Reputation: 1023
What is the meaning of the scapy ARP attributes
What do the attributes of the python scapy ARP packets mean? For example,
psrcpdsthwsrchwdst
I'm trying to understand ARP spoofing. I think:
pdstis where the ARP packet should go (target),psrcis the IP to update in the target's arp table,hwsrcis the MAC corresponding topsrc, to update in the target's arp tablehwdstis a mystery to me.
What I want to do is tell the gateway 192.168.1.254 that my MAC (aa:aa:aa:aa:aa:aa) belongs to the victim 192.168.1.100. And the reverse, to tell the victim that my mac belongs to the gateway.
So to poison the gateway I would do this:
srp(ARP(pdst=192.168.1.254, psrc=192.168.1.100, hwsrc=aa:aa:aa:aa:aa:aa))
is that right? Cause it's not working for me (python3.6, latest scapy, kali). That is, I see no change in the gateway's arp table.
Upvotes: 4
Views: 13398
Answers (1)
Reputation: 6237
hwdst is the destination hardware address. If you are sending an ARP "who-has" request, you should just leave it to 0 (Scapy will do that by default). This field is used in "is-at" responses.
Your command (srp(ARP(pdst=192.168.1.254, psrc=192.168.1.100, hwsrc="aa:aa:aa:aa:aa:aa"))) seems correct and should do what you want. Have you checked with Wireshark or Tcpdump how the packet you send looks like?
If you have a look at the ARP page on Wikipedia, hwsrc is "Sender hardware address (SHA)", psrc is Sender protocol address (SPA), hwdst is "Target hardware address (THA)" and pdst is "Target protocol address (TPA)".
Upvotes: 3
Related Questions
- How are these values calculated in Python Scapy?
- Python raises AttributeError when attempting to send ARP request on Raspberry Pi 3
- Python Scapy --arp request and response
- Scapy library giving error ARP who has ?? says?
- Python scapy sprintf syntax
- Scapy is not working when IP is used as range in the ARP packet
- Python-3.4 Scapy Sending ARP packet
- Python 2.7 -scapy and ARP
- Python Scapy Arp Scanning Subnet Script From a Book
- ARP missing from the module scapy