Packet Parsing/Injecting ARP Poisoner

PRE.cjk { font-family: “Droid Sans”,monospace; }PRE.ctl { font-family: “FreeSans”,monospace; }H3 { margin-bottom: 0.08in; }H3.cjk { font-family: “Droid Sans”; }H3.ctl { font-family: “FreeSans”; }P { margin-bottom: 0.08in; }CODE.cjk { font-family: “Droid Sans”,monospace; }CODE.ctl { font-family: “FreeSans”,monospace; }A:link { }

http://www.ehacking.net/2013/12/packet-parsinginjecting-arp-poisoner.html

Individually poisons the ARP tables of
the target box, the router and the DNS server if necessary. Does not
poison anyone else on the network. Displays all most the interesting
bits of their traffic and can inject custom html into pages they
visit. Cleans up after itself.






LAN.py is a python script that has been
developed to poison the ARP tables of the target computer. The tool
has previously been tested on Kali Linux, the example has also
mentioned below.





Requirement:



  • Linux (Kali recommended)
  • Scapy
  • Python nfqueue-bindings 0.4.3
  • Aircrack-ng
  • Python twisted
  • BeEF (optional)






If you are on Kali linux then you need
not to worry about most of the prereqs except python-nfqueue.



To install this open your terminal and
type:






apt-get install -y python-nfqueue






Copy the script from official website and then open any text editor, paste the script and save
it to whatever.py Now open the terminal and locate the directory
where u have saved the script before.




LANs.py ARP Poisoning Tutorial





Simplest usage (including active user targeting):



 

PRE.cjk { font-family: “Droid Sans”,monospace; }PRE.ctl { font-family: “FreeSans”,monospace; }P { margin-bottom: 0.08in; }CODE.cjk { font-family: “Droid Sans”,monospace; }CODE.ctl { font-family: “FreeSans”,monospace; }A:link { }

python LANs.py

Because there’s no -ip option this will ARP scan the network, compare
it to a live running promiscuous capture, and list all the clients on
the network including their Windows netbios names along with how many
data packets they’re sending. so you can immediately target the
active ones. The ability to capture data packets they send is very
dependent on physical proximity and the power of your network card.
then you can Ctrl-C and pick your target which it will then ARP
spoof. Simple target identification and ARP spoofing.



Passive harvesting:

PRE.cjk { font-family: “Droid Sans”,monospace; }PRE.ctl { font-family: “FreeSans”,monospace; }P { margin-bottom: 0.08in; }CODE.cjk { font-family: “Droid Sans”,monospace; }CODE.ctl { font-family: “FreeSans”,monospace; }A:link { }

python LANs.py -u -d -p -ip 192.168.0.10

 



-u: prints URLs visited; truncates at 150 characters and filters
image/css/js/woff/svg urls since they spam the output and are
uninteresting


-d: open an xterm with driftnet to see all images they view

-p: print username/passwords for FTP/IMAP/POP/IRC/HTTP, HTTP POSTs
made, all searches made, incoming/outgoing emails, and IRC messages
sent/received; will also decode base64 if the email authentication is
encrypted with it


-ip: target this IP address

Easy to remember and will probably be the most common usage of the
script: options u, d, p, like udp/tcp.




Further more, share your thought regarding the tool and the usage.



Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Blind SQL Injection Tutorial to Hack a Website

In the previous article, we have the basics of SQL Injection; what SQLi is and what are the types of SQL injection. And, In...

What is SQL Injection? Tutorial: Type and Example

What is SQL injection, and what are the types of SQL injection? These are the common questions, and we will seek the answer to...

Are Cisco 300-410 Exam and Its Related Certification Your Pathway to Career Success? Find Out about This

Introduction Career success can mean different things to different people. For some, it could mean having a prestigious title and for others, it could be...

How to Hack Windows 10 Password Using FakeLogonScreen in Kali Linux

This article demonstrates an in-depth guide on how to hack Windows 10 Passwords using FakeLogonScreen. Hacking Windows 10 password is an exciting topic and...