ARP (Address Resolution Protocol) Spoofing

Last modified: 2022-11-22


ARP is used to find another computer’s MAC address based on its IP address.

Basic Flow

  1. Check Interface and Gateway IP Address

    # Interfaces
    ip addr
    # Default gateway
    ip route list
  2. Scan the Network to Find Target IP

    nmap -sP <gateway-ip>/24
    nmap -sP <gateway-ip>/16
  3. Enable IP Forwarding

    # Allow all forwading in the LAN
    # -A: append rules
    # -i: interface
    # -j: jump
    iptables -A FORWARD -i eth0 -j ACCEPT

Find MAC Address

cat /sys/class/net/eth0/address
cat /sys/class/net/enp0s3/address
cat /sys/class/net/tun0/address