![ARPie](https://private-user-images.githubusercontent.com/69352107/347970745-a24746e2-dd2e-42ce-bc16-75ee1883c029.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MjIzNTMyMDgsIm5iZiI6MTcyMjM1MjkwOCwicGF0aCI6Ii82OTM1MjEwNy8zNDc5NzA3NDUtYTI0NzQ2ZTItZGQyZS00MmNlLWJjMTYtNzVlZTE4ODNjMDI5LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDA3MzAlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwNzMwVDE1MjE0OFomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTU4ZWUxMzk3OTNhZGYzYTg5YjAyNDRkMzAxNjc1MjBlMDkxY2QzMWVlYTRhMzUxNTg1ODMwYWJmMDFlM2U4YjcmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.2JLSxJ53El6ZuBsQjNcfUt7cUOXxIK8B47Y7U786Pdk)
- Currently does not forward traffic which disconnects the attacked host from internet.
- Packets will be restored when the attack is stopped.
This script performs ARP poisoning, DNS spoofing, and WPAD exploitation. It is designed for network penetration testing and security analysis.
- ARP Poisoning: Redirect network traffic by spoofing ARP messages.
- DNS Spoofing: Intercept and modify DNS queries to redirect traffic.
- WPAD Exploitation: Serve a malicious WPAD file to configure a proxy server for the victim.
- Python 3.x
- Scapy
- Impacket
- Colorama
- Install required Python packages:
pip install scapy impacket colorama
python arp.py -i <interface> --target-ip <target_ip> [options]
-i, --interface
: Network interface to use (required)--target-ip
: Target IP address (required)--target-mac
: Target MAC address (optional, will be resolved if not provided)--gateway-ip
: Gateway IP address (optional, will be resolved if not provided)--gateway-mac
: Gateway MAC address (optional, will be resolved if not provided)--attacker-ip
: Attacker's IP address (optional, will be resolved if not provided)--proxy-port
: Port for the proxy server (optional)--domain
: Domain to spoof (optional, e.g., domain.local)
# Auto
sudo python3 arp.py -i eth0 --target-ip 192.168.1.100 --proxy-port 8080 --domain example.com
# Manual (most trustable method)
sudo python3 arp.py --target-ip 192.168.100.183 --target-mac 52:54:00:9f:47:11 --gateway-ip 192.168.100.153 --gateway-mac 52:54:00:b0:a1:55 --attacker-ip 192.168.100.131 --domain wintastic.local -i eth0
By following the instructions above, you can utilize this script for network security testing and analysis. Ensure you have permission to test the network you are targeting.