Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/gill-singh-a/arp-spoofer

A Python Program that does ARP Spoofing on the given targets, implementing a Man-in-the-Middle Attack.
https://github.com/gill-singh-a/arp-spoofer

arp arp-spoofing attack lan network networking python wireless

Last synced: 8 days ago
JSON representation

A Python Program that does ARP Spoofing on the given targets, implementing a Man-in-the-Middle Attack.

Host: GitHub
URL: https://github.com/gill-singh-a/arp-spoofer
Owner: Gill-Singh-A
Created: 2023-04-12T18:43:20.000Z (over 1 year ago)
Default Branch: master
Last Pushed: 2024-01-28T22:08:12.000Z (10 months ago)
Last Synced: 2024-05-11T05:49:27.477Z (6 months ago)
Topics: arp, arp-spoofing, attack, lan, network, networking, python, wireless
Language: Python
Homepage:
Size: 5.86 KB
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# ARP Spoofer
A Python Program that does ARP Spoofing on the given targets, implementing a Man-in-the-Middle Attack.

During the runtime of this program, each packet that is sent/recieved by the Target goes through our Device.

## Requirements
Languange Used = Python3

Modules/Packages Used:
* re
* os
* datetime
* optparse
* subprocess
* threading
* time
* colorama
* scapy

## Input
The arp_spoofer.py takes the following arguments through the command that is used to run the Python Program:
* '-g', "--gateway" : IP Address of Gateway of the Network
* '-t', "--target" : IP Address of Target/Targets to Spoof (seperated by ',')
* '-i', "--interface" : Delay between sending ARP Packets to the Targets (Default = 5 seconds)
* '-d', "--delay" : Delay between sending ARP Packets to the Targets (Default = 5 seconds)
* '-l', "--load" : Load Targets from a file

## Working of ARP Spoofing Attack
In a Network, devices identify and communitcate with each other using their MAC Addresses (Media Access Control Address). They get to know about the IP Address and MAC Address of the other devices connected to the same network using ARP (Address Resolution Protocol)

The vulnerability of ARP that is exploited here is that there is no verfication process to check if the ARP Response Packet recieved by a device came from the device that is mentioned as 'source' in the packet.

## Working
After getting all the required arguments, the program starts spoofing the targets.

It first enables IPv4 Routing, so that the traffic through our device can flow. It does that by writing '1' to file '/proc/sys/net/ipv4/ip_forward'.

It then creates threads for each target to spoof simultaneously.

In each thread, it first creates an ARP response with our Device's MAC Address as the source MAC and Gateway's IP as the source IP and sends it to the target. As in ARP, there is no verification process regarding that the packet is sent by the device that is mentioned in the source of the packet, so the target stores that our MAC Address is the MAC Address of the Gateway. And similar is done for the Gateway.

The Programs sends the ARP Response Packets to the Targets and Gateway in regular intervals. That is the delay provided by the user.

The delay should be about 5 seconds, because if the delay is small it would flood the network with the ARP Response Packets or if the delay is too long the ARP Spoofing may not work as default MAC Addresses may get restored.

On closing the Program with CTRL+C (KeyboardInterrupt), it first disables IPv4 Routing by writing '0' to '/proc/sys/net/ipv4/ip_forward'. And then sending the ARP Responsed to Targets and Gateway with the original MAC Addressed to restore the normal working of the network.

### Note
We can hide our identity by changing our Device's MAC Address.

See [Mac Address Changer](https://github.com/Gill-Singh-A/MAC-Address-Changer.git) for more information.