From d59b282fb9b988ba28087a35cc64b9eb3baa44d1 Mon Sep 17 00:00:00 2001 From: oscar1 Date: Sun, 6 Mar 2016 15:48:40 +0100 Subject: [PATCH] Update ARP.py small change to fix the "half duplex" issue. First; without the fix I don't receive any packets from the remote host to the target. I only received packets from the target to the remote host. Second; the original code wasn't "symmetric". Tested on kali2 with a linksys WRT54GL router on WiFI. Compared the ARP packets to those produced by ettercap, which was working correctly on my system. Including the fix resembles the ettercap method. It also works correctly when the arguments to the Ether() constructor are removed altogether. Note that the problem occurs when not using any modules at all, only a simple filter and the spoofplugin. The problem may also be routerspecific, I dont know. --- core/poisoners/ARP.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/core/poisoners/ARP.py b/core/poisoners/ARP.py index d347566..a70af0f 100644 --- a/core/poisoners/ARP.py +++ b/core/poisoners/ARP.py @@ -215,7 +215,7 @@ class ARPpoisoner: try: #log.debug("Poisoning {} <-> {}".format(targetip, self.gatewayip)) self.s2.send(Ether(src=self.mymac, dst=targetmac)/ARP(pdst=targetip, psrc=self.gatewayip, hwdst=targetmac, op=arpmode)) - self.s2.send(Ether(src=targetmac, dst=self.gatewaymac)/ARP(pdst=self.gatewayip, psrc=targetip, hwdst=self.gatewaymac, op=arpmode)) + self.s2.send(Ether(src=self.mymac, dst=self.gatewaymac)/ARP(pdst=self.gatewayip, psrc=targetip, hwdst=self.gatewaymac, op=arpmode)) except Exception as e: if "Interrupted system call" not in e: log.error("Exception occurred while poisoning {}: {}".format(targetip, e))