https://github.com/alexeykarnachev/arpstuff
ARP network protocol sandbox
https://github.com/alexeykarnachev/arpstuff
arp-poisoning arp-spoofing c-lang icmp linux-socket
Last synced: 3 months ago
JSON representation
ARP network protocol sandbox
- Host: GitHub
- URL: https://github.com/alexeykarnachev/arpstuff
- Owner: alexeykarnachev
- License: mit
- Created: 2023-03-07T19:22:25.000Z (over 2 years ago)
- Default Branch: master
- Last Pushed: 2023-07-30T19:58:40.000Z (about 2 years ago)
- Last Synced: 2025-02-26T14:32:43.136Z (7 months ago)
- Topics: arp-poisoning, arp-spoofing, c-lang, icmp, linux-socket
- Language: C
- Homepage:
- Size: 58.6 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# ARPSTUFF
Raw linux sockets example of arp spoofing attack
**FOR EDUCATIONAL PURPOSES ONLY, USE ONLY IN YOUR OWN PRIVATE NETWORK!**
## Quick Start
Build:
```bash
./build.sh
```
Discover local addresses:
```bash
./arpstuff discover wlp1s0
```
After few seconds this will output alive local ips:
```
INFO: Starting local IPs discovery
Netmask: 255.255.255.0
Netaddr: 192.168.0.0
Progress: 255/255 (3 alive)
INFO: Local network scanned, we found 3 ips: [192.168.0.1, 192.168.0.105, 192.168.0.101]
```
Select one of them and spoof it (this requires sudo, since it modifies iptables):
```bash
sudo ./arpstuff spoof wlp1s0 192.168.0.101
```
If you see the following message it means that the spoofing is running:
```
INFO: ARP spoof started on victim:
MAC: 11:12:13:14:15:16
IP: 192.168.0.101
```
At this point, the victim's traffic is passing through your machine. You can use wireshark (or any other network sniffer) to check it out.