Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Mac poisoning (was Re: [PEN-TEST] Replaying arbitrary packets)
From: Matt Scarborough <vexversa () USA NET>
Date: Wed, 9 May 2001 02:35:12 EDT
Frank Knobbe escribió:
Or simply poison the victims ARP cache with the MAC address of your
station.



Javier Fernandez-Sanguino Peña escribió:
      BTW, I have been unable to find tools to do this besides dsniff (great

tool)

and arp0c. Any tool for Windows NT? (preferably that does not need

rebooting,

that is, does not use winpcap).


WinPcap 2.1 (± April 2001) can be dropped onto NT4 without rebooting. This is
true for nearly all WinPcap 2.1 enabled apps, thus allowing packet capture or
injection (with LibNetNT) without rebooting on NT4-5.
http://netgroup-serv.polito.it/windump/install/default.htm

Here I see Frank's Snarp on NT4 Server SP6a+ using WinPcap 2.1 spoofs ARP
without rebooting.

Matt 2001-05-09



____________________________________________________________________
Get free email and a permanent address at http://www.amexmail.com/?A=1

  By Date           By Thread  

Current thread:
  • Re: [PEN-TEST] Mac poisoning (was Re: [PEN-TEST] Replaying arbitrary packets) Matt Scarborough (May 10)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]