ARPSPOOF_DETECTOR

Watch value for gateway mac in the arp table

Nice and simple, but will not detect an attack if the tool is executed after the attack.

Analyze "is-at" ARP responses:

Check if IP is gateway IP.

Check if source mac is actually the gateway's mac.

This method will detect attacks even if the attack was launched before the execution of the tool.

#!/usr/bin/env python

import scapy

from scapy.layers.l2 import ARP

from scapy.sendrecv import sniff

def sniff(interface):

    scapy.sendrecv.sniff(iface=interface, store=False, prn=process_sniffed_packet)

def process_sniffed_packet(packet):

    if packet.haslayer(ARP) and packet[ARP].op == 2:

        print(packet.show())

sniff("eth0")

Update the Python code to detect the real attack!

#!/usr/bin/env python

import scapy

from scapy.layers.l2 import ARP, Ether

from scapy.sendrecv import sniff, srp

def get_mac(ip):

    arp_request = ARP(pdst=ip)

    broadcast = Ether(dst="ff:ff:ff:ff:ff:ff")

    arp_request_broadcast = broadcast / arp_request

    answered_list = srp(arp_request_broadcast, timeout=1, verbose=False)[0]

    return answered_list[0][1].hwsrc

def sniff(interface):

    scapy.sendrecv.sniff(iface=interface, store=False, prn=process_sniffed_packet)

def process_sniffed_packet(packet):

    try:

        real_mac = get_mac(packet[ARP].psrc)

        response_mac = packet[ARP].hwsrc

        if real_mac != response_mac:

            print("[+] You are under attack!!")

    except IndexError:

        pass

sniff("eth0")

Python Ethical Hacking - ARPSpoof_Detector的更多相关文章

  1. Python Ethical Hacking - BACKDOORS(8)

    Cross-platform hacking All programs we wrote are pure python programs They do not rely on OS-specifi ...

  2. Python Ethical Hacking - ARP Spoofing

    Typical Network ARP Spoofing Why ARP Spoofing is possible: 1. Clients accept responses even if they ...

  3. Python Ethical Hacking - NETWORK_SCANNER(2)

    DICTIONARIES Similar to lists but use key instead of an index. LISTS List of values/elements, all ca ...

  4. Python Ethical Hacking - NETWORK_SCANNER(1)

    NETWORK_SCANNER Discover all devices on the network. Display their IP address. Display their MAC add ...

  5. Python Ethical Hacking - MAC Address & How to Change(3)

    SIMPLE ALGORITHM Goal  -> Check if MAC address was changed. Steps: 1. Execute and read ifconfig. ...

  6. Python Ethical Hacking - MAC Address & How to Change(2)

    FUNCTIONS Set of instructions to carry out a task. Can take input, and return a result. Make the cod ...

  7. Python Ethical Hacking - MAC Address & How to Change(1)

    MAC ADDRESS Media Access Control Permanent Physical Unique Assigned by manufacturer WHY CHANGE THE M ...

  8. Python Ethical Hacking - The Lab and Needed Software

    The Lab and Needed Software Attacker Machine - Kali Linux https://www.kali.org/ 1. Install the softw ...

  9. Python Ethical Hacking - Basic Concetion

    What is Hacking? Gaining unauthorized access. Hackers? 1.Black-hat Hackers 2.White-hat Hackers 3.Gre ...

随机推荐

  1. Jmeter系列(21)- 详解 HTTP Request

    如果你想从头学习Jmeter,可以看看这个系列的文章哦 https://www.cnblogs.com/poloyy/category/1746599.html HTTP Request 介绍 用来发 ...

  2. WeChair项目Alpha冲刺(7/10)

    团队项目进行情况 1.昨日进展    Alpha冲刺第七天 昨日进展: 前端:页面修改和完善,安排页面美化 后端:和前端成功交互,数据解密成功 数据库:修改数据表属性,与后端部署数据库交互 2.今日安 ...

  3. Jmeter之仿真高并发测试-集合点

    场景: 大家在使用Jmeter测试的时候应该发现了, (1)线程启动了就会直接发送测试请求:--如果要模拟在一瞬间高并发量测试的时候,需要调高线程数量,这很耗测试机器的性能,往往无法支持较大的并发数, ...

  4. idea的maven项目无法引入junit类

    本机:java版本:1.8 pom中是junit版本:4.12 出现问题:在使用@Test 无法引入 : org.junit.Test; 解决方法:junit在pom.xml改为 4.12-beta- ...

  5. LeetCode 80,不使用外部空间的情况下对有序数组去重

    本文始发于个人公众号:TechFlow,原创不易,求个关注 今天是LeetCode专题的第49篇文章,我们一起来看LeetCode的第80题,有序数组去重II(Remove Duplicates fr ...

  6. (数据科学学习手札88)基于geopandas的空间数据分析——空间计算篇(下)

    本文示例代码及数据已上传至我的Github仓库https://github.com/CNFeffery/DataScienceStudyNotes 1 简介 在基于geopandas的空间数据分析系列 ...

  7. 【弹性碰撞问题】POJ 1852 Ants

    Description An army of ants walk on a horizontal pole of length l cm, each with a constant speed of ...

  8. 手写SpringMVC框架(二)-------结构开发设计

    续接前文, 手写SpringMVC框架(一)项目搭建 本节我们来开始手写SpringMVC框架的第二阶段:结构开发设计. 新建一个空的springmvc.properties, 里面写我们要扫描的包名 ...

  9. Python3笔记013 - 3.4 循环语句

    第3章 流程控制语句 3.4 循环语句 1.while 循环 # 带else的while循环,循环结束后执行,根据需要取舍else while 条件表达式: 循环体 else: 语句 a = 0 wh ...

  10. 阿里云Linux CentOS8.1 64位服务器安装LNMP(Linux+Nginx+MySQL+PHP)

    LNMP环境和软件版本: 名称 版本号 查询命令 Linux系统 CentOS Linux release 8.1.1911 (Core) cat /etc/redhat-release Nginx ...