paran0ids0ul / arpspoof Goto Github PK
View Code? Open in Web Editor NEWThis project forked from smikims/arpspoof
Performs an ARP spoofing attack using the Linux kernel's raw sockets
This project forked from smikims/arpspoof
Performs an ARP spoofing attack using the Linux kernel's raw sockets
What I've done: The arp.c file sends 2 ARP requests, one to the default gateway and one to the victim, to get their MAC addresses. I then use these addresses to construct a phony ARP response to the victim that tells them that I am their default gateway. Some operating systems (e.g. Linux) are very suspicious of spurious ARP responses like this and will quickly figure out the ruse, but Windows will happily chug along in blissful ignorance until you annoy it by taking too long to respond to requests. To prevent even this weak defense mechanism from deploying, the program has an option to keep resending the phony packet every X number of seconds. Note: if it takes more than about 1 second to print the second line you probably got a response from the wrong person, so try again. Syntax: ./arp VICTIM_IP [ TIME_INTERVAL (in seconds) ] [ -q (quiet mode) ] Another note: setting the time interval to 0 means only one packet is sent The sweep.sh file gets the current IP address and routing prefix in CIDR notation and from this calculates the netmask, then uses this information to ping sweep everyone on the current subnet and attempt to send phony ARP packets to them using the arp.c program. Obviously you shouldn't do this unless you know exactly who will be affected by it and you're prepared to handle the consequences. There is also a flag to do only the ping sweep and not attempt the spoofing, which prints out the IP addresses of everyone who responded in some fashion to the ping from the tcping program (not mine) on port 6000. For some reason I was unable to determine, Windows responds to random TCP connections on port 6000 but firewalls almost everything else, including ICMP. Go figure. Syntax: ./sweep.sh INTERFACE_NAME [ -p (ping only) ] cage.sh is a simple URL rewriter script for Squid--it just takes any URL and turns it into a picture of Nicolas Cage. There are also some other relevant things, for example the sample website is available under the http directory, and the Apache and Squid configuration files are here as well. And one more thing that doesn't really fit neatly anywhere else: the iptables rule to redirect the traffic. By default Linux just forwards any IP packets destined for elsewhere, so the ARP spoof by itself won't really affect anything other than making the victim's packets pass through your machine. However, since it's *your* machine, you can have your way with them, so we set up iptables to redirect anything coming through port 80 to port 3129 on our machine, which Apache is listening on as well as Squid (just make sure you've set them up not to conflict if you're running both). Note that HTTPS (port 443) is significantly harder to mess with, so I don't try. iptables rule (run as root): iptables -t nat -A PREROUTING -p tcp --dport 80 -i $INTERFACE_NAME -j DNAT \ --to $DEST_IP:$DEST_PORT Things you change yourself are prefixed with $'s this time to distinguish from literal ALLCAPS arguments. P.S. if you didn't notice, there's a Makefile to build arp.c with the correct options.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.