1
Versions:
- Host OS: Windows 10
- Virtual box: 5.0.10 r104061
- VM1: Kali Linux 2.0.0
- VM2: Ubuntu 15.04
I have two VMs that I'm practicing penetration testing on. I'm trying to create a man in the middle attack so that my Kali VM can use Wireshark to see all the traffic of my Ubuntu VM. The problem is that, without even doing anything, I can already see all the traffic from my Ubuntu VM on my Kali VM. Here are some of my questions:
- Is this because I'm using one WiFi adapter? Would I need more of them?
- Is it ok if both VMs are using the eth0 interface? They currently are.
- The network adapters for both VMs are configured like so: Network settings for both VMs. NatNetwork is just a NAT network that I created with the default settings. Do these settings look ok?
Programmer_D
Posted 2015-12-15T06:00:48.560
Reputation: 113
I'm not certain that it's possible to test this in VMware. VMware would need to emulate a switch (otherwise known as a bridge) in order for you to NOT see the traffic in the first place. I know VMware has virtual switches, but I think they may be smart enough to thwart the types of attacks you have in mind (since they know which MACs should be behind which ports.) I'd try physical hardware. Or VMs on two laptops connected through a physical switch. (And I would use bridged mode, not NAT.) – mpontillo – 2015-12-15T06:30:57.333
check out the promiscuos mode flag – Lenniey – 2015-12-15T08:59:45.180
@Mike, I think you are correct. I configured the network of my Kali VM to be a bridged adapter, and then I used a separate laptop connected to the same wireless access point. My traffic from my laptop was hidden from the Kali VM until I performed my attack. If you would like, put your comment in an answer, and I'll accept it. – Programmer_D – 2015-12-16T06:11:10.937