new: added new arp.spoof.whitelist variable which supports macs, ips, ip ranges and aliases (closes #205)

2025-08-19 21:13:18 -07:00 · 2018-03-26 11:58:31 +02:00 · 2018-03-26 11:58:31 +02:00 · 6c50cc2918
commit 6c50cc2918
parent 54607993ba
3 changed files with 23018 additions and 22983 deletions
--- a/modules/arp_spoof.go
+++ b/modules/arp_spoof.go
@ -1,6 +1,7 @@
 package modules
 import (
 	"bytes"
 	"net"
 	"sync"
 	"time"
@ -13,10 +14,12 @@ import (
 type ArpSpoofer struct {
 	session.SessionModule
-	addresses []net.IP
+	addresses  []net.IP
-	macs      []net.HardwareAddr
+	macs       []net.HardwareAddr
-	ban       bool
+	wAddresses []net.IP
-	waitGroup *sync.WaitGroup
+	wMacs      []net.HardwareAddr
 	ban        bool
 	waitGroup  *sync.WaitGroup
 }
 func NewArpSpoofer(s *session.Session) *ArpSpoofer {
@ -24,11 +27,15 @@ func NewArpSpoofer(s *session.Session) *ArpSpoofer {
 		SessionModule: session.NewSessionModule("arp.spoof", s),
 		addresses:     make([]net.IP, 0),
 		macs:          make([]net.HardwareAddr, 0),
 		wAddresses:    make([]net.IP, 0),
 		wMacs:         make([]net.HardwareAddr, 0),
 		ban:           false,
 		waitGroup:     &sync.WaitGroup{},
 	}
-	p.AddParam(session.NewStringParameter("arp.spoof.targets", session.ParamSubnet, "", "IP or MAC addresses to spoof, also supports nmap style IP ranges."))
+	p.AddParam(session.NewStringParameter("arp.spoof.targets", session.ParamSubnet, "", "Comma separated list of IP addresses, MAC addresses or aliases to spoof, also supports nmap style IP ranges."))
 	p.AddParam(session.NewStringParameter("arp.spoof.whitelist", "", "", "Comma separated list of IP addresses, MAC addresses or aliases to skip while spoofing."))
 	p.AddHandler(session.NewModuleHandler("arp.spoof on", "",
 		"Start ARP spoofer.",
@ -70,6 +77,80 @@ func (p ArpSpoofer) Author() string {
 	return "Simone Margaritelli <evilsocket@protonmail.com>"
 }
 func (p *ArpSpoofer) Configure() error {
 	var err error
 	var targets string
 	var whitelist string
 	if err, targets = p.StringParam("arp.spoof.targets"); err != nil {
 		return err
 	} else if err, whitelist = p.StringParam("arp.spoof.whitelist"); err != nil {
 		return err
 	} else if p.addresses, p.macs, err = network.ParseTargets(targets, p.Session.Lan.Aliases()); err != nil {
 		return err
 	} else if p.wAddresses, p.wMacs, err = network.ParseTargets(whitelist, p.Session.Lan.Aliases()); err != nil {
 		return err
 	}
 	log.Debug(" addresses=%v macs=%v whitelisted-addresses=%v whitelisted-macs=%v", p.addresses, p.macs, p.wAddresses, p.wMacs)
 	if p.ban == true {
 		log.Warning("Running in BAN mode, forwarding not enabled!")
 		p.Session.Firewall.EnableForwarding(false)
 	} else if p.Session.Firewall.IsForwardingEnabled() == false {
 		log.Info("Enabling forwarding.")
 		p.Session.Firewall.EnableForwarding(true)
 	}
 	return nil
 }
 func (p *ArpSpoofer) Start() error {
 	if err := p.Configure(); err != nil {
 		return err
 	}
 	return p.SetRunning(true, func() {
 		from := p.Session.Gateway.IP
 		from_hw := p.Session.Interface.HW
 		log.Info("ARP spoofer started, probing %d targets.", len(p.addresses)+len(p.macs))
 		p.waitGroup.Add(1)
 		defer p.waitGroup.Done()
 		for p.Running() {
 			p.sendArp(from, from_hw, true, false)
 			time.Sleep(1 * time.Second)
 		}
 	})
 }
 func (p *ArpSpoofer) Stop() error {
 	return p.SetRunning(false, func() {
 		log.Info("Waiting for ARP spoofer to stop ...")
 		p.unSpoof()
 		p.ban = false
 		p.waitGroup.Wait()
 	})
 }
 func (p *ArpSpoofer) isWhitelisted(ip string, mac net.HardwareAddr) bool {
 	for _, addr := range p.wAddresses {
 		if ip == addr.String() {
 			return true
 		}
 	}
 	for _, hw := range p.wMacs {
 		if bytes.Compare(hw, mac) == 0 {
 			return true
 		}
 	}
 	return false
 }
 func (p *ArpSpoofer) sendArp(saddr net.IP, smac net.HardwareAddr, check_running bool, probe bool) {
 	p.waitGroup.Add(1)
 	defer p.waitGroup.Done()
@ -110,6 +191,9 @@ func (p *ArpSpoofer) sendArp(saddr net.IP, smac net.HardwareAddr, check_running
 	for ip, mac := range targets {
 		if check_running && p.Running() == false {
 			return
 		} else if p.isWhitelisted(ip, mac) {
 			log.Debug("%s (%s) is whitelisted, skipping from spoofing loop.", ip, mac)
 			continue
 		}
 		if err, pkt := packets.NewARPReply(saddr, smac, net.ParseIP(ip), mac); err != nil {
@ -131,55 +215,3 @@ func (p *ArpSpoofer) unSpoof() error {
 	return nil
 }
 func (p *ArpSpoofer) Configure() error {
 	var err error
 	var targets string
 	if err, targets = p.StringParam("arp.spoof.targets"); err != nil {
 		return err
 	} else if p.addresses, p.macs, err = network.ParseTargets(targets, p.Session.Lan.Aliases()); err != nil {
 		return err
 	}
 	log.Debug(" addresses=%v macs=%v", p.addresses, p.macs)
 	if p.ban == true {
 		log.Warning("Running in BAN mode, forwarding not enabled!")
 		p.Session.Firewall.EnableForwarding(false)
 	} else if p.Session.Firewall.IsForwardingEnabled() == false {
 		log.Info("Enabling forwarding.")
 		p.Session.Firewall.EnableForwarding(true)
 	}
 	return nil
 }
 func (p *ArpSpoofer) Start() error {
 	if err := p.Configure(); err != nil {
 		return err
 	}
 	return p.SetRunning(true, func() {
 		from := p.Session.Gateway.IP
 		from_hw := p.Session.Interface.HW
 		log.Info("ARP spoofer started, probing %d targets.", len(p.addresses)+len(p.macs))
 		p.waitGroup.Add(1)
 		defer p.waitGroup.Done()
 		for p.Running() {
 			p.sendArp(from, from_hw, true, false)
 			time.Sleep(1 * time.Second)
 		}
 	})
 }
 func (p *ArpSpoofer) Stop() error {
 	return p.SetRunning(false, func() {
 		log.Info("Waiting for ARP spoofer to stop ...")
 		p.unSpoof()
 		p.ban = false
 		p.waitGroup.Wait()
 	})
 }
--- a/network/net.go
+++ b/network/net.go
@ -71,6 +71,10 @@ func ParseTargets(targets string, aliasMap *Aliases) (ips []net.IP, macs []net.H
 	ips = make([]net.IP, 0)
 	macs = make([]net.HardwareAddr, 0)
 	if targets = core.Trim(targets); targets == "" {
 		return
 	}
 	// first isolate MACs and parse them
 	for _, mac := range macParser.FindAllString(targets, -1) {
 		mac = NormalizeMac(mac)
--- a/network/oui.go
+++ b/network/oui.go