ARPSPOOF_DETECTOR

Watch value for gateway mac in the arp table

Nice and simple, but will not detect an attack if the tool is executed after the attack.

Analyze "is-at" ARP responses:

Check if IP is gateway IP.

Check if source mac is actually the gateway's mac.

This method will detect attacks even if the attack was launched before the execution of the tool.

#!/usr/bin/env python

import scapy

from scapy.layers.l2 import ARP

from scapy.sendrecv import sniff

def sniff(interface):

    scapy.sendrecv.sniff(iface=interface, store=False, prn=process_sniffed_packet)

def process_sniffed_packet(packet):

    if packet.haslayer(ARP) and packet[ARP].op == 2:

        print(packet.show())

sniff("eth0")

Update the Python code to detect the real attack!

#!/usr/bin/env python

import scapy

from scapy.layers.l2 import ARP, Ether

from scapy.sendrecv import sniff, srp

def get_mac(ip):

    arp_request = ARP(pdst=ip)

    broadcast = Ether(dst="ff:ff:ff:ff:ff:ff")

    arp_request_broadcast = broadcast / arp_request

    answered_list = srp(arp_request_broadcast, timeout=1, verbose=False)[0]

    return answered_list[0][1].hwsrc

def sniff(interface):

    scapy.sendrecv.sniff(iface=interface, store=False, prn=process_sniffed_packet)

def process_sniffed_packet(packet):

    try:

        real_mac = get_mac(packet[ARP].psrc)

        response_mac = packet[ARP].hwsrc

        if real_mac != response_mac:

            print("[+] You are under attack!!")

    except IndexError:

        pass

sniff("eth0")

Python Ethical Hacking - ARPSpoof_Detector的更多相关文章

  1. Python Ethical Hacking - BACKDOORS(8)

    Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specifi ...

  2. Python Ethical Hacking - ARP Spoofing

    Typical Network ARP Spoofing Why ARP Spoofing is possible: 1. Clients accept responses even if they ...

  3. Python Ethical Hacking - NETWORK_SCANNER(2)

    DICTIONARIES Similar to lists but use key instead of an index. LISTS List of values/elements, all ca ...

  4. Python Ethical Hacking - NETWORK_SCANNER(1)

    NETWORK_SCANNER Discover all devices on the network. Display their IP address. Display their MAC add ...

  5. Python Ethical Hacking - MAC Address & How to Change(3)

    SIMPLE ALGORITHM Goal  -> Check if MAC address was changed. Steps: 1. Execute and read ifconfig. ...

  6. Python Ethical Hacking - MAC Address & How to Change(2)

    FUNCTIONS Set of instructions to carry out a task. Can take input, and return a result. Make the cod ...

  7. Python Ethical Hacking - MAC Address & How to Change(1)

    MAC ADDRESS Media Access Control Permanent Physical Unique Assigned by manufacturer WHY CHANGE THE M ...

  8. Python Ethical Hacking - The Lab and Needed Software

    The Lab and Needed Software Attacker Machine - Kali Linux https://www.kali.org/ 1. Install the softw ...

  9. Python Ethical Hacking - Basic Concetion

    What is Hacking? Gaining unauthorized access. Hackers? 1.Black-hat Hackers 2.White-hat Hackers 3.Gre ...

随机推荐

  1. OS_进程调度:C++实现

    实验二.进程调度模拟实验 一.实验目的: 本实验模拟在单处理机环境下的处理机调度,帮助理解进程调度的概念,深入了解进程控制块的功能,以及进程的创建.撤销和进程各个状态间的转换过程. 二.实验内容: 进 ...

  2. Selenium自动化测试与练习

    Selenium WebDriver 提供了web自动化各种语言(java python ruby等等) 调用接口库 提供 各种浏览器的驱动(web driver) 来驱动浏览器的 特点 测试程度可以 ...

  3. Ubuntu下安装PIL

    Ubuntu下安装PIL 1)sudo apt-get install libjpeg-dev 2)sudo apt-get install libfreetype6-dev 3)sudo easy_ ...

  4. 3、尚硅谷_SSM高级整合_使用ajax操作实现修改员工的功能

    当我们点击编辑案例的时候,我们要弹出一个修改联系人的模态对话框,在上面可以修改对应的联系人的信息 这里我们我们要编辑按钮添加点击事件弹出对话框 第一步:在页面中在新增一个编辑联系人的模态对话框 第二步 ...

  5. jfinal运行时报错分析java.lang.ClassNotFoundException: com.sun.faces.config.ConfigureListener

    这里解释一下,我用maven jetty运行没啥问题的项目,当我切换tomcat时候出现如下错误. 问题1. - jar not loaded. See Servlet Spec 3.0, secti ...

  6. java-IO流(commons-io-2.6)使用教程

    工具库下载: https://pan.baidu.com/s/1tXXF4zjIfJ9ouObsU5RTpA  提取码:214v 1.打开IDEA 2.在模块下新建个lib文件夹将框架复制进去 3.点 ...

  7. 2020年IDEA破解激活码永久

    我想很多做开发的小伙伴和小编一样,和往常一样开机搬砖. 打开idea的时候,会收到一个个提示,也是idea许可证过期啦,需要重新激活! 那怎么办呢?我最近发现了一个相对稳定的激活码 . 亲测可用.现在 ...

  8. 计算机网络之tcp四次挥手

    TCP的四次挥手(Four-Way Wavehand)1.前言对于"三次握手"我们耳熟能详,因为其相对的简单.但是,我们却不常听见“四次挥手”,就算听过也未必能详细地说明白它的具体 ...

  9. swift对象存储安装

    对象存储服务概览 OpenStack对象存储是一个多租户的对象存储系统,它支持大规模扩展,可以以低成本来管理大型的非结构化数据,通过RESTful HTTP 应用程序接口. 它包含下列组件: 代理服务 ...

  10. 【博弈】HDU - 5963 朋友

    题目 B君在围观一群男生和一群女生玩游戏,具体来说游戏是这样的: 给出一棵n个节点的树,这棵树的每条边有一个权值,这个权值只可能是0或1. 在一局游戏开始时,会确定一个节点作为根.接下来从女生开始,双 ...