-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy patharpspoof_detector.py
More file actions
executable file
·33 lines (23 loc) · 953 Bytes
/
arpspoof_detector.py
File metadata and controls
executable file
·33 lines (23 loc) · 953 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
#!/usr/bin/python2
#put the script in startup folder to run when the system boots
#put in /etc/init.d/script.py make executable sudo chmod 755 /etc/init.d/scipt.py
#Register script to be run at startup sudo update-rc.d superscript defaults
import scapy.all as scapy
def getmac(ip):
arp_request_header = scapy.ARP(pdst = ip)
ether_header = scapy.Ether(dst="ff:ff:ff:ff:ff:ff")
arp_request_packet = ether_header/arp_request_header
answered_list = scapy.srp(arp_request_packet,timeout=1,verbose=False)[0]
return answered_list[0][1].hwsrc
def sniff(interface):
scapy.sniff(iface=interface,store=False,prn=process_sniffed_packet)
def process_sniffed_packet(packet):
if packet.haslayer(scapy.ARP) and packet[scapy.ARP].op==2:
try:
real_mac = getmac(packet[scapy.ARP].psrc)
response_mac = packet[scapy.ARP].hwsrc
if real_mac != response_mac:
print ("[+] You are under attack !!")
except IndexError:
pass
sniff("wlan0")