Arp spoofing blocks internet

Question

I work on a fresh Kali install running in a VM. I have an external Wi-Fi NIC used only by the VM (I try to not use the internet connection of the host).

The network is protected (hum) by WEP, with the following IP adresses :

192.168.2.117: the target
192.168.2.254: the gateway
192.168.2.116: the attacking station

I've tried the following steps:

echo 1 >  /proc/sys/net/ipv4/ip_forward
arpspoof -i wlan0 -t 192.168.2.117 -r 192.168.2.254  # I also tried without the flag `r`
arpspoof -i wlan0 -t 192.168.2.254 192.168.2.117  # I also tried without this line

The ARP table of the target is modified, and on the attacking station I see all the requests from .117 (on Wireshark). But there is no response from the gateway; I even doubt than the attacking station forward the requests to the gateway. My iptables is totally empty and the policy is on ACCEPT everywhere.

So where I am wrong, and how enable the forwarding of the requets?

The title is not very descriptive. Blocks internet for whom? — M'vy, Apr 13 '16 at 09:44
@M'vy: as I explain, I see the request from .117 but I don't see any response, so it's pretty clear that it's the target machine that doesn't have internet. — Shan-x, Apr 13 '16 at 09:47

score 0 · Answer 1 · edited Mar 17 '17 at 13:14

0

Based on this question and its answer, you have to do the following:

remove iptables entries.
arpspoof -i wlan0 -t 192.168.2.117 -r 192.168.2.254
arpspoof -i wlan0 -t 192.168.2.254 192.168.2.117

notice the -r flag.

edited Mar 17 '17 at 13:14

Community

1

answered Apr 13 '16 at 09:50

Eibo

2,495
3
19
32

Didn't work. Same results. – Shan-x Apr 13 '16 at 11:53
Most of arpspoof reviews are saying that the tool ain't working correctly. Try some old versions like those in BackTrack, and try it for Ethernet, not on wireless, and at last, try to put your wireless on monitor mode. – Eibo Apr 13 '16 at 12:01

Arp spoofing blocks internet

1 Answers1

Linked