ARP spoofing, no connection on target device

since a few days i’m interested in sniffing/spoofing. I’m running Kali as a Host and MITMf (0.9.8).

My command ist:

python mitmf.py --arp --spoof --gateway X.X.X.1 --target X.X.X.2 -i wlan0 

Everything runs with no error. The Target Device has internet connection and can connect to every HTTPS website like google, youtube and so on. But if the target device wants to connect to a HTTP site, it doesn’t load, like there is no connection.

IP forwarding is enabled.

Does someone know, where the issue could be?

Does the “use magic device” feature of the thief subclass allow you to attune to items requiring you to be a spellcaster?


Use Magic Device

By 13th level, you have learned enough about the workings of magic that you can improvise the use of items even when they are not intended for you. You ignore all class, race and level requirements on the use of magic items.

This allows the rogue to attune to “sorcerer/wizard/warlock only” items. But is the restriction “requires attunement by a spellcaster” also covered by the trait?

The official “spellcaster restriction” is explained as follows:

If the prerequisite is to be a spellcaster, a creature qualifies if fit can cast at least one spell using its traits or features, not using magic items or the like.

The problem I have with that is, that I think RAW use magic device does not let you use an item restricted to “spellcasters”, but generally those items are supposed to be less restricted than other items which might be class exclusive. Did I overlook something?

Is it possible to debunk Intel Management Engine conspiracy theories using a data usage monitor device?

If there would be any backdoor in recent Intel CPU’s, then it should send and receive data secretly.

Isn’t it possible to easily debunk this conspiracy theory by implementing a third physical device between the computer and the router to find out if there’s a difference between the amount of data transferred as reported inside the operating system and the actual amount of data that the third device in the middle counts?

Which originally published items does Use Magic Device from the Thief subclass cover?

This class feature seemed to me dead-on-arrival when published.

It’s unclear exactly what items originally presented in the DMG or PHB that this feature was originally intended to work with.

  • Exactly which items in the DMG or PHB are made usable by a level 13 Thief when granted the Use Magic Device class feature?

  • Of those items, which of them are meaningfully useful to a creature that doesn’t meet the requirements?

    (For example: Pearl of Power does nothing for a Thief even if they can ignore the class requirement of “spellcaster” so it is not meaningfully useful.)

Extending this question to all published works would be too vast of a question, but this should be a reasonable ask.

Can somebody straighten my (hopefully) confusion about USB device security in Windows once and for all?

Am I really understanding things correctly if I claim that:

  1. If an USB stick/device is inserted into a PC running Windows, currently in “lock screen” mode (that is, somebody has pressed WinKey + L), it will auto-mount it behind the scenes?
  2. If an USB stick/device is inserted into a PC running Windows, currently NOT in “lock screen” mode, it will auto-mount it by default?
  3. In both cases above, will it ever run any kind of executable found on it by default? (Like which I believe used to be the case for setup.exe on CD-ROMs back in the day.)
  4. Regardless of all of the above, will Windows ever auto-install DRIVERS found on the device itself when inserted into the PC (with or without lock screen)? Or is just the “device id” grabbed from the stick/device and then the appropriate drivers are downloaded from Microsoft’s secure, curated servers based on the device id?
  5. Why exactly are “drivers” needed whatsoever? Isn’t it using the USB standard? And also the “mass storage” standard? I don’t understand why it would ever need special “drivers” for a standard device…?
  6. Is the idea that sticking a USB stick/device into a PC is insecure in itself complete nonsense? Is not the truth that the user would have to actively select “Yes, please install the drivers from this random unknown device” or “Yes, please run this untrusted EXE found on this stick you just inserted and which I auto-mounted for you but would never run anything on without your active consent”? I get the same feeling as when people claim to get “hacked” constantly, but then it turns out they ran some binary e-mail attachment or clicked a big red box saying: “WARNING! Do you really want to run this EXE from sketchy-hack-toolz-4-u.ru?”… but nothing would surprise me at this point, frankly.

I wonder this both for the current Windows 10 and also for all previous versions of Windows.

How to capture an input device and prevent it’s default behavior

I have an RFID tag reader. But it works like a HID device (like a keyboard). It sends keystrokes to the computer when a tag is scanned. When I open notepad and scan a tag – it types the ID one digit at a time. Is there a way to create a program to listen to this device (or this port) and capture (intercept) all input. So that the keystrokes wouldn’t appear on my system but I could assign my own events when the device sends and input. I don’t want it to show up on Notepad.

I realize that the implementation can differ depending on the OS and programming language used. Ideally, I would like to make this work on both Windows and Linux. I would prefer to use something like Node.js but I suppose C could also be good.

I would appreciate any hints or pointing me in the right direction.

enter image description here

Does an Artificer’s Magic Item Savant and a multiclassed Thief Rogue’s Use Magic Device allow them to benefit from a Rod of the Pact Keeper?

The Artificer’s Magic Item Savant feature states the following:

At 14th level, your skill with magic items deepens more:
• You can attune to up to five magic items at once.
• You ignore all class, race, spell, and level requirements on attuning to or using a magic item.

The Thief Rogue’s Use Magic Device feature states the following:

By 13th level, you have learned enough about the workings of magic that you can improvise the use of items even when they are not intended for you. You ignore all class, race, and level requirements on the use of magic items.

Rod of the Pact Keeper states the following:

While holding this rod, you gain a +1 bonus to spell attack rolls and to the saving throw DCs of your warlock spells.

In addition, you can regain one warlock spell slot as an action while holding the rod. You can’t use this property again until you finish a long rest.

Since these features allow an Artificer or a multiclassed Thief Rogue to ignore “class” requirements when using a Rod of the Pact Keeper, would they ignore all instances of “Warlock” in the text and benefit from the general bonus to spell attack rolls and saving throw DCs, and be able to regain one spell slot?

Related questions:
1. What requirements does the Artificers Magic Item Savant feature ignore?
2. Does an Artificer's Magic Item Savant and a Thief Rogue's Use Magic Device allow them to benefit from a Holy Avenger's 30-foot aura?

Does an Artificer’s Magic Item Savant and a Thief Rogue’s Use Magic Device allow them to benefit from a Holy Avenger’s 30-foot aura?

The Artificer’s Magic Item Savant feature states the following:

At 14th level, your skill with magic items deepens more:
• You can attune to up to five magic items at once.
• You ignore all class, race, spell, and level requirements on attuning to or using a magic item.

The Thief Rogue’s Use Magic Device feature states the following:

By 13th level, you have learned enough about the workings of magic that you can improvise the use of items even when they are not intended for you. You ignore all class, race, and level requirements on the use of magic items.

Holy Avenger states the following:

While you hold the drawn sword, it creates an aura in a 10-foot radius around you. You and all creatures friendly to you in the aura have advantage on saving throws against spells and other magical effects. If you have 17 or more levels in the paladin class, the radius of the aura increases to 30 feet.

Since these features allow an Artificer or Thief Rogue to ignore “class” requirements when using the Holy Avenger, would they gain the benefit of the 30-foot aura?

Furthermore, since they also ignore “level” requirements when using the Holy Avenger, can they benefit from the 30-foot aura at 14th and 13th level, respectively?

Related questions:
1. What requirements does the Artificers Magic Item Savant feature ignore?
2.