Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - EonsNearby

Pages: [1]
1
Hacking and Security / Re: arpspoof not doing what I want
« on: March 21, 2013, 07:14:09 pm »
I'm assuming that I would execute arp -a on the victim machine because arp -a can check to see if its cache has been poisoned, but I cannot get it to respond when I execute the attack because the attacking machine is performing a DoS against the victim.

2
Hacking and Security / Re: arpspoof not doing what I want
« on: March 21, 2013, 06:39:02 pm »
Am I supposed to execute arp -a on the victim machine or on the machine performing the attack?

3
Hacking and Security / Re: arpspoof not doing what I want
« on: March 21, 2013, 02:48:39 pm »
Quote from: proxx on March 21, 2013, 05:32:50 am
Alright that looks good.

Have you analyzed with wireshark?

Oke so after you started the attack on your client go to the client machine and check the output of the command
Code: [Select]
arp Now Ill assume you now what it is supposed to say.
If it doesnt it somehow doenst get poisioned.


Here is the thing, I can only ssh into the Ubuntu computer.  It is basically a virtual machine that is used primarily for security purposes that I am only allowed to interact with via a ssh.  As such, I can't use wireshark or any other kind of GUI to aid me in this.  Anyway, after I run those two arp commands I posted, I ran arp on the victim machine, but it didn't return anything (it stalled, so it wasn't doing anything).  I also ran it on the machine performing the attack, and it returned the same thing it returned when I ran "arp" before I did the attack, which was the following (spacing may be off):


Code: [Select]
Address                  HWtype  HWaddress           Flags Mask            Iface
cisco                    ether   ADDRESS             C                     eth0
VICTIM_IP_ADDRESS        ether   ADDRESS             C                     eth0
OTHER_IP_ADDRESS         ether   ADDRESS             C                     eth0

4
Hacking and Security / Re: arpspoof not doing what I want
« on: March 20, 2013, 10:05:40 pm »
Quote from: proxx on March 20, 2013, 09:53:51 pm
Well first of all your syntax is weird.
Code: [Select]
echo 1 > /proc/sys/net/ipv4/ip_forward

The double > means append.
Also there is no need to put it in quotation mark because its a digi not a string.
This doesnt have to be the reason though.


Can you post the command you use for arpspoof ?
Code: [Select]
arpspoof -eth0 -t TARGET_MACHINE GATEWAYThats what I would do.


Also when you test these kinda things run wireshark to see whats going on behind the scenes, this is good practise anyway.
It might help you diagonse the situation.






I tried that echo command the way you suggested, but that didn't change anything.  Also, I have to have 3 ssh open in the ubuntu computer.  Two are to execute the following commands each:
Code: [Select]
arpspoof -i eth0 -t  TARGET_MACHINE GATEWAY
and
Code: [Select]
arpspoof -i eth0 -t  GATEWAY TARGET_MACHINE


The 3rd ssh is just so I can analyze network traffic between those 2.  All 3 of those websites said to do it this way.

5
Hacking and Security / arpspoof not doing what I want
« on: March 20, 2013, 08:47:33 pm »
I downloaded the dsniff package found here onto my machine with Ubuntu 12.04 installed on it:


http://www.monkey.org/~dugsong/dsniff/


I installed everything, and I started learning the tools it came with it.  The one I started with is arpspoof.  I looked up what I can do with it, and I found these tutorials about how to perform a man-in-the-middle attack:


http://teh-geek.com/?p=171
http://www.irongeek.com/i.php?page=security/arpspoof
http://www.youtube.com/watch?v=VjlQny3LNlA


However, everytime I try to perform the attack against my victim (another machine with openSUSE 12.1 installed on it), I end up just performing a DoS attack against it.  I even made sure that /proc/sys/net/ipv4/ip_forward = 1.


Code: [Select]
fortwood:~ # echo "1" >> /proc/sys/net/ipv4/ip_forward
fortwood:~ # cat /proc/sys/net/ipv4/ip_forward
1


Could someone help me with this?  Thanks

Pages: [1]