Penetration Testing mailing list archives
Re: [PEN-TEST] Mac poisoning (was Re: [PEN-TEST] Replaying arbitrary packets)
From: Matt Scarborough <vexversa () USA NET>
Date: Wed, 9 May 2001 02:35:12 EDT
Frank Knobbe escribió: Or simply poison the victims ARP cache with the MAC address of your station.
Javier Fernandez-Sanguino Peña escribió: BTW, I have been unable to find tools to do this besides dsniff (great
tool)
and arp0c. Any tool for Windows NT? (preferably that does not need
rebooting,
that is, does not use winpcap).
WinPcap 2.1 (± April 2001) can be dropped onto NT4 without rebooting. This is true for nearly all WinPcap 2.1 enabled apps, thus allowing packet capture or injection (with LibNetNT) without rebooting on NT4-5. http://netgroup-serv.polito.it/windump/install/default.htm Here I see Frank's Snarp on NT4 Server SP6a+ using WinPcap 2.1 spoofs ARP without rebooting. Matt 2001-05-09 ____________________________________________________________________ Get free email and a permanent address at http://www.amexmail.com/?A=1
Current thread:
- Re: [PEN-TEST] Mac poisoning (was Re: [PEN-TEST] Replaying arbitrary packets) Matt Scarborough (May 10)