-
-
Save outhex/3caef8ee5e9d277d228d70e655790973 to your computer and use it in GitHub Desktop.
Program to detect ARPSPOOF attack
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import scapy.all as scapy | |
def mac(ipadd): | |
arp_request = scapy.ARP(pdst=ipadd) | |
br = scapy.Ether(dst="ff:ff:ff:ff:ff:ff") | |
arp_req_br = br / arp_request | |
list_1 = scapy.srp(arp_req_br, timeout=5, verbose=False)[0] | |
return list_1[0][1].hwsrc | |
def sniff(interface): | |
scapy.sniff(iface=interface, store=False, prn=process_sniffed_packet) | |
def process_sniffed_packet(packet): | |
if packet.haslayer(scapy.ARP) and packet[scapy.ARP].op == 2: | |
originalmac = mac(packet[scapy.ARP].psrc) | |
responsemac = packet[scapy.ARP].hwsrc | |
if originalmac != responsemac: | |
print("[*] ALERT!! You are under attack, the ARP table is being poisoned.!") | |
sniff("eth0") |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment