Hard Wired Man in the Middle Logging

I am wanting to set up a single logging point on my home network that logs URLs and search terms to monitor teenagers… um… activity.

I was thinking of setting up a computer between the cable modem and the router, which would capture all network traffic. The upside would be no need for arp spoofing, the downside would be you would lose specific device information for if the traffic was on a wireless tablet vs wired PC.

I have played with Kali a little, and while there are some cool things like driftnet, urlsnarf, and arpspoof, they all seem to be to target a single device, and seems most tutorials are for creating wireless hotspots.

With thousands of tools available, I am not sure where to start on this, where I am wanting basically a consolidated browser history from all devices on the network.

I have a PC with a 4 port GB network card and an SSD available with Kali installed. Is my plan of putting it between the router and modem good, or should I stick with arp spoofing past the router? The router is a Linksys 1200AC.

Can you spend a bonus action in the middle of an attack?

Say you’re a Paladin, and you want to cast Searing Smite.

Can I roll my attack, see the result, and decide if I want to spend my Bonus Action on Searing Smite before the outcome is determined?

Taking this a step further, can I do it after the outcome is known (so I know I will hit)?

Relevant quotes from Jeremy Crawford, DnD 5E Development Lead:

  • (1) You make an attack roll. (2) You hit or miss. (3) You roll damage if you hit. "When you hit" happens at number 2.
  • {The quote below} was addressing bonus actions and reactions that have triggers. A bonus action that has no trigger—such as Cunning Action and the misty step spell—can take place whenever you want on your turn (PH, 189).
  • No general rule allows you to insert a bonus action between attacks in a single action. You can interrupt a multiple-attack action with a bonus action/reaction only if the trigger of the bonus action/reaction is an attack, rather than the action.

Crawford’s quotes above are about timing related to things like spending a Bonus Action between attacks, or defining how certain abilities determine when the "hit" is calculated in the damage formula. My question is, can something as general as a Bonus Action interfere with the "steps" of the Attack roll?

We know that something like the Shield spell can directly interfere with these steps (as the spell’s trigger requires an attack that "hits" you, but then the AC bonus applied can then negate that hit from occurring). However, is that specifically due to the Shield spell’s trigger and magical effect, or is it using a general rule?

Other, related questions:

  • Can you use a bonus action from Cunning Action in the middle of an Attack action?
  • Can you use a bonus action between the separate attacks of a spell?

Finding the middle point of the “most populated” area in a set of points?

I’m working on a game-related application, and I’m trying to find the middle point of the most populated area in my map.


Positions (format [x, y]) :  [48, 49] [51, 50] [49, 50] [51, 49] [49, 48] [130, 150] [129, 148]  Excepted output : [50, 50] or something close enough like [49, 51], [51, 50] 

To create this algorithm I’ve access to all entities position (X/Y) I’ve tried by creating a position using X average and Y average but it’s not what i’m looking for (using example values output would have been [75, 75] or something like this and not [50, 50] as excepted)

Here is an example image:
Red dot: Entities
Green dot: Position i’m looking for
enter image description here

Thanks for reading and for your help!

Why Man In The Middle (MITM) is not working with my Huawei router?

Man-in-the-Middle is not working with my router (Huawei) on my Windows machine/any device.

But it works with another router on my same Windows machine/any device.

When I doing MITM with Huawei router:

Linux MAC: a0:af:bd:c5:21:87   Router's MAC: 7c-11-cb-1f-ad-85 

My Windows ARP table before doing MITM on it:

c:\Users\acer>arp -a  Interface: --- 0x4  Internet Address        Physical Address      Type             7c-11-cb-1f-ad-85     dynamic           ff-ff-ff-ff-ff-ff     static             01-00-5e-00-00-16     static 

arpspoof script to do MITM:

1st terminal:

arpspoof -i wlan0 -t 

2nd terminal:

arpspoof -i wlan0 -t 

Then the Widows machine ARP table is:

c:\Users\acer>arp -a  Interface: --- 0x4  Internet Address        Physical Address      Type             7c-11-cb-1f-ad-85     dynamic           a0:af:bd:c5:21:87     dynamic           ff-ff-ff-ff-ff-ff     static             01-00-5e-00-00-16     static 

I tried with bettercap, ettercap, my own python script and I done ‘echo 1 > /proc/sys/net/ipv4/ip_forward’ in Linux. It is still not working! Not capturing anything.

The expected ARP table on Windows:

Interface: --- 0x4  Internet Address        Physical Address      Type             a0:af:bd:c5:21:87     dynamic           ff-ff-ff-ff-ff-ff     static             01-00-5e-00-00-16     static 

Should I allow my players to change their characters in the middle of my campaign?

Two of my players, asking if they can change their characters, mid game. Their reason being that they don’t really like there characters anymore, and don’t feel any energy towards being them anymore.

I would usually allow them to do it, though it’s in the middle of the campaign, but I have been setting up a character plot twist for quite some time, and had just barely connected the characters together.

So I thought OK don’t allow them… However if they were to be playing a character that they don’t really want to play anymore, they probably wouldn’t care whether they mess up the game.

This is where my predicament is, their new characters that they made have nothing to do with anything that is going on; no relation to the other characters, zip. I don’t want to have to start from scratch, however I want the others to have fun too… and feel excited about their characters. The other players don’t really appreciate them changing character… What should I do?

How does BLE secure connection ensure man in the middle protection?

I understand BLE secure connection pairing mode is improvement over Legacy Pairing. The issue with legacy pairing was intial TK value can easily be bruteforce by an attacker.

In contrast, in secure connection, both device start by generating ECDH key pair and exchange public key.

Since BLE doesn’t use certificate for public key, how would a device know if the public key actually belong to the entity it wants to communicate with.

I know later in pairing, there is confirmation check but that’s similar idea to legacy pairing, just sequence is changed.

Man in the middle after evil twin

I’ve set up an Evil twin access point using the aircrack suite, what i’m missing is how to complete the man in the middle access point side like the picture shown below, i’ve been suggested ettercap but i’m not familiar with it.

The goal is: enstablish a connection between evil twin and access point and trick the access point to think the evil twin is the client.

Any help?

enter image description here