From 4fc84f29072d3ca8eb99213e49c85c4c71e3b88d Mon Sep 17 00:00:00 2001 From: Simone Margaritelli Date: Tue, 11 May 2021 12:20:10 +0200 Subject: [PATCH] new: new arp.spoof.skip_restore option (fixes #874) --- modules/arp_spoof/arp_spoof.go | 57 +++++++++++++++++++++++----------- 1 file changed, 39 insertions(+), 18 deletions(-) diff --git a/modules/arp_spoof/arp_spoof.go b/modules/arp_spoof/arp_spoof.go index 9c3d7392..708cdf1b 100644 --- a/modules/arp_spoof/arp_spoof.go +++ b/modules/arp_spoof/arp_spoof.go @@ -3,6 +3,7 @@ package arp_spoof import ( "bytes" "net" + "strings" "sync" "time" @@ -15,14 +16,15 @@ import ( type ArpSpoofer struct { session.SessionModule - addresses []net.IP - macs []net.HardwareAddr - wAddresses []net.IP - wMacs []net.HardwareAddr - fullDuplex bool - internal bool - ban bool - waitGroup *sync.WaitGroup + addresses []net.IP + macs []net.HardwareAddr + wAddresses []net.IP + wMacs []net.HardwareAddr + fullDuplex bool + internal bool + ban bool + skipRestore bool + waitGroup *sync.WaitGroup } func NewArpSpoofer(s *session.Session) *ArpSpoofer { @@ -35,6 +37,7 @@ func NewArpSpoofer(s *session.Session) *ArpSpoofer { ban: false, internal: false, fullDuplex: false, + skipRestore: false, waitGroup: &sync.WaitGroup{}, } @@ -52,6 +55,20 @@ func NewArpSpoofer(s *session.Session) *ArpSpoofer { "false", "If true, both the targets and the gateway will be attacked, otherwise only the target (if the router has ARP spoofing protections in place this will make the attack fail).")) + noRestore := session.NewBoolParameter("arp.spoof.skip_restore", + "false", + "If set to true, targets arp cache won't be restored when spoofing is stopped.") + + mod.AddObservableParam(noRestore, func(v string) { + if strings.ToLower(v) == "true" || v == "1" { + mod.skipRestore = true + mod.Warning("arp cache restoration after spoofing disabled") + } else { + mod.skipRestore = false + mod.Info("arp cache restoration after spoofing enabled") + } + }) + mod.AddHandler(session.NewModuleHandler("arp.spoof on", "", "Start ARP spoofer.", func(args []string) error { @@ -171,20 +188,24 @@ func (mod *ArpSpoofer) Start() error { } func (mod *ArpSpoofer) unSpoof() error { - nTargets := len(mod.addresses) + len(mod.macs) - mod.Info("restoring ARP cache of %d targets.", nTargets) - mod.arpSpoofTargets(mod.Session.Gateway.IP, mod.Session.Gateway.HW, false, false) + if !mod.skipRestore { + nTargets := len(mod.addresses) + len(mod.macs) + mod.Info("restoring ARP cache of %d targets.", nTargets) + mod.arpSpoofTargets(mod.Session.Gateway.IP, mod.Session.Gateway.HW, false, false) - if mod.internal { - list, _ := iprange.ParseList(mod.Session.Interface.CIDR()) - neighbours := list.Expand() - for _, address := range neighbours { - if !mod.Session.Skip(address) { - if realMAC, err := mod.Session.FindMAC(address, false); err == nil { - mod.arpSpoofTargets(address, realMAC, false, false) + if mod.internal { + list, _ := iprange.ParseList(mod.Session.Interface.CIDR()) + neighbours := list.Expand() + for _, address := range neighbours { + if !mod.Session.Skip(address) { + if realMAC, err := mod.Session.FindMAC(address, false); err == nil { + mod.arpSpoofTargets(address, realMAC, false, false) + } } } } + } else { + mod.Warning("arp cache restoration is disabled") } return nil