March 3, 2021 at 10:02 am #52578
So on lecture 7.7 when I run the commands iptables –flush then iptables -I FORWARD -j NFQUEUE –queue-num 0 my internet connection on my windows VM drops while the DNS spoofing tool and the arp spoofing tool is running at the same time. But when I run the arp spoofing tool alone it does not. Here is my code.
https://pastebin.com/dLvpPzHQMarch 4, 2021 at 1:37 am #52620
Did you enable ip forwarding? echo 1 > /proc/sys/net/ipv4/ip_forward
You have to do it every time you want to use arp_spoof script. Also don’t use Bing as it uses hsts protection now a days, use a simple https ot http sites like winzip.com, stackoverflow.com, zsecurity.org, vulnweb.com, etc.
DiegoMarch 4, 2021 at 3:35 am #52625
Yes I did do echo 1 > /proc/sys/net/ipv4/ip_forward the problem is probably just cause I used bing I will try with another siteMarch 4, 2021 at 5:32 pm #52656
Let me know how it goes!
DiegoMarch 6, 2021 at 2:57 am #52703
Okay so I ran
1. iptables –flush
2. echo 1 > /proc/sys/net/ipv4/ip_forward
3. iptables -I FORWARD -j NFQUEUE –queue-num 0
4. then ran the arp spoof program
5. then ran the dns spoof program which I did not get any output back saying “Spoofing target”
6. then I typed ping -c 1 http://www.vulnweb.com which returned it’s IP address not what its suppose to be when spoofed
Here is the code but I believe you saw it.
https://pastebin.com/dLvpPzHQMarch 6, 2021 at 3:06 am #52704
Wait nevermind I changed “www.bing.com” to “www.vulnweb.com” I will tell you how it worksMarch 6, 2021 at 3:29 am #52705
Still got the same problemMarch 6, 2021 at 5:46 pm #52765
But do you have internet access in windows machine? If you do then you need to clear the entire browser’s cache, by default it will be set to clear the last hour only.
Let me know how it goes!
DiegoMarch 7, 2021 at 10:33 am #52782
I selected clear browsing data all time and I got the same resultMarch 7, 2021 at 12:33 pm #52786
nevermind its all goodMarch 7, 2021 at 12:53 pm #52787
But for the http lecture part he uses winzip for downloading an exe file for an example so nothing seems to show up when you run the download replacer program. Winzip seems to be using https now. Do you know any new examples that uses http?March 8, 2021 at 6:06 pm #52904
You can try with:
There’s a link to download an executable, I haven’t run the actual app that is downloaded from the site so I’ll recommend to don’t run it or do it in the virtual machine and not in your host machine.
- You must be logged in to reply to this topic.