I have tried to build an arp spoofing project that performs MITM attacks (for educational purposes only). I am using c++ raw sockets. When I tested it out, I sent the fake arp packets to the victims and I had noticed that my own arp table got affected.
Why would the OS read outgoing packets and interpret them as incoming? Is it possible to tell the os to not read from a specific socket/file descriptor?
The picture I had in my mind was that for each socket there are two buffers; one for sending and one for receiving. That is why we can use the same socket for sending and receiving from multiple threads.
I would like to have someone explain what’s going on behind the scene when we create a socket.
Where are the buffers for sending and receiving stored? Can I access them without send/recv functions?
Source: Windows Questions C++