1
00:00:00,300 --> 00:00:06,840
In this lesson, we will talk about ERP spoofing and ERP poisoning and will perform how practical.

2
00:00:07,440 --> 00:00:13,310
So ERP stands for every resolution protocol and spoofing means redirection of a network.

3
00:00:14,070 --> 00:00:14,370
Right.

4
00:00:14,970 --> 00:00:22,480
So this is the scene where this is our target, which is running Windows 10 and it's broader.

5
00:00:22,950 --> 00:00:23,260
Right.

6
00:00:23,610 --> 00:00:29,400
So Target is communicating with the router in order to access Internet and other resources.

7
00:00:30,320 --> 00:00:35,070
Now, we are here right now running Linux.

8
00:00:35,880 --> 00:00:41,550
So we told this target, our target, that, hey, I am your router.

9
00:00:42,450 --> 00:00:47,460
OK, so in order to access resources, you have to send request to me.

10
00:00:49,410 --> 00:00:49,760
Right.

11
00:00:50,370 --> 00:00:56,510
And in ERP poisoning, we are using a medium and medium stands for men in the middle ALIBEK.

12
00:00:56,790 --> 00:01:00,360
So we are acting as a men in the middle between these two.

13
00:01:01,350 --> 00:01:01,660
Right.

14
00:01:02,040 --> 00:01:10,170
So we are telling them that, hey, if you want to reply back for any request, then you have to reply

15
00:01:10,170 --> 00:01:11,250
back to me.

16
00:01:12,000 --> 00:01:12,340
Right.

17
00:01:12,990 --> 00:01:17,160
And then we will reply back to our target.

18
00:01:18,040 --> 00:01:22,170
OK, so we are acting as a men in the middle, right.

19
00:01:22,980 --> 00:01:26,110
So let's see how to do this in practical.

20
00:01:27,630 --> 00:01:30,330
So here is a colleague, which is an attack on a machine.

21
00:01:30,840 --> 00:01:33,540
And we will start with Adibi spoofing first.

22
00:01:33,550 --> 00:01:36,080
So you had a piece for hyphen?

23
00:01:36,120 --> 00:01:38,670
I hyphenates for interface.

24
00:01:38,670 --> 00:01:44,240
Interface would be était zero right now based.

25
00:01:44,580 --> 00:01:51,140
We are actually acting as a man in the middle and we will capture all of the network packets.

26
00:01:51,310 --> 00:01:54,300
OK, using a sniffing tool called Wireshark.

27
00:01:54,870 --> 00:01:55,220
Right.

28
00:01:56,160 --> 00:02:01,780
Whether it is a wide network or a wireless network, we are able to capture all of the because.

29
00:02:02,000 --> 00:02:13,620
OK, so interface it has zero hyphen B for Target and then IP of window 10, which is standards that

30
00:02:13,620 --> 00:02:18,240
are not Baudot seven and then the IP of router.

31
00:02:18,240 --> 00:02:24,330
We just tend not to dot zero dot, dot, dot one.

32
00:02:26,040 --> 00:02:30,540
That now says he had a reply to this.

33
00:02:33,240 --> 00:02:37,530
Now let's open a new terminal and let's do vice versa.

34
00:02:37,540 --> 00:02:38,520
So er this.

35
00:02:40,960 --> 00:02:42,490
They are peaceful.

36
00:02:46,360 --> 00:02:54,640
Hyphen iPhone interface again is zero then, however, that it would have it this time and it is rubber,

37
00:02:54,790 --> 00:03:02,110
so rather IP and then Windows 10 IP, OK.

38
00:03:05,920 --> 00:03:07,650
Now let's open one more terminal.

39
00:03:10,290 --> 00:03:11,960
And they'd be snipped.

40
00:03:12,270 --> 00:03:14,770
OK, so it says listening on it, zero.

41
00:03:15,420 --> 00:03:15,900
Well, good.

42
00:03:16,650 --> 00:03:20,460
Now there's a new terminal and there's Open Wireshark.

43
00:03:26,270 --> 00:03:26,630
OK.

44
00:03:31,000 --> 00:03:39,850
Again, okay, not here, select the interface, which is idea zero in our case, and click on STAC.

45
00:03:40,450 --> 00:03:44,980
So while Chalco started capturing Packards, right?

46
00:03:47,950 --> 00:03:54,670
So here are all the requests made in our network, right?

47
00:03:55,300 --> 00:04:02,830
So this is how this actually works and you can see that it's capturing on protocol Yerby.

48
00:04:03,590 --> 00:04:08,160
OK, this is the time source and destination, right?

49
00:04:10,500 --> 00:04:18,900
And these are the other information right now, there is one more thing we have to do.

50
00:04:18,970 --> 00:04:29,310
Let's minimize this and let's open a new terminal and we have to forward our budget for iPods.

51
00:04:29,310 --> 00:04:36,870
And so sources CDL hyphen W.

52
00:04:39,380 --> 00:04:42,440
Net dot IP was in for.

53
00:04:45,870 --> 00:04:57,790
Dart IP forward is to when one is used to enable IP before would be OK hit enter then.

54
00:04:58,740 --> 00:05:01,560
So this is the complete process of IP spoofing.