1. Perform Active Sniffing

In active sniffing, ARP traffic is actively injected into a LAN to sniff around a switched network and capture its traffic.

1. Perform mac flooding using macof

MAC flooding is a technique used to compromise the security of network switches that connect network segments or network devices. Attackers use the MAC flooding technique to force a switch to act as a hub, so they can easily sniff the traffic.

sudo macof -i ens33 -n 10

-i interface

-n number of packets to send

targeting an IP address

sudo macof -i ens33 -d 192.168.18.1

2. Perform a DHCP Starvation Attack using Yersinia

In a DHCP starvation attack, an attacker floods the DHCP server by sending a large number of DHCP requests and uses all available IP addresses that the DHCP server can issue. As a result, the server cannot issue any more IP addresses, leading to a Denial-of-Service (DoS) attack.

Start the Yersinia in an interactive mode.

sudo yersinia -I

press h for help, q to exit help

F2 to open DHCP attack mode. DHCP fields will be shown in the bottom

press x to list attack options and the type 1 to conduct DHCP starvation attack.

3. Perform Arp poisoning using arpspoof

Use the following command

arpspoof -i eth0 -t 192.168.18.1 192.168.18.14

192.168.18.14 is the target IP

Now poison the other machine

arpspoof -i eth0 -t 192.168.18.14 192.168.18.1

4. Man in the Middle attack using cain and able

5. Spoof mac with TMAC and SMAC

https://technitium.com/tmac/

https://smac-tool.com/

6. Spoof Linux mac using macchanger

ifconfig eth0 down
Macchanger –r eth0
Ifconfig eth0 up

To view the mac address

macchanger -s eth0

Exam Prep & Training for CEH Practical (Unofficial Course)Udemy

PreviousModule 8. Sniffing Next2. Perform Network Sniffing using Various Sniffing Tools

Last updated 1 year ago

Was this helpful?