AP into thinking that I am the client by this command arpspoof -i wlan0 -t 192.168.1.1 192.168.1.10 however when I try to make the client think that I am the AP…
Gray
  • 371
  • 1
  • 3
  • 6
1
vote
0 answers

Ettercap JavaScript injection

I am trying to remake an app like zANTI, but for other platforms. I was wondering if I could use Ettercap (or something like it) to inject JavaScript into a targets web browser.
Python
  • 111
  • 2
  • 2
  • 7
1
vote
0 answers

ARP poisoning HTTP(S) mobile traffic

I'm working on a mobile app security test. This app communicates with a webservice and I'm trying to intercept the traffic between them. I've already accomplished this by setting my HTTP proxy as a proxy on the mobile configuration. It worked but…
luizfzs
  • 261
  • 2
  • 12
1
vote
1 answer

ARP poisoning on campus network

I am a computer engineer student. Recently, I was able to arp-spoof the router of my class. I used: Kali Ettercap Wireshark The gateway IP address was: 192.168.0.1 The victim was my phone with the IP: 192.168.0.34 I was able to see the packets…
TSR
  • 185
  • 2
  • 5
1
vote
2 answers

The main difference between IP and ARP spoofing

My question can be broken into two parts: ARP spoofing attack can appear in various ways but all of them have a similar goal: Take advantage of the lack of L2 authentication by poisoning the target ARP cache with the attacker's MAC Address. Since…
Mike
  • 125
  • 1
  • 4
1
vote
1 answer

How to prevent an arp poisoning attack (from the client's POV)

How can I defend against an ongoing arp poisoning attack on a network that I am connected to?
Matias K
  • 113
  • 3
1
vote
2 answers

How to stop the "mitmf" tool on my home network?

Okay, so I am basically an electronics student so I have limited knowledge on the subject. So please help me out here. The thing is that one day, as I was browsing, I opened up Google and instead of the Google logo, a "You have been hacked" image…
Swastik Mohapatra
  • 13
  • 4
1
vote
1 answer

Responder mitigation

The Responder tool can grab the netntlm hashes of clients on a Microsoft AD network by either using LLMNR to answer queries "accidentally" made by clients by responding as otherwise nonexistent SMB servers, or by responding to WPAD to insert itself…
SilverlightFox
  • 33,408
  • 6
  • 67
  • 178
1
vote
1 answer

I let someone Remote Access my tablet (connected to Wi-Fi), and I think they may have ARP poisoned my network

Two days ago, I received a call from someone claiming to be from Intel Corporation stating that my IP address may be insecure, and I dumbly let him Remote Access my Windows 8.1(I think) Tablet (Automatically connects to Wi-Fi). I'm not sure what…
B-Dom
  • 21
  • 4
1
vote
1 answer

Fill ARP table with as many entries possible

I am looking for a way to fill the ARP table with as much data in a short period of time as possible. I am looking to do this because I would like to test the way my networking device handles a great number of ARP entries within x amount of time. I…
grepsedawk
  • 121
  • 3
1
vote
1 answer

MITMf arp spoofing inconsistent

using MITMf I'm getting inconsistent results, sometimes it just works, other times it just doesn't... I'm wondering is it like that for others or am I doing something wrong? the command I'm using just for arp spoofing no injecting or anything…
Reed Jones
  • 113
  • 1
  • 6
1
vote
1 answer

IP Spoofing between subnets

I'm new PT. In a test I was required to do, I was given a port in the segment of 172.13.x.x. I was asked to test if I'm able to reach a server at 172.16.x.x. I was wondering (considering there's either a router/ layer-3 switch / firewall !), if it…
Peter Shmilovich
  • 11
  • 2
1
vote
2 answers

Why are there duplicated entries in the ARP table in a MitM attack?

All I read when it comes of detecting a man in the middle attack is that the ARP cache table will have duplicated entries for the attacker MAC address, but I can't find the reason why. The way I think it is (because one is the faked one and the…
Franzech Domâs
  • 975
  • 1
  • 8
  • 10
1
vote
3 answers

Does ARP or DNS spoofing play a role when performing MITM in fake AP attacks?

I have a test environment, where I try some wireless hacking tools and approaches, and lately I have been interested in evil twin attacks. I created a fake AP using airbase-ng, and specified the IP tables manually, at what point if the client…
typos
  • 473
  • 1
  • 7
  • 11
1 2 3
13 14