def main(): args_parser() try: #No store of the packet but analyzing on fly sniff(iface=INTERFACE, store=False, prn=analyse_pkt) except KeyboardInterrupt: print('', end='\n\n')
def main(): args_parser() #Detection of passwords cprint(LINE + '\n Detection of passwords \n' + LINE, 'red', attrs=[ 'bold', ]) try: #No store of the packet but analyzing on fly sniff(iface=INTERFACE, store=False, prn=analyze_pkt) except KeyboardInterrupt: cprint(LINE, 'red', attrs=[ 'bold', ], end='\n\n')
from scapy.layers.l2 import ARP, Ether, sniff DB = {} def scarpwatch_callback(pkt): if ARP in pkt: ip, mac = pkt[ARP].psrc, pkt[ARP].hwsrc if ip in DB: if mac != DB[ip]: if Ether in pkt: target = pkt[Ether].dst else: target = "%s?" % pkt[ARP].pdst return "poisoning attack: target=%s victim=%s attacker=%s" % ( target, ip, mac) else: DB[ip] = mac return "Oh !!!! gathering info from router %s=%s" % (mac, ip) sniff(store=0, prn=scarpwatch_callback)
if ARP in pkt: ip, mac = pkt[ARP].psrc, pkt[ARP].hwsrc if ip in db: if mac != db[ip]: if Ether in pkt: target = pkt[Ether].dst else: target = "%s?" % pkt[ARP].pdst return "[!]:Worning! :>> Poisoning Attack: Target: {} | Victem: {} | Attacker: {} ".format( target, ip, mac) else: db[ip] = mac return "[!]Warning :>> SomeOne Is Trying To Gathering info from Router: | {} | {} ".format( mac, ip) # Start Checking ... :) print("\n[#] Checking NetWork Start [#]\n") sniff(store=0, prn=security) #Done! :) ############################################################## ##################### ######################### ##################### END OF SCRIPT ######################### ##################### ######################### ############################################################## #This SCRIPT by Oseid Aldary #Have a nice day :) #GoodBye
# sys.exit(0) #else: # print "Gateway MAC Address is %s" % gateway_mac print "Target ip is %s" % target_ip target_mac = get_mac(target_ip) #target_mac = sr(ARP(op=ARP.who_has, psrc="192.168.1.12", pdst=target_ip)) if target_mac is None: print "<!> Failed to get Target MAC Address" sys.exit(0) else: print "Target MAC Address is %s" % target_mac #Start poisoning poison_thread = threading.Thread(target=poison_target, args=(gateway_ip, gateway_mac, target_ip, target_mac)) poison_thread.start() #Sniff connection try: print "Starting sniffer for %d packets" % packet_count bpf_filter = "ip host %s" % target_ip packets = sniff(count=packet_count, filter=bpf_filter, iface=interface) wrpcap('arper.pcap', packets) restore_target(gateway_ip, gateway_mac, target_ip, target_mac) except KeyboardInterrupt: restore_target(gateway_ip, gateway_mac, target_ip, target_mac) sys.exit(0)
logFormatter = logging.Formatter( "%(asctime)s [%(threadName)-12.12s] [%(levelname)-5.5s] %(message)s") fileHandler = logging.FileHandler("{0}.log".format('access')) fileHandler.setFormatter(logFormatter) logger.addHandler(fileHandler) def arp_monitor_callback(pkt): if ARP in pkt and pkt[ARP].op == ARP.who_has: mac_address = pkt[ARP].hwsrc if mac_address not in known_devices.keys(): return pkt.sprintf("%ARP.hwsrc% %ARP.psrc% %ARP.op% {}".format( known_devices.get(mac_address, "Unknown"))) elif mac_address in master_devices.keys(): logger.info("Master device was detected {}".format( master_devices.get(mac_address))) # return pkt.sprintf("Master device was detected {}".format(master_devices.get(mac_address))) if __name__ == "__main__": configure_logger() with open(os.path.join('conf', 'known-devices.json'), 'r') as conf: data = conf.read() known_devices = json.loads(data) with open(os.path.join('conf', 'master-devices.json'), 'r') as conf: data = conf.read() master_devices = json.loads(data) sniff(prn=arp_monitor_callback, filter="arp", store=0)
def detect_spoofer(interface): ''' Detect ARP spoofing ''' sniff(iface=interface, store=False, prn=check_pkt)