Geek Stuff → Poisoning The ARP Table of My Own Router
A question arises whether it is possible for me to apply sniffing tools & be able to spy on ummm, virtually anything (if you have the right tool) of any computer on the network.
Sometimes it might be used for security issues, parental control & maybe trust issues, everything has good & bad uses.
Our home network looks like this:
————————————————–
| (DSL Modem) ===> (Router) |
————————————————–
What I did is that I brought my computer, booted up pfSense Live CD (FreeBSD Firewall) & put it between the Modem & Router.
—————————————————————————-
| (DSL Modem) ===> (pfSense) ===> (Router) |
—————————————————————————-
I didn’t experiment a lot, but it looks like you have to add some add-ons like software to sniff IM messages and I didn’t see any packet analyzing tools.
I then booted the main OS on my computer instead of the firewall which is Linux Kubuntu 8.04, since I have two Ethernet ports, one for the WAN & the other for the LAN, I had to connect them together, the easiest way was to install a firewall to do that, though there supposed to be a simple command that can do it.
I started some packet analysing tools, but didn’t get so deep, I don’t really need to analyze all the packets from scratch, I needed specialised tools to analyse certain kinds of packets, something went wrong & I didn’t get Internet activity, so I returned everything back as before.
I decided to ignore the method if intercepting the packets by installing a hardware in between & started thinking of some hacking techniques, I started by reading a book I bought about more than 7 years ago when I was in high school, back then I didn’t understand most of what’s there, but now I really appreciate getting that book, it’s called “Anti-Hacker Toolkit”.
I called my cousin & invited him to share me the experience since he worked on BackTrack before which has many security tools. We started by trying to poison the ARP tables of the router but it failed, apparently it’s a problem with my laptop’s hardware, I tried with my netbook & it worked.
I basically lied to both the router & my cousin’s computer letting both think that my netbook is the other.
e.x: Router thinks my computer is my cousin’s & cousin’s computer thinks mine is the the router.
This way all traffic passes through me before it goes to the other side, the main problem we faced is that we had to forward the traffic, otherwise there would be no communication between the devices which is useless. With a simple command it was working.
I told him to open MSN & start chatting while I run an IM packet sniffer & I can read every message he sends & receives. One can also check the email a computer receives via POP3 & SMTP protocols, URL sniffing is also available, actually there is a program when activated & targeted to a victim, it would open your Netscape browser to whatever the victim is surfing, and as said in the book “Talk about an invasion of privacy!”
We tried other tools to try & spoof the DNS of a computer, for example hotmail.com, so when the target computer tries & requests this DNS it requests it form my own computer, doing this and with other proper tools would enable me to issue a false certificate or login session which is forwarded to the real DNS, that way I would be able to have his encrypted session details and know his login password.
It isn’t really hard to do that, it’s only a matter of having the knowledge & the right tools. I remember how much good info I gained when I took Cisco’s CCNA1 certificate, the very basics of any network & how networking works should be known to any REAL hacker (not a script kiddy!).
Spying on MSN chat