if arp poisoning yes then why credential sniff no?
this is my project for school on ethical hacking and i'm running into a weird problem,
my lab on VMWARE
pfsense 172.16.10.2
kali 172.16.10.100
ubuntu 172.16.10.101
tools : wireshark to capture and ettercap
so basically i used ettecap and i captured on wireshark that arp poisoning is working and using ip neigh show on ubuntu shows that it think pfsense has kali's MAC add, so logically i thoght that im intercepting and it shows that the routing is going thru kali HOWEVER trying to credential sniff and using a simple log in page on ububtu i enter username and password and when i capture the traffic and filter http post i saw that its not being captured and i tried to manyy things i am so confused on how to fix pleaseeee help ( im new so be niiiiice)