Question: 2 Task 1: ARP Cache Poisoning The objective of this task is to use packet spoofing to launch an ARP cache poisoning attack on a
2 Task 1: ARP Cache Poisoning The objective of this task is to use packet spoofing to launch an ARP cache poisoning attack on a target, such that when two victim machines A and B try to communicate with each other, their packets will be intercepted by the attacker, who can make changes to the packets, and can thus become the man in the middle between A and B. This is called Man-In-The-Middle (MITM) attack. In this lab, we use ARP cahce poisoning to conduct an MITM attack. The following code skeleton shows how to construct an ARP packet using Scapy. #!/usr/bin/python3 from scapy.all import * SEED Labs - ARP Cache Poisoning Attack Lab E = Ether() A = ARP) pkt = E/A sendp (pkt) The above program constructs and sends an ARP packet. Please set necessary attribute names/values to define your own ARP packet. We can use ls (ARP) to see the attribute names of the ARP class. If a field is not set, a default value will be used (see the third column of the output): $ python3 >>> from scapy.all import * >>> Is (ARD) hwtype XShortField = (1) ptype XShort EnumField = (2048) hwlen : ByteField = (6) plen ByteField = (4) op ShortEnumField = (1) hwsrc : ARP SourceMACField = (None) psrc SourceIPField = (None) hwdst : MACField - (00:00:00:00:00:00') pdst IPField ('0.0.0.0') In this task, we have three VMs, A, B, and M. We would like to attack A's ARP cache, such that the following results is achieved in A's ARP cache. B'S IP address --> M'S MAC address There are many ways to conduct ARP cache poisoning attack. Students need to try the following three methods, and report whether each method works or not. Task 1A (using ARP request). On host M, construct an ARP request packet and send to host A. Check whether M's MAC address is mapped to B's IP address in A's ARP cache. Task 1B (using ARP reply). On host M, construct an ARP reply packet and send to host A. Check whether M's MAC address is mapped to B's IP address in A's ARP cache. Task 1C (using ARP gratuitous message). On host M, construct an ARP gratuitous packets. ARP gratuitous packet is a special ARP request packet. It is used when a host machine needs to update outdated information on all the other machine's ARP cache. The gratuitous ARP packet has the following characteristics: - The source and destination IP addresses are the same, and they are the IP address of the host issuing the gratuitous ARP. - The destination MAC addresses in both ARP header and Ethernet header are the broadcast MAC address (ff:ff:ff:ff:ff:ff). - No reply is expected
Step by Step Solution
There are 3 Steps involved in it
Get step-by-step solutions from verified subject matter experts