Penetration Testing mailing list archives
Re: [PEN-TEST] Arp Spoofing under WinNT 4.0
From: Wojciech Dworakowski <wojtekd () aba krakow pl>
Date: Thu, 1 Feb 2001 11:41:06 +0100
On Wed, Jan 31, 2001 at 12:41:47PM +0100, Fabio Pietrosanti wrote:
Hi, I'm doing a pen test, and i got access to an NT server on which i would like to place a sniffer. I've tried buttsniff and then Dsniff using WinPcap, but i notice that they are on a switched network, so i have two solutions: 1) Flood the switch of random mac address so his table will'be filled and the switch will operate in bride mode 2) do arp spoofing so i could intercept all packet destinated to the host of which traffic i need to sniff. On unix there are many tools, but on WinNT 4.0 with WinPcap there are some tools for "arp spoofing" ?
You can spoof arp table on Windows NT (actualy on any system) using other machine (eg. with Linux). Just send to it ethernet frames with spoofed MAC address in SRC field. Recently I had some presentations about it. I was able to intercept example telnet session between NT and Linux in switched environment (3Com and HP switches) using hunt on other Linux machine. This is classical spoof attack, using man-in-the-middle technique. Check out hunt documentation for full description. -- ____ Wojtek Dworakowski - wojtekd () aba krakow pl ABA - www.aba.krakow.pl Kryptografia i ochrona informacji: http://www.ipsec.pl
Current thread:
- Re: [PEN-TEST] Arp Spoofing under WinNT 4.0 Frank Knobbe (Jan 31)
- <Possible follow-ups>
- Re: [PEN-TEST] Arp Spoofing under WinNT 4.0 Cleary, Tom (Jan 31)
- Re: [PEN-TEST] Arp Spoofing under WinNT 4.0 Wojciech Dworakowski (Feb 01)
- Re: [PEN-TEST] Arp Spoofing under WinNT 4.0 y0ni (Feb 01)