Jump to content

Arp Spoof doesn't forward packets!


Chaaru
 Share

Recommended Posts

Hi,

I'm running Kali 2021.4 on my VirtualBox. I'm trying to arpspoof a MacBook which is in the same network!

The method I am using is:

Enable port forwarding:

echo 1 > /proc/sys/ipv4/ip_forward

Flushing IP tables:

iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete chain
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080

arpspoof command: (arpspoof version 2.4)

arpspoof -i wlan0 -t <target> <router>
arpspoof -i wlan0 -t <router> <target>

I'm running both of these commands on separate windows. It issues a DoS, It is not forwarding packets to the victim, Mac. I tried all sorts of things. I'm making sure no Firewall is running. I flush my iptables before and after the arpspoof.

If you need my iptable listing, here it is:

# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy DROP)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

# iptables -S
-P INPUT ACCEPT
-P FORWARD DROP
-P OUTPUT ACCEPT

I read many threads and tried all sorts of things, it doesn't seem to work. Kindly help me. If you need any further details, please let me know.

Thanks & Regards

Link to comment
Share on other sites

16 minutes ago, digininja said:

I'd run packet sniffing on both hosts to see where the traffic is going. Is the victim recieving the ARP packets, is the attacker receiving the traffic from the victim?

I intercepted packets on both hosts. Victim, Mac is getting ARP packets. It is not sending back to the attacker! What could be the issue here?

Victim

Screenshot-2022-01-30-at-6-53-21-PM.png

Attacker

Screenshot-from-2022-01-30-19-00-51.png

Link to comment
Share on other sites

What does the ARP table on the victim say before and after it has received them?

If you want to test forwarding, when you get that far, you can set a static ARP entry on the victim to force traffic that direction.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...