ARP-Spoofing

View this project on GitHub

This lab demonstrates how to perform an ARP Spoofing attack, also referred to as ARP Poisoning, Man-in-the-Middle, or On-path attack, on a Local Area Network using the arpspoof tool in Kali Linux. This lab was conducted in a segmented LAN environment to demonstrate the process of performing active reconnaissance with Nmap to enumerate operating system details from the host and to carry out an ARP spoofing attack on the target system. Once the ARP spoofing attack is initiated, further enumeration is performed using Wireshark.



Active Reconnaissance on the Target using Nmap

Nmap OS Discovery 1 Nmap OS Discovery 2 Nmap OS Discovery 3

Initiating the ARP Spoofing Attack with arpspoof

Initiating ARP Spoofing Attack ARP Spoofing Attack in Action ARP Spoofing Attack in Action 2

Analyzing the Traffic with Wireshark

Identifying DNS Server IP Address

Wireshark DNS Server Extraction Wireshark DNS Server Enumeration 5 Wireshark DNS Server Enumeration 6

NetBIOS and Other Information

Wireshark Enumeration 0 Wireshark Enumeration 1 Wireshark Enumeration 1 Wireshark Enumeration 2 Wireshark Enumeration 3 Wireshark Enumeration 4

SSDP Enumeration

Wireshark SSDP Enumeration 1 Wireshark SSDP Enumeration 2

Other Host Information

Wireshark Other Host Information Back to Lab Projects