WEBVTT 00:01.000 --> 00:06.280 In this program, I am going to write an ERP spoofing program. 00:06.560 --> 00:09.560 You may ask, what is an ARP spoofing program? 00:10.040 --> 00:12.640 Okay, let me show you here in a diagram. 00:12.760 --> 00:13.200 Okay. 00:13.760 --> 00:15.800 Here you see it is a typical network. 00:16.120 --> 00:17.680 And this is the access point. 00:17.680 --> 00:19.760 This is the resource or internet okay. 00:19.800 --> 00:20.960 Public internet. 00:21.040 --> 00:24.200 We have two computers connected to this access point okay. 00:24.200 --> 00:25.040 Or router. 00:25.520 --> 00:27.000 So this is the victim. 00:27.720 --> 00:29.320 It is a normal network okay. 00:29.360 --> 00:35.480 Every time this victim try to connect to the internet, it tries to send a request to access point and 00:35.480 --> 00:37.120 then receive that response. 00:37.600 --> 00:42.120 And it connects to internet as well as the hacker computer. 00:42.880 --> 00:47.160 But the ARP spoofing is a little different. 00:47.520 --> 00:56.920 Whenever the hacker tries to get access to request and response of a victim and access point, so it 00:56.920 --> 00:58.160 becomes man in the middle. 00:58.720 --> 01:06.570 So this hacker sends a response or send a request to this access point and telling this that I am this, 01:06.610 --> 01:08.130 this machine or this victim. 01:08.170 --> 01:10.650 Okay, I have IP for this victim. 01:11.050 --> 01:14.530 And also this hacker machine sent a request to this one. 01:14.530 --> 01:14.970 Okay. 01:16.290 --> 01:18.050 To victim that I am the router. 01:18.490 --> 01:26.210 And this victim will send its packet to this hacker computer. 01:27.050 --> 01:33.890 And it is not clear for the victim that it is a hacker computer or a router. 01:33.930 --> 01:36.410 So it thinks that it is. 01:36.450 --> 01:38.690 This computer is a router. 01:38.690 --> 01:42.610 So it sends all its packet to hacker computer. 01:43.170 --> 01:51.050 And, uh, the access point received from hacker computer and think that it is this victim machine. 01:51.810 --> 01:55.090 And that is explained right here. 01:55.090 --> 01:57.610 As you see, this is the victim. 01:57.610 --> 02:00.610 This is the hacker again, it is the access point. 02:00.610 --> 02:09.090 This hacker machine will send a request to access point and telling me that I am at ten 0 to 8, which 02:09.220 --> 02:10.900 is IP for victim. 02:11.060 --> 02:17.580 And also it will send a request to this that I am ten 0 to 1, which is the access point. 02:17.940 --> 02:24.100 And after that the victim will send a all the packets to the hacker computer. 02:24.140 --> 02:25.220 Okay. 02:25.220 --> 02:33.460 And the hacker computer will be able to capture all the data that is, uh, moving through this hacker 02:33.460 --> 02:33.900 computer. 02:33.900 --> 02:39.460 And then, uh, after capturing it, we will be writing another program to analyze it. 02:39.460 --> 02:39.820 Okay. 02:39.860 --> 02:42.260 To do whatever we want. 02:42.300 --> 02:48.820 Okay, so this ARP spoofing program will be able to capture the data. 02:48.820 --> 02:49.420 Okay. 02:49.460 --> 02:52.500 Will be able to become a man in the middle. 02:52.500 --> 02:52.780 Okay. 02:52.820 --> 02:55.900 While we run this, our computer will become man in the middle. 02:55.900 --> 03:02.140 That means all the packets from other computer will flow through this computer, and then we will be 03:02.140 --> 03:03.540 able to capture it. 03:03.580 --> 03:06.140 For example, passwords, anything we want, okay. 03:06.140 --> 03:13.180 We will capture it and we can use it in any good ways or bad ways. 03:13.190 --> 03:17.950 So let me come to see and hear. 03:17.950 --> 03:22.470 If I use ARP Dash A and hit enter. 03:22.470 --> 03:31.270 Here you see that each computer, each computer or even router has an IP and has a mac address. 03:31.270 --> 03:34.350 Here you see that this router, this is the router. 03:34.350 --> 03:39.870 And it is telling that this IP is at this Mac address okay. 03:39.910 --> 03:43.670 This is the Mac address belongs to a router. 03:43.670 --> 03:49.430 You may ask what how do you know that it is the IP for router okay. 03:49.870 --> 03:52.550 There is another command called route dash in. 03:52.590 --> 03:55.430 When I hit enter you see that we have a gateway here. 03:55.470 --> 03:57.270 Gateway is the router okay. 03:57.310 --> 03:58.190 It has an IP. 03:58.230 --> 04:03.190 The IP is ten 021 that is here and it has a mac address okay. 04:03.230 --> 04:06.190 So the Mac address for that is this one. 04:06.190 --> 04:09.630 Now if I come back to windows Machine here. 04:11.790 --> 04:16.990 And uh let's see this is the, the other machine okay. 04:17.030 --> 04:18.720 Which is Windows 7. 04:19.080 --> 04:22.760 Now if I use ARP Dash a hit, enter. 04:23.080 --> 04:24.400 Here we see a lot of things. 04:24.600 --> 04:24.960 Okay. 04:25.160 --> 04:26.960 The first one is the router. 04:27.560 --> 04:33.200 And you see that this IP belongs to this Mac address. 04:33.240 --> 04:33.880 Okay. 04:33.920 --> 04:36.240 So later we will be able to change this. 04:36.240 --> 04:48.360 For example we will uh, force this machine to understand that this IP belongs to or to my Mac address. 04:50.840 --> 04:53.000 For example, to this Mac address. 04:53.040 --> 04:53.480 Okay. 04:54.840 --> 04:55.720 Where is that? 04:55.760 --> 04:59.680 That is here, for example, that belongs to this one. 04:59.840 --> 05:08.560 So after that, whenever this computer try to connect to internet, all the packet will come to Kali 05:08.560 --> 05:12.520 machine and then move to router and then to the internet. 05:12.560 --> 05:12.960 Okay. 05:13.520 --> 05:16.880 So we will be writing that program in this section. 05:17.640 --> 05:21.720 So thanks for watching and let's go start building our program.