new: new arp.spoof.skip_restore option (fixes #874)

modules/arp_spoof/arp_spoof.go

@@ -3,6 +3,7 @@ package arp_spoof
 import (
 	"bytes"
 	"net"
+	"strings"
 	"sync"
 	"time"
 
@@ -22,6 +23,7 @@ type ArpSpoofer struct {
 	fullDuplex  bool
 	internal    bool
 	ban         bool
+	skipRestore bool
 	waitGroup   *sync.WaitGroup
 }
 
@@ -35,6 +37,7 @@ func NewArpSpoofer(s *session.Session) *ArpSpoofer {
 		ban:           false,
 		internal:      false,
 		fullDuplex:    false,
+		skipRestore:   false,
 		waitGroup:     &sync.WaitGroup{},
 	}
 
@@ -52,6 +55,20 @@ func NewArpSpoofer(s *session.Session) *ArpSpoofer {
 		"false",
 		"If true, both the targets and the gateway will be attacked, otherwise only the target (if the router has ARP spoofing protections in place this will make the attack fail)."))
 
+	noRestore := session.NewBoolParameter("arp.spoof.skip_restore",
+		"false",
+		"If set to true, targets arp cache won't be restored when spoofing is stopped.")
+
+	mod.AddObservableParam(noRestore, func(v string) {
+		if strings.ToLower(v) == "true" || v == "1" {
+			mod.skipRestore = true
+			mod.Warning("arp cache restoration after spoofing disabled")
+		} else {
+			mod.skipRestore = false
+			mod.Info("arp cache restoration after spoofing enabled")
+		}
+	})
+
 	mod.AddHandler(session.NewModuleHandler("arp.spoof on", "",
 		"Start ARP spoofer.",
 		func(args []string) error {
@@ -171,6 +188,7 @@ func (mod *ArpSpoofer) Start() error {
 }
 
 func (mod *ArpSpoofer) unSpoof() error {
+	if !mod.skipRestore {
 		nTargets := len(mod.addresses) + len(mod.macs)
 		mod.Info("restoring ARP cache of %d targets.", nTargets)
 		mod.arpSpoofTargets(mod.Session.Gateway.IP, mod.Session.Gateway.HW, false, false)
@@ -186,6 +204,9 @@ func (mod *ArpSpoofer) unSpoof() error {
 				}
 			}
 		}
+	} else {
+		mod.Warning("arp cache restoration is disabled")
+	}
 
 	return nil
 }