arpspoof: command not found

ARPspoof is used to send fake ARP messages to a victim’s machine, tricking it into sending its traffic to the attacker’s machine or another gateway on the network. The following is the syntax used in the arpspoof tool:

# arpspoof –i [interface] -c [host ip] -t [target ip] [host ip] -r
  • -i: Allows you to specify an interface.
  • -c: Specify a hardware address.
  • -t: Specify the target, such as the default gateway.
  • host: Specify the host to intercept packets.
  • -r: Allows you to capture a bidirectional flow of traffic.

To work with Arpspoof, you need to make sure it is installed. Arpspoof is a part of the dnsiff family, so if you install dnsiff, you will get arpspoof as well. You might get below error if dnsiff is not installed onto your system.

arpspoof: command not found

you may install the dnsiff package as shown below as per your choice of distribution.

Distribution Command
Debian apt-get install dsniff
Ubuntu apt-get install dsniff
Arch Linux pacman -S dsniff
Kali Linux apt-get install dsniff
Fedora dnf install dsniff
Raspbian apt-get install dsniff

However, before everything works, you need to make sure IP forwarding is enabled on the box you plan to use inline. This is because, by default, the system will not forward that packet back on the wire. To accomplish this, I just make a change via sysctl:

# sysctl -w net.ipv4.ip_forward=1

Conclusion

Using arpsoof, the Pentester is able to spoof the media access control (MAC) address of the router to trick a victim, making the other user on the network believe the pentester’s machine is now the router or default gateway.

Related Post