Wi-Fi Attacks by Exploiting ARP and DNS Vulnerabilities: A Security Study

PDF (2403KB), PP.34-46

Views: 0 Downloads: 0

Author(s)

Asmaa A. Ghanim 1,* Mohammed Y. Thanoun 1

1. Department of Electrical Engineering, University of Mosul, Mosul, Iraq

* Corresponding author.

DOI: https://doi.org/10.5815/ijwmt.2025.05.03

Received: 11 Oct. 2024 / Revised: 21 May 2025 / Accepted: 16 Jul. 2025 / Published: 8 Oct. 2025

Index Terms

MITM, ARP Spoofing, DNS Spoofing, Phishing Attack, Reverse TCP Shell, Metasploit Framework, Bettercap

Abstract

This research aims to evaluate the security risks associated with open wireless networks, especially Man-in-the-Middle (MITM) attacks that exploit the Address Resolution Protocol (ARP) and Domain Name System (DNS). The penetration testing process was conducted by creating a secure and controlled laboratory and using a set of tools available in Kali Linux to demonstrate how attackers can exploit these vulnerabilities to gain unauthorized access to victims' devices, steal their sensitive data, and control their devices remotely The research focused on analyzing the effectiveness of social engineering (phishing) attacks under MITM attacks, where a fake web page was created to trick victims into entering their personal data and another web page was created to try to trick victims into downloading malware consisting of an attack payload that aims to create a Reverse Transmission-Control-Protocol (TCP) shell that enables the hacker to explore the target device and execute code using the Metasploit framework. The research results showed the effectiveness of combining ARP and DNS spoofing with phishing attacks and malware injection attacks. The results also showed that open wireless networks are highly vulnerable to attacks and that end users are the weakest link in the security chain. The research also emphasizes the need to develop more effective security solutions to protect core protocols such as ARP and DNS.

Cite This Paper

Asmaa A. Ghanim, Mohammed Y. Thanoun, "Wi-Fi Attacks by Exploiting ARP and DNS Vulnerabilities: A Security Study", International Journal of Wireless and Microwave Technologies(IJWMT), Vol.15, No.5, pp. 34-46, 2025. DOI:10.5815/ijwmt.2025.05.03

Reference

[1]C. Ndubuisi, F. Soomro, D. Javeed, U. Mohammedbadamasi, C. O. Ndubuisi, and M. Asif, “Man in the Middle Attacks: Analysis, Motivation and Prevention,” Int. J. Comput. Networks Commun. Secur., vol. 8, no. 7, pp. 52–58, 2020, doi: 10.13140/RG.2.2.22752.81928.
[2]S. Lindroos, A. Hakkala, and S. Virtanen, “A systematic methodology for continuous WLAN abundance and security analysis,” Comput. Networks, vol. 197, no. July, p. 108359, 2021, doi: 10.1016/j.comnet.2021.108359.
[3]D. Gao et al., “A nationwide census on wifi security threats: prevalence, riskiness, and the economics,” in Proceedings of the 27th Annual International Conference on Mobile Computing and Networking, 2021, pp. 242–255.
[4]M. A. Adiguna and B. W. Widagdo, “Analisis Keamanan Jaringan WPA2-PSK Menggunakan Metode Penetration Testing (Studi Kasus: Router Tp-Link Mercusys Mw302r),” J. SISKOM-KB (Sistem Komput. dan Kecerdasan Buatan), vol. 5, no. 2, pp. 1–8, 2022.
[5]S. Lindroos, A. Hakkala, and S. Virtanen, “A systematic methodology for continuous WLAN abundance and security analysis,” Comput. Networks, vol. 197, p. 108359, 2021.
[6]M. Tabassum, T. Sharma, and S. Mohanan, “Ethical Hacking and Penetrate Testing using Kali and Metasploit Framework Ethical Hacking and Penetrate Testing using Kali and Metasploit Framework Mujahid Tabassum Saju Mohanan Department of IT , University of Technology and Department of IT , University,” no. July, 2021.
[7]N. K. Zuin and V. Selvarajah, “A Case Study : SYN Flood Attack Launched Through Metasploit,” vol. 4, no. Iciic, pp. 520–525, 2021.
[8]F. Y. Aslan, “Man-in-the-Middle Attack with WebSploit Tool,” vol. 7, no. 8, pp. 12541–12544, 2020.
[9]A. Arote and U. Mandawkar, “Android Hacking in Kali Linux Using Metasploit Framework,” Int. J. Sci. Res. Comput. Sci. Eng. Inf. Technol., vol. 3307, pp. 497–504, 2021, doi: 10.32628/cseit2173111.
[10]A. Naser, M. Jazzar, D. Eleyan, and A. Eleyan, “Social Engineering Attacks: A Phishing Case Simulation,” Res. Gate, vol. 10, no. 3, pp. 2277–8616, 2021.
[11]R. Santiago Solivan, “Network Security Assessment using Bettercap: DNS Spoofing and How to Mitigate,” Comput. Sci., 2023.
[12]B. Pingle, A. Mairaj, and A. Y. Javaid, “Real-World Man-in-the-Middle (MITM) Attack Implementation Using Open Source Tools for Instructional Use,” IEEE Int. Conf. Electro Inf. Technol., vol. 2018-May, pp. 192–197, 2018, doi: 10.1109/EIT.2018.8500082. 
[13]S. M. Morsy and D. Nashat, “D-ARP: An Efficient Scheme to Detect and Prevent ARP Spoofing,” IEEE Access, vol. 10, no. November, pp. 49142–49153, 2022, doi: 10.1109/ACCESS.2022.3172329.
[14]M. Conti, N. Dragoni, and V. Lesyk, “A Survey of Man in the Middle Attacks,” Jul. 01, 2016, Institute of Electrical and Electronics Engineers Inc. doi: 10.1109/COMST.2016.2548426.
[15]Z. Trabelsi and W. El-Hajj, “ARP spoofing: A comparative study for education purposes,” Proc. 2009 Inf. Secur. Curric. Dev. Annu. Conf. InfoSecCD’09, no. September 2009, pp. 60–66, 2009, doi: 10.1145/1940976.1940989.
[16]M. A. Hussain, H. Jin, Z. A. Hussien, Z. A. Abduljabbar, S. H. Abbdal, and A. Ibrahim, “DNS Protection against Spoofing and Poisoning Attacks,” Proc. - 2016 3rd Int. Conf. Inf. Sci. Control Eng. ICISCE 2016, pp. 1308–1312, 2016, doi: 10.1109/ICISCE.2016.279.
[17]A. Sabitha Banu and G. Padmavathi, “Hybrid Detection and Mitigation of DNS Protocol MITM attack based on Firefly algorithm with Elliptical Curve Cryptography,” EAI Endorsed Trans. Pervasive Heal. Technol., vol. 8, no. 4, 2022, doi: 10.4108/eetpht.v8i4.3081.
[18]A. A. Isah, A.-B. Adamu, A. Awal, A. A. Babajo, and A. Adamu, “A REVIEW OF WIRELESS NETWORKS: WLAN SECURITY AND THREATS,” 2022. [Online]. Available: https://aspjournals.org/ajset/index.php/ajset
[19]P. Cisar and R. Pinter, “Some ethical hacking possibilities in Kali Linux environment,” J. Appl.  Tech. Educ. Sci. jATES, vol. 9, no. 4, pp. 129–149, 2019, [Online]. Available: http://doi.org/10.24368/jates.v9i4.139http://jates.org
[20]Z. Wang, L. Sun, and H. Zhu, “Defining Social Engineering in Cybersecurity,” IEEE Access, vol. 8, pp. 85094–85115, 2020, doi: 10.1109/ACCESS.2020.2992807.
[21]N. N. Pokrovskaia and S. O. Snisarenko, “Social engineering and digital technologies for the security of the social capital’development,” in 2017 International Conference" Quality Management, Transport and Information Security, Information Technologies"(IT&QM&IS), IEEE, 2017, pp. 16–18.
[22]A. M. Aroyo, F. Rea, G. Sandini, and A. Sciutti, “Trust and social engineering in human robot interaction: Will a robot make you disclose sensitive information, conform to its recommendations or gamble?,” IEEE Robot. Autom. Lett., vol. 3, no. 4, pp. 3701–3708, 2018.
[23]A. Yasin, R. Fatima, L. Liu, A. Yasin, and J. Wang, “Contemplating social engineering studies and attack scenarios: A review study,” Secur. Priv., vol. 2, no. 4, p. e73, 2019.
[24]F. Salahdine and N. Kaabouch, “Social engineering attacks: A survey,” Futur. Internet, vol. 11, no. 4, 2019, doi: 10.3390/FI11040089.
[25]G. P. Bhatraju, U. Shanmugam, and B. Indira, “Malware Analysis for Proactive Defence on Cyber Threat Vulnerabilities,” in 2023 Innovations in Power and Advanced Computing Technologies (i-PACT), IEEE, 2023, pp. 1–7.
[26]Y. Kolli, T. K. Mohd, and A. Y. Javaid, “Remote Desktop Backdoor Implementation with Reverse TCP Payload using Open Source Tools for Instructional Use,” 2018 IEEE 9th Annu. Inf. Technol. Electron. Mob. Commun. Conf. IEMCON 2018, no. November, pp. 444–450, 2018, doi: 10.1109/IEMCON.2018.8614801.
[27]A. Hamadi and E. Lisova, “Investigating vulnerabilities in a home network with Kali Linux,” no. February, 2019, [Online]. Available: http://urn.kb.se/resolve?urn=urn:nbn:se:mdh:diva-42612
[28]A. Manglani, T. Desai, P. Shah, and V. Ukani, “Optimized Reverse TCP Shell Using One-Time Persistent Connection,” in Innovations in Information and Communication Technologies (IICT-2020) Proceedings of International Conference on ICRIHE-2020, Delhi, India: IICT-2020, Springer, 2021, pp. 351–358.
[29]E. Nyberg and L. Dinis Ferreira, “Antivirus performance in detecting Metasploit payloads: A Case Study on Anti-Virus Effectiveness,” 2023.