https://github.com/ickerwx/arpspoof
ARP poisoning tool written in python with command line interface to add and remove targets on the fly
https://github.com/ickerwx/arpspoof
arp-poisoning arpspoof gateway penetration-testing python scapy spoofing
Last synced: 5 months ago
JSON representation
ARP poisoning tool written in python with command line interface to add and remove targets on the fly
- Host: GitHub
- URL: https://github.com/ickerwx/arpspoof
- Owner: ickerwx
- Created: 2015-03-15T11:22:34.000Z (about 10 years ago)
- Default Branch: master
- Last Pushed: 2016-12-19T20:08:39.000Z (over 8 years ago)
- Last Synced: 2024-08-05T09:15:52.994Z (8 months ago)
- Topics: arp-poisoning, arpspoof, gateway, penetration-testing, python, scapy, spoofing
- Language: Python
- Size: 117 KB
- Stars: 36
- Watchers: 3
- Forks: 21
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-network-stuff - **8**星
README
# arpspoof.py - An ARP poisoning tool
arpspoof.py is a small tool I wrote because I was annoyed with my ARP spoofing workflow. Also, I wanted to brush up my scapy knowledge.
## Dependencies
You will need scapy and Python 2, nothing else.
## Usage
```
$ python2 arpspoof.py -h
usage: arpspoof.py [-h] [-i INTERFACE] -t TARGETS -g GATEWAY
Do ARP poisoning between a gatway and several targets
optional arguments:
-h, --help show this help message and exit
-i INTERFACE, --interface INTERFACE
interface to send from
-t TARGETS, --targets TARGETS
comma-separated list of IP addresses
-g GATEWAY, --gateway GATEWAY
IP address of the gateway
```
As you can see from the output above, the typical usage scenario is that you want to intercept data between one gateway and one or more targets. The -t and -g parameters are required, the -i parameter might be useful if you have multiple connected interfaces.
```
$ sudo python2 arpspoof.py -t 192.168.1.234 -g 192.168.1.1
Using interface wifi0 (60:67:20:42:fb:de)
arpspoof#
```
After starting, you will find yourself at a command prompt. At this time, the ARP poisoning is already going on in the background.
```
arpspoof# help
add : add IP address to target list
del : remove IP address from target list
list: print all current targets
exit: stop poisoning and exit
arpsoof#
```
Typing help will bring up a list of commands.
- add/del will modify the list of targets. At the moment, I haven't found the need to change the gateway, so this is not possible right now
- list will list all current targets and the gateway
- exit will exit, who would have thought...
```
arpspoof# list
Current targets:
Gateway: 192.168.1.1 (00:00:00:00:00:01)
192.168.1.234 (00:00:00:00:00:02)
arpspoof# exit
Stopping the attack, restoring ARP cache
ARP 192.168.1.1 is at 00:00:00:00:00:01
ARP 192.168.1.234 is at 00:00:00:00:00:02
ARP 192.168.1.1 is at 00:00:00:00:00:01
ARP 192.168.1.234 is at 00:00:00:00:00:02
ARP 192.168.1.1 is at 00:00:00:00:00:01
ARP 192.168.1.234 is at 00:00:00:00:00:02
Restored ARP caches
$
```
After receiving the exit command, arpspoof.py will restore the ARP caches of the gateway and the targets by sending three correct ARP responses.
## TODO
- implement a command to change the gateway
- find a less ugly way of implementing the command prompt logic