Futaba _ Webs πΈπΈππΈπΈ
What is ARP poisoning? πΈπΈππΈπΈ
Today we are going to be talking about ARP poisoning and how to poison a network. A lot of this is going to be heavy networking based, so do mind your fundamentals. I'll explain some stuff along the way. As always, personal disclaimer, any and all information for this is strictly for educational purposes and I do not condone any form of illegal activity, nor am I responsible for anything you should use this information for. DO NOT pentest on anyone's network unless it is your own, or you have permission to do so.
π Article π Glossary π Catalog π Home π Search Modeπ Article Glossary
πΈ Synopsis πΈ
Today we are going to be talking about ARP poisoning and how to poison a network. A lot of this is going to be heavy networking based, so do mind your fundamentals. I'll explain some stuff along the way. As always, personal disclaimer, any and all information for this is strictly for educational purposes and I do not condone any form of illegal activity, nor am I responsible for anything you should use this information for. DO NOT pentest on anyone's network unless it is your own, or you have permission to do so.
πΈ Article Topics πΈ
I'll be discussing the following topics in order: π Premise π What is ARP Poisoning? π What is Subnetting? You can click on any of the topics to simply check that one out if it interests you! NOTE: Articles are read from LEFT to RIGHT via 2 columns! Read the first column all the way down and then move to the next one!
πΈ Key Links πΈ
Here's a quick run down on all the main links that are in the article in case you want to check them out first. π LinkedIn Version π Patreon Version
π What is ARP poisoning?
Premise πΈπΈππΈπΈ
In order to walk you through how to perform the technique, lets go over a few things first like: ARP, pingsweep, and spoofing. ARP, address resolution protocol, is what NSlookup is, but for MAC addresses. ARP translates the corresponding MAC address back to the IP of the system it pertained to. Pingsweeping is the process of pinging a series of IP addresses via a network range to check for ICMP responses. No response typically indicates a system is not up, a response indicates the system is up. There are a variety of different scan types, each with unique return results. Spoofing is the concept of masquerading as another entity, whether it be a machine, such as a spoofed MAC address, or a person for social engineering exploits, such as a spoofed ID badge for example. Now that we have the basics covered out of the way, lets begin!
As always, any and all advanced versions of this article with a video guide if given will be for PAID patreon members only!!
What is ARP Poisoning? πΈπΈππΈπΈ
How does ARP poisoning work? Essentially you are masquerading your IP and MAC address on the internal network as another system in order to receive any network traffic data intended for it. When you communicate on the network, whether it be internally (the local network) or externally (a web server), the default gateway, your router, handles the communication for you and routes it on your behalf. When you receive a response it also handles and forwards that information to you as well. If you masquerade as another system on the network, it's essentially going to send you a copy of the return information from the victim as well. In the process, since you are also on that same system on the network, you'll also be able to see any outgoing network traffic from the victim itself and receive a copy of that as well. This means that if any of those communications are insecure, such as HTTP for example, you'll be able to see any and all data in plain text format. If the victim sent over any POST HTTP request data for example, you will be able to see any credentials they sent over to authenticate to a web server. This methodology is what is also known as a form of a man in the middle attack exploit. A Man in the Middle attack is when you intercept a communication for one or more parties involved and either steal or forward that data, manipulating it, as if you were the original sender, unsuspected to said parties involved.
What is Subnetting? πΈπΈππΈπΈ
You might be asking yourself what is a subnet? Subnets are essentially networks that have been fragmented into smaller sub networks, hence subnetting. Each subnet is assigned a unique "subnet mask", the "/24" that you see here, that allows you to identify each subnet. Each subnet has it's own pool of IP addresses that can be assigned to members of that particular subnet. This allows for segmentation practices that prevent stuff like single point of failures, which are essentially monolithic based infrastructures that nest everything into one place. For network security purposes, when you do this you make it HARD for attackers to find everything, decreasing your attack surface, securing your systems greatly. With subnetting it's also possible to control which subnets can talk to each other, which is the main reason we begin a main hunt for them via the route and traceroute commands.
If you like to see the more advanced version of this article that talks about methods that can be used to mitigate, as well as any videos included, SUBSCRIBE TO MY PATREON CYBER SECURITY TIER!
If you enjoyed this post give it a thumbs up! Iβll be keeping track of whose reacting from now on as there is a βspecialβ reason for it. Just know the more you support my content the more there is in stored!
- The Hacker Who Laughs πΈπΈππΈπΈ
