Hello there, welcome to MITM series today we’re going to learn ICMP redirection using Ettercap

In previous article we have learnt about DHCP spoofing attack. In this article we’ll hack LAN using ICMP redirection

What is ICMP?

ICMP stands for Internet Control messaging protocol which is basically used to govern Internet network, like ping sweep, trace-route etc..
It is also a supporting protocol in the Internet protocol suite. It is used by network devices, including routers, to send error messages and operational information indicating, for example, that a requested service is not available or that a host or router could not be reached.

How ICMP redirection works like MITM attack?

An ICMP redirect is an error message sent by a router to the sender of an IP packet . Redirects are used when a router believes a packet is being routed sub optimally and it would like to inform the sending host that it should forward subsequent packets to that same destination through a different gateway.

Attack scenario of ICMP redirection

We target client by his MAC address and we send ICMP redirects to the client to get MITM attack. then you can start wireshark to capture packets, HTTP plain text logins and more.

Let us get Started:

We’re using Ettercap to do this attack, so install ettercap if not installed please do read previous article

Go to main tab and start Unified sniffing then go to Hosts list and Scan for hosts.

after getting all available hosts then select victims IP address as target 1 and Gateway IP address as Target 2 then Copy down the MAC address of the Target victim.

Then go to MITM tab select ICMP redirection paste the MAC address in the text-box given and also specify gateway IP address in IP address text-box and start attack.

You are free to start Wireshark and sniff HTTP requests and check progress of attack.
I hope this article was helpful in understanding ICMP redirection attack we’ll discuss DOS attack using slowloris in our future article.