ARP spoofing

Ethernet is a Local Area Network (LAN) technology using a flat addressing model where every Network Interface Controller (NIC) on the local network is guaranteed to have a unique Media Access Control (MAC) address and traffic is either sent directly to the destination NIC, or broadcast and received by all NICs. This means there are two different addressing schemes for computers on the LAN, the global IP address and the local MAC address. To carry IP traffic, Address Resolution Protocol (ARP) was created. By merely injecting two ARP Reply packets into a trusting LAN, any device is able to receive all traffic going back and forth between any two devices on the LAN.


Attack:

1. Use an ARP spoofing tool such as Arpspoof, Cain & Abel, Arpoison, or Ettercap

1.1 Set the IP address of the tool to match the IP subnet of the victim (scans the network to find out the IP address and MAC address of all the hosts on the subnetwork) (AND)
1.2.Select a target (AND)
1.3 Send ARP packet, replacing the MAC address of the target with own MAC address while keeping IP address as is, causing packets meant for the target now being rerouted to the attacker (AND)
1.4 When packets for the victim arrive, launch further attacks
1.4.1 Associate multiple IP addresses to a single MAC address on a network
1.4.2 Sit in between the communication between two users (MitM)