Hello everyone,
I'm new in pen-testing and I have troubles to perform a MITM attack in my own network.
I used the following commands :
sysctl -w net.ipv4.ip_forward=1
arpspoof -i wlan0 -t 192.168.1.17 -r 192.168.1.1
where 192.168.1.17 is the target ip and 192.168.1.1 is the router ip.
When I tried those commands with my phone as the target, I got a message saying that there is a suspicious activity in the network, so I supposed it was working.
When I do that, the target still have access to the internet, but when I sniff the traffic with wireshark and I visit a web page with the target, I don't see any HTTP request coming from it and I don't understand why. However, I can see all the fake ARP packets.
I also tried to deactivate the ip forwarding with this command sysctl -w net.ipv4.ip_forward=0.
If my understanding is correct, the target machine should not have access to the internet anymore, but in fact, it has. I can visit any website without any problem.
If anyone is able to help me understand what I missed, it would be really helpful.
Thank you in advance.
PS : I'm sorry if my english is bad.
