[ad_1]
Firstly, I am unsure as to whether this question is on-topic here, or whether it is more suited to SuperUser.
Being a security researcher, I have been attempting to secure my wireless LAN against arp spoofing, by successfully arp spoofing in the first place.
I can, and have, obtained a successful wireless arp spoof around the victim device, acting a MiTM between it and the real gateway AP. But the problem is that the victim also communicates with the legitimate gateway at the same time, and not solely through me.
A Wireshark reconnaissance setup on the victim revealed this.
To catch you up to speed:
-
The victim has a sole network card, that, running on Windows, is just in normal managed mode.
-
I am just performing a standard arp spoofing attack, through a wireless network card, Linux.
-
In the victim’s, and my (attacker) arp table, spoofing is apparent.
-
But the gateway is also visible as another primary address.
-
The victim doesn’t swap between me and legit gateway, it communicates with us both at the
same time. -
The packet count is around “50/50” between us, inbound and outbound to the victim (e.g. when a network request/response is made.)
-
Before you ask, packet forwarding is enabled on the my attacker machine.
I can’t deauth (sending deauth packets to) the victim, because it would also deauth me (the attacker).
Of course, because the victim device is mine and only a dummy, I could configure it to only communicate with me attacker, but that isn’t realistic and would defeat the whole purpose.
My question: What else can I try, from an attacker’s point of view? (E.g. changing settings on the victim isn’t an option.)
Is more information needed?
[ad_2]
Source link