Welcome!Log into your account
Press Ctrl+Z in the terminal running arpspoof after disabling IP forwarding. The victim’s ARP cache will point to you, but you won’t route their traffic →
To restore: Stop all arpspoof processes with sudo pkill arpspoof . The ARP tables will correct themselves in 30–60 seconds. Once you have the MITM position, you can go far beyond simple disconnection. 1. Sniffing Passwords (HTTP & FTP) Use dsniff to capture plaintext credentials:
Open (Spoof victim to gateway):
# Get your network range (e.g., 192.168.1.0/24) ip a sudo nmap -sn 192.168.1.0/24
sudo driftnet -i eth0 A window will pop up displaying every JPEG, PNG, or GIF they load. Modify /etc/ettercap/etter.dns :