Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Ethical Hacking Workshop

You're reading from   Ethical Hacking Workshop Explore a practical approach to learning and applying ethical hacking techniques for effective cybersecurity

Arrow left icon
Product type Paperback
Published in Oct 2023
Publisher Packt
ISBN-13 9781804612590
Length 220 pages
Edition 1st Edition
Arrow right icon
Authors (2):
Arrow left icon
Rishalin Pillay Rishalin Pillay
Author Profile Icon Rishalin Pillay
Rishalin Pillay
Mohammed Abutheraa Mohammed Abutheraa
Author Profile Icon Mohammed Abutheraa
Mohammed Abutheraa
Arrow right icon
View More author details
Toc

Table of Contents (13) Chapters Close

Preface 1. Part 1:Network Fundamentals
2. Chapter 1: Networking Primer FREE CHAPTER 3. Chapter 2: Capturing and Analyzing Network Traffic 4. Chapter 3: Cryptography Primer 5. Part 2: Breaking and Entering
6. Chapter 4: Reconnaissance 7. Chapter 5: Scanning 8. Chapter 6: Gaining Access 9. Part 3: Total Immersion
10. Chapter 7: Post-Exploitation 11. Index 12. Other Books You May Enjoy

Putting what you have learned into practice

With the lab set up, let’s perform an ARP spoofing attack. In this attack, we will send malicious packets to the Windows 10 machine spoofing the MAC address of the pfSense router. In my environment, the pfSense router has an IP address of 192.168.1.1 and the Windows 10 machine has an IP address of 192.168.1.20.

Before we begin, we will enable Kali to perform packet forwarding using the following commands:

$ sudo -i
$ echo 1 > /proc/sys/net/ipv4/ip_forward

From the Kali machine, open a Terminal window and issue the following command. This will begin to spoof ARP packets toward the Windows 10 machine:

$ sudo arpspoof -i eth0 -t 192.168.1.20 192.168.1.1

The command will continue to run indefinitely until you cancel it with the Ctrl + C key sequence. The output will look as follows:

Figure 1.15 – ARP spoofing the Windows 10 machine

Figure 1.15 – ARP spoofing the Windows 10 machine

Since we want to intercept traffic and perform an MITM attack, we will conduct an arpspoof attack toward the router. Here, we are telling the router that all traffic destined to the MAC address belonging to 192.168.1.20 (Windows 10 machine) is our MAC address (Kali Machine). Kali will then perform the packet forwarding between the router and the Windows 10 machine.

In a new Terminal window, run the following command. This will start to spoof ARP packets towards the pfSense router:

$ sudo arpspoof -i eth0 -t 192.168.1.1 192.168.1.20

The output will look as follows:

Figure 1.16 – ARP spoofing the pfSense router

Figure 1.16 – ARP spoofing the pfSense router

As the two commands run, both the pfSense router and the Windows 10 machine should now have poison ARP entries. From here, we can intercept the packets and see all the communication between the Windows 10 machine and the router.

A great tool to quickly view web traffic is called URLSnarf, which is part of the dSniff suite. You can try this out in your lab by entering the following command:

$ sudo urlsnarf -i eth0

This command will inspect all web traffic and provide you with the URLs that are being accessed. A sample of this can be seen in the following screenshot:

Figure 1.17 – Viewing URLs accessed by the target with urlsnarf

Figure 1.17 – Viewing URLs accessed by the target with urlsnarf

If you want to capture all the traffic, this is where you can make use of Wireshark. Using what you have learned earlier, launch Wireshark on Kali Linux and perform a packet capture on the interface that you are using for the ARP spoofing attack. Do you see anything interesting? Generate some web traffic from the target machine and look at the packet capture – for example, browse to a website, log in, and look at the packet captures.

You have been reading a chapter from
Ethical Hacking Workshop
Published in: Oct 2023
Publisher: Packt
ISBN-13: 9781804612590
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image