Not really an issue, question on sslstrip inside virtualbox #18
Comments
|
Hi ! I also found out Eset smart security prevents ARP poisoning attacks. Hope it will work with IE ! Have a nice day =) |
|
Ah! Thanks! I'll keep you posted tonight. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Last night, I was doing a proof of concept of attacking my desktop machines at home. I have a linux running on a virtualbox and configured as bridged. Before I started the spoofing, I checked the connectivity and everything was reachable by ping
They are all in the same subnet. So I've configured my linux with ip_forward enabled. I enabled it in sysctl.conf so that's persistent even if I restart the vm. The cat tool shows 1 on ip_forward. I also ran the iptables command. Then finally ran 2 arpspoof commands on the linux machine which is the attacker
Then finally ran sslstrip -l 8080
I went to the victim's machine then opened up Chrome browser. I went to google.com. It was waiting for a response. I didn't see anything thing getting logged on sslstrip. I think after 1 or 2 minutes, the browser showed an error. It was like "unable to communicate". I reloaded google again. It was waiting similar to how I mentioned it earlier. I killed both arpspoof commands and few seconds later, google webpage got displayed on the victim's browser. This tells us that arpspoof was working and that victim was sending to it. I'm just wondering why packets are not being forwarded to the gateway. Is this the behavior when attacker machine is in vm?
I'm going to retry again this time by building a linux on a real machine(not virtualbox) and I'll keep you posted. However, please let me know your thoughts on what I wrote above.
Thanks!
The text was updated successfully, but these errors were encountered: