ARP is a very important protocol for computer and computer networking. it helps two devices in the network to communicate with each other. ARP stands for Address Resolution Protocol. ARP Protocol is used to map the IP address with its MAC address. Every device in the network has its own IP address and MAC address to get recognize into the network and can communicate with the other device in the network. A device needs an IP address to communicate with other devices but for a local network, whether it is a Wireless network like your WIFI or wired network like a switch it required a MAC address to communicate with other devices in the network This is what ARP protocol does. It creates an ARP table in every device
How ARP Protocol work
What is ARP Spoofing
ARP Protocol is not that secure to protect the communication between two devices and allow hackers to intercept between the communication of two devices can perform other attacks. The hacker should be on the same network to perform the ARP spoofing attack. ARP spoofing is a Man in the middle attack.
Read also: Top 5 free lab for hacking practice
Now here router and laptop device is not asking for the IP address of any device but the attacker is sending a message to the user that his IP is 10.10.10.1 which is the router IP address and user computer will accept the request and change it from the ARP table and become the router for the laptop device, same with router attacker send a message to router and telling that his IP is 10.10.10.2 and router will accept his message again will change his ARP table in this scenario attacker don’t have any IP address he is just sending the fake message now router will think that the attacker is the user and user will think that the attacker is the router, because of that when the user tries to visit a site his request is supposed to send to the router but it will be sent to the attacker and attacker will send it to the router because of security issue with ARP protocol that it just accept the request without checking that is it true and legitimate or not.
The previous tutorial on man in the middle attack with mitmf tool also uses the same technique for man in the middle attack. you can check it out now I am using the different tool called arpspoof for ARP spoofing.
Now to perform the ARP spoofing attack you need a Kali Linux machine installed and open the terminal and use the following command