Unable to capture HTTP traffic on LAN

asked 2022-07-19 23:18:37 +0000

RayRay gravatar image

Hi All,

Setup: Hyper-V host running WIN server 2019 with apache tomcat unsecure webserver - port 80. On the same LAN i have a target (win 10) and attacker (Kali). All on the same subnet. I can send ICMP packets and access webserver from all of the hosts. If I run Wireshark locally on the target host (win10 accessing unsecure local webserver) i can see the HTTP traffic.

I'm trying to execute MITM attack using ettercap and it is not displaying the HTTP packets in Wireshark capture logs. HOWEVER, if I visit the vulnerable ONLINE website (vulnweb - which does not have SSL) from target host, I can see all of the traffic including HTTP. So why does the same rules apply for LAN Traffic?

Sidenote: I'm doing a college work on 'Zero Trust security model' and trying to apply it to an unsecure webserver.

edit retag flag offensive close merge delete