I’m doing a lab experiment and am having trouble getting things to work as expected. I’m using virtualbox. I have a NAT network set up with DHCP enabled and I have two virtual machines, a ParrotOS and Windows, both connected to the NAT network as their network adapter using the NAT Network option with the custom NAT selected. Both machines can ping each other and access internet.
Now, I’m able to arp spoof the windows machine and/or the gateway from the attack box. I AM able to sniff the windows machine traffic as expected. But there are a couple of things that aren’t working.
When I refresh/check the arp tables from windows using arp -a, the gateway does not show that it’s the same MAC address as the attacker. It’s like there’s no evidence of arp poisoning despite the fact that I’m able to see traffic from the attack box (indicating that it is poisoned?). I’d like to be able to show that the arp tables have changed as proof of the attack.
Secondly, when I try to do arp ban, the victim box is able to access internet without issue.
I don’t really know why this is happening. Is there a network configuration thing that I’ve missed? Would appreciate any help or ideas.
[link] [comments]
from hacking: security in practice https://ift.tt/gIEaPJ2
Comments
Post a Comment