WallE Posted May 1, 2013 Share Posted May 1, 2013 Here's the scenario: I want to connect the wifi pineapple to my home wifi and run an MitM attack I used network manager to connect wlan0 to the AP with this setting wlan0 mode: Client (So the wifi pineapple is not creating any AP) WAN mode Then I do a dhcp request. I am able to connect to the AP successfully. But when I run sslstrip or any infusions it is just not working on the home wifi. What am I doing wrong? Thanks Quote Link to comment Share on other sites More sharing options...
TwistedPacket Posted May 1, 2013 Share Posted May 1, 2013 If you turn the Pineapple into a client and connect to the same AP other clients are connected to you must force them to route through your pineapple / Computer for it to work So it can work like this: Target User ----> Pineapple -----> MitM Attack ------> internet. Or: User -----> Computer ------ MitM Arrack ----> Pineapple -------> internet You have to have Arp Spoofing on wired networks so that you take over the routers IP an route requests through you. For a MitM attack to work you have to get yourself in the middle. -Tp Quote Link to comment Share on other sites More sharing options...
WallE Posted May 2, 2013 Author Share Posted May 2, 2013 I connected my wlan0 to client mode to the home wifi.Then I go into putty and typed:arpspoof -i wlan0 192.168.1.45 (Testcomp) 192.168.1.1 (gatway)Then I runned URLsnarf on wlan0But nothing appear on urlsnarf when I surf internet with the 192.168.1.45 computerAnd wlan0 is really connected to the wifi when I type iwconfig it show the connection to the home wifi Quote Link to comment Share on other sites More sharing options...
TwistedPacket Posted May 2, 2013 Share Posted May 2, 2013 echo '1' > /proc/sys/net/ipv4/ip_forward arpspoof -i wlan0 -t 192.168.1.45 192.168.1.1 & > /dev/null arpspoof -i wlan0 -t 192.168.1.1 192.168.1.45 & > /dev/null urlsnarf -i wlan0 Most new wireless routers have some type of AntiArpSpoofing protection so it might not work at all. I am seeing every network I work on now have this all ready enabled so Arp spoofing is becoming a thing of the past. -Tp Quote Link to comment Share on other sites More sharing options...
John87 Posted May 4, 2013 Share Posted May 4, 2013 So what can you use instead of arp spoof to do an mitm attack? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.