Viewing 9 posts - 1 through 9 (of 9 total)
  • Author
    Posts
  • #61249
    Jamal Releford
    Participant

    Hi,

    Currently working through setting up my Writing An ARP spoofer lecture and just finished watching Lecture 5.3. I was reaching out to understand where I’m supposed to know which IP and Mac is associated with the Windows machine which supposed to be my victim for the packet being created. I ran the network scanner as suggested and it returns 3 IP addresses and MAC address but I’m not 100% sure which is the Windows device or whether it’s even picking up the Windows device.

    Is there an additional command I should have run to know what my IP address and Mac were for my Kali device and another for Windows to know this?

    Sorry if this is a dumb question.

    #61302
    diego
    Moderator

    Hi!

    While writting the mac address changer we have use the ifconfig command to know kali’s ip nad mac address, taking notes while watching the course will be very helpful. In windows you can use ipconfig command, look at the ipv4 and you’ll know which is your target machine’s ip.

    And in a real scenario it’s not that easy to know which is the ip of the target machine, you’ll need to capture some traffic and analyze it, it might give you a clue to identify the target. Also the mac addresses can give you an idea because most of them have specific numbers assigned to vendors, I mean you can know if the connected device is apple, windows, huwaei, tp-link, etc. Check this website: https://macaddress.io/ (obviously this won’t work for virtual machines as the mac address they have is fake)

    Hope it helps!
    Diego

    #61306
    Jamal Releford
    Participant

    Thanks for the response. My notes allowed me to arrive at these same conclusions however in the lecture Zaid says to use the network scanner to learn what its are on the network. My kali ip is 172.16.43.138. The Windows Ip (172.16.43.138) from the ifconfig command doesn’t appear as one of the IPs that is returned on the network scanner list.

    Is there a reason for this? Is there something I can do to make sure it appears?

    Results from python network_scanner.py -t 172.16.43.1/24

    IP MAC Address
    ———————————————
    172.16.43.1 f2[redacted]
    172.16.43.2 00:50:[redacted]
    172.16.43.254 00:50:[redacted]

    #61365
    diego
    Moderator

    Hi!
    Can you show the results of:
    ifconfig and route -n in kali
    ipconfig in windows
    Can you share a screenshot of the Network settings used in VirtualBox for both machines?

    Thanks!
    Diego

    #61371
    Jamal Releford
    Participant

    Thanks Diego. I realized when I did the network scan that I didn’t have the Windows VM opened. It appeared when I opened it. However just for my own sanity I wanted to share the information to ensure my VM was configured correctly for further lesson. Your email mentions to share the settings for VirtualBox but per the the lessons I’ve been using VMWare so not sure if the information you’re requested will look the same. The file size max for the forum won’t allow me to share but one screenshot so I’l see if I can post the others subsequently. Thanks.

    Attachments:
    You must be logged in to view attached files.
    #61373
    Jamal Releford
    Participant

    Other screenshots for the comment above.

    Attachments:
    You must be logged in to view attached files.
    #61375
    Jamal Releford
    Participant

    Other screenshots for the comment above from network scanner

    Attachments:
    You must be logged in to view attached files.
    #61377
    Jamal Releford
    Participant

    Other screenshots for the comment above. VMware settings

    Attachments:
    You must be logged in to view attached files.
    #61431
    diego
    Moderator

    Hi!
    Yeah, all the settings are correct and yes, you need to run windows VM as well. Also I got confused and typed Virtualbox instead of VMware.

    Greetings!
    Diego

Viewing 9 posts - 1 through 9 (of 9 total)
  • You must be logged in to reply to this topic.