Documentation ¶
Overview ¶
Package arp_spoofer provides a handler to spoof arp tables on a target host.
Index ¶
- Variables
- type Config
- type Handler
- func (h *Handler) AnnounceTo(dst net.HardwareAddr, targetIP netip.Addr) (err error)
- func (h *Handler) Close() error
- func (h *Handler) IsHunting(ip netip.Addr) bool
- func (h *Handler) PrintTable()
- func (h *Handler) Probe(ip netip.Addr) error
- func (h *Handler) ProcessPacket(frame packet.Frame) error
- func (h *Handler) Reply(dst net.HardwareAddr, sender packet.Addr, target packet.Addr) error
- func (h *Handler) Request(targetIP netip.Addr) error
- func (h *Handler) RequestRaw(dst net.HardwareAddr, sender packet.Addr, target packet.Addr) (err error)
- func (h *Handler) RequestTo(dst net.HardwareAddr, targetIP netip.Addr) error
- func (h *Handler) Scan() error
- func (h *Handler) StartHunt(addr packet.Addr) (packet.HuntStage, error)
- func (h *Handler) StopHunt(addr packet.Addr) (packet.HuntStage, error)
- func (h *Handler) WhoIs(ip netip.Addr) (packet.Addr, error)
Constants ¶
This section is empty.
Variables ¶
var Logger = fastlog.New(module)
Functions ¶
This section is empty.
Types ¶
type Handler ¶
type Handler struct {
// contains filtered or unexported fields
}
Handler stores instance variables
func (*Handler) AnnounceTo ¶
AnnounceTo send an arp announcement on the local link.
Having probed to determine that a desired address may be used safely, a host implementing this specification MUST then announce that it is commencing to use this address by broadcasting ANNOUNCE_NUM ARP Announcements, spaced ANNOUNCE_INTERVAL seconds apart. An ARP Announcement is identical to the ARP Probe described above, except that now the sender and target IP addresses are both set to the host's newly selected IPv4 address. The purpose of these ARP Announcements is to make sure that other hosts on the link do not have stale ARP cache entries left over from some other host that may previously have been using the same address. The host may begin legitimately using the IP address immediately after sending the first of the two ARP Announcements;
func (*Handler) PrintTable ¶
func (h *Handler) PrintTable()
PrintTable print the ARP table to stdout.
func (*Handler) Probe ¶
Probe send an arp probe broadcast on the local link.
The term 'ARP Probe' is used to refer to an ARP Request packet, broadcast on the local link, with an all-zero 'sender IP address'. The 'sender hardware address' MUST contain the hardware address of the interface sending the The 'sender IP address' field MUST be set to all zeroes, to avoid polluting ARP caches in other hosts on the same link in the case where the address turns out to be already in use by another host. The 'target IP address' field MUST be set to the address being probed. An ARP Probe conveys both a question ("Is anyone using this address?") and an implied statement ("This is the address I hope to use.").
func (*Handler) ProcessPacket ¶
ProcessPacket process an ARP packet
ARP: packet types
note that RFC 3927 specifies 00:00:00:00:00:00 for Request TargetMAC
+============+===+===========+===========+============+============+===================+===========+ | Type | op| EthDstMAC | EthSRCMAC | SenderMAC | SenderIP | TargetMAC | TargetIP | +============+===+===========+===========+============+============+===================+===========+ | request | 1 | broadcast | clientMAC | clientMAC | clientIP | ff:ff:ff:ff:ff:ff | targetIP | - ff target mac | request | 1 | broadcast | clientMAC | clientMAC | clientIP | 00:00:00:00:00:00 | targetIP | - 00 target mac | reply | 2 | clientMAC | targetMAC | targetMAC | targetIP | clientMAC | clientIP | | gratuitous | 2 | broadcast | clientMAC | clientMAC | clientIP | ff:ff:ff:ff:ff:ff | clientIP | | ACD probe | 1 | broadcast | clientMAC | clientMAC | 0x00 | 00:00:00:00:00:00 | targetIP | | ACD announ | 1 | broadcast | clientMAC | clientMAC | clientIP | ff:ff:ff:ff:ff:ff | clientIP | +============+===+===========+===========+============+============+===================+===========+
func (*Handler) Reply ¶
Reply send ARP reply from the src to the dst
Call with dstHwAddr = ethernet.Broadcast to reply to all
func (*Handler) RequestRaw ¶
func (h *Handler) RequestRaw(dst net.HardwareAddr, sender packet.Addr, target packet.Addr) (err error)
RequestRaw send an ARP Request packet multiple goroutines can call RequestRaw simultaneously.
Request is almost always broadcast but unicast can be used to maintain ARP table; i.e. unicast polling check for stale ARP entries; useful to test online/offline state
ARP: packet types
note that RFC 3927 specifies 00:00:00:00:00:00 for Request TargetMAC
+============+===+===========+===========+============+============+===================+===========+ | Type | op| etherDST | etherSRC | SenderMAC | SenderIP | TargetMAC | TargetIP | +============+===+===========+===========+============+============+===================+===========+ | Request | 1 | broadcast | hostMAC | clientMAC | clientIP | ff:ff:ff:ff:ff:ff | targetIP | | reply | 2 | clientMAC | targetMAC | targetMAC | targetIP | clientMAC | clientIP | | gratuitous | 2 | broadcast | hostMAC | clientMAC | clientIP | ff:ff:ff:ff:ff:ff | clientIP | | ACD probe | 1 | broadcast | hostMAC | clientMAC | 0x00 | 0x00 | targetIP | | ACD announ | 1 | broadcast | hostMAC | clientMAC | clientIP | ff:ff:ff:ff:ff:ff | clientIP | +============+===+===========+===========+============+============+===================+===========+
func (*Handler) RequestTo ¶
RequestTo sends an arp request to the destination mac. This is useful to send a unicast request to a host.
func (*Handler) StartHunt ¶
StartHunt starts a background goroutine to spoof the target addr. This will continue until StopHunt() is called.
ARP StartHunt performs the following:
- add addr to "hunt" list
- start spoof goroutine to which will continuously spoof the client ARP table