Last active
September 29, 2021 00:37
-
-
Save An4ndita/b35e492af1129d52f1c84ceab596742a to your computer and use it in GitHub Desktop.
Program to detect ARPSPOOF attack
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import scapy.all as scapy | |
def mac(ipadd): | |
arp_request = scapy.ARP(pdst=ipadd) | |
br = scapy.Ether(dst="ff:ff:ff:ff:ff:ff") | |
arp_req_br = br / arp_request | |
list_1 = scapy.srp(arp_req_br, timeout=5, verbose=False)[0] | |
return list_1[0][1].hwsrc | |
def sniff(interface): | |
scapy.sniff(iface=interface, store=False, prn=process_sniffed_packet) | |
def process_sniffed_packet(packet): | |
if packet.haslayer(scapy.ARP) and packet[scapy.ARP].op == 2: | |
originalmac = mac(packet[scapy.ARP].psrc) | |
responsemac = packet[scapy.ARP].hwsrc | |
if originalmac != responsemac: | |
print("[*] ALERT!! You are under attack, the ARP table is being poisoned.!") | |
sniff("eth0") |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment