Forum Thread: How to Perform Mitm Attack with Kali in Vmware?

I used ettercap to sniff the network(eth0) and enabled ARP poisening. After that I opened driftnet -i eth0 and when I opend my weasel browser in Kali the pictures were showed by driftnet but not when I opened Google chrome on my host machine(windows 7). Is this because of vmware or did I miss a step somewhere?

6 Responses

It is unclear who the victim is. Who are you carrying out the attack on? Is Kali running in VMware or...? What were the steps you took in preparation? A few more details and a neater layout are required, so that you can help me help you.

TRT

  • I am running Kali in vmware.
  • My host machine is the victim.
  • Bridging is enabled.
  • Ettercap sniffs on eth0. -> Unified sniffing -> Mitm ARP poisening(scan for hosts)
  • Driftnet -i eth0 runs
  • Pictures appear when I am running the browser in Kali.
  • Pictures don't appear when I am running the broswer on my Host machine in windows.
  • My host is connected to the wifi network.
  • My kali machine is connected to wired default

--> I don't use lan
--> Kali browser works fine

  • I set ipforward to 1

First and foremost, switch from Bridged to NAT. You must be on a network with your victim. You have basically been sniffing yourself all this time (this sounds so wrong).

I have a tutorial on this (on a similar procedure), so read that and see if it helps. But first set your VM to NAT.

TRT

I don't see how setting it a NAT would solve this. If anything it would just prevent the attack from launching.

In order to launch an ARP poisoning attack, the attacker must be on the same network as the victim and the gateway. By setting to NAT he'd be on a network with only the victim, he'd be isolating himself from the target environment.

Also, everything from the attacker would need to flow through a virtual gateway, which wouldn't forward any broadcast traffic.

-Defalt

You're right, sorry about that. I didn't think about the gateway and probably assumed something that now I don't happen to remember.

Anyway, to solve this problem J.Q.P, you must sort of 'separate' the VM from the host and make it act like a standalone machine. Attach a USB network adapter to the VM and connect it to the same Wi-Fi network as the one your host machine is connected to.

Go from NAT back to Bridged and then disable the Wired connection in Kali so that you are left with a wireless connection only. Ping the gateway and the host from your VM to make sure that both are reachable.

Now proceed with your attack and see how it plays out. If anything goes wrong, just reply and I'll see what I can do to help.

TRT

Thanks I will try

Share Your Thoughts

  • Hot
  • Active