ARP (Address Resolution Protocol) Spoofing

ARP is used to find another computer’s MAC address based on its IP address.

Basic Flow

1. Check Interface and Gateway IP Address

   # Interfaces
   ip addr
   
   # Default gateway
   ip route list
   

2. Scan the Network to Find Target IP

   nmap -sP <gateway-ip>/24
   nmap -sP <gateway-ip>/16
   

3. Enable IP Forwarding

   # Allow all forwading in the LAN
   # -A: append rules
   # -i: interface
   # -j: jump
   iptables -A FORWARD -i eth0 -j ACCEPT
   

Find MAC Address

cat /sys/class/net/eth0/address
cat /sys/class/net/enp0s3/address
cat /sys/class/net/tun0/address