What is ARP spoofing?
ARP spoofing also known as ARP poisoning or ARP attack is a technique in which a host in a LAN can "poison" the ARP table of another host causing it to send packets to the wrong destination. The attacker can modify the traffic in the network such a way that it will redirect all traffic to go through it. ARP Spoofing will allow an attacker to sniff data frames




How ARP Spoofing works?

The image helps to understand how ARP spoofing/ARP poisoning works. Basically, the
Cracker is telling Alan's box that he has the IP that corresponds to Brian's box and vice
verse.By doing this the Cracker receives all network traffic going between Alan and Brian.
Once you have ARP spoofed your way between two machines you can Sniff the
connection with sniffers like ( Wire shark ,Ettercap etc..) By ARP spoofing between a
machine and the LANs gateway you can see all the traffic it's sending out to the Internet.


Tools Used For ARP Spoofing 

Demonstration of  an ARP spoofing attack

Since i have already explained how to use Ettercap   in one my previous tutorials  So in this tutorial i will be using  Cain and able to implement an ARP  spoofing attack .

Follow the steps given below to implement an APR spoofing attack

1. First Download and Install Cain and able  

2. Open Cain and able , click the sniffer tab , then click the sniff button and finally click the add button. Now select all host in my subnet and click OK as show 

3. After scanning it will show all the devices connected in your network ,right click on them and select resolve host names figure out the routers IP (Usually 192.168.1.1)

4. Now click the ARP tab which is at the bottom of the window ,then click the add button , now select the routers IP and the victims IP and click OK , finally click the Start/Stop ARP button as shown 

5. Once you successfully  ARP spoofed .You can click the password tab to see the various passwords or you can use sniffers like Wire shark to see the traffic  it's sending out

Thanks...