ARP Spoofing Detector - Python Network Security Tool
class ArpDetectorPage: def init(self, master, timeout): self.master = master self.timeout = timeout self.interface = 'ens33' self.ip_mac_map = {} self.attacker_ip = None self.attacker_mac = None self.thread = None self.stop_event = threading.Event()
self.frame = tk.Frame(self.master)
self.frame.pack()
self.status_label = tk.Label(self.frame, text='Idle')
self.status_label.pack()
self.start_button = tk.Button(self.frame, text='Start', command=self.start_detection)
self.start_button.pack()
self.stop_button = tk.Button(self.frame, text='Stop', command=self.stop_detection, state=tk.DISABLED)
self.stop_button.pack()
def start_detection(self):
self.status_label.config(text='Running')
self.start_button.config(state=tk.DISABLED)
self.stop_button.config(state=tk.NORMAL)
self.thread = threading.Thread(target=self.run)
self.thread.start()
def stop_detection(self):
self.status_label.config(text='Idle')
self.start_button.config(state=tk.NORMAL)
self.stop_button.config(state=tk.DISABLED)
self.stop_event.set()
self.thread.join()
def run(self):
self.attacker_ip = netifaces.ifaddresses(self.interface)[netifaces.AF_INET][0]['addr']
self.attacker_mac = getmacbyip(self.attacker_ip)
print(f'Attacker IP: {self.attacker_ip}, MAC: {self.attacker_mac}')
while not self.stop_event.is_set():
self.scan_network()
self.detect_arp_spoofing()
time.sleep(5)
self.timer += 5
if self.timer >= self.timeout:
print('No ARP spoofing detected')
self.stop_event.set()
def scan_network(self):
for ip in netifaces.ifaddresses(self.interface)[netifaces.AF_INET][0]['addr'].split('.')[:-1]:
for i in range(1, 255):
target_ip = f'{ip}.{i}'
if target_ip != self.attacker_ip:
arp_request = ARP(pdst=target_ip)
arp_reply = sr1(arp_request, timeout=1, verbose=0)
if arp_reply and arp_reply.hwsrc not in ('00:00:00:00:00:00', self.attacker_mac):
self.ip_mac_map[target_ip] = arp_reply.hwsrc
def detect_arp_spoofing(self):
for target_ip, target_mac in self.ip_mac_map.items():
arp_request = ARP(op=1, pdst=target_ip, hwdst=target_mac, psrc=self.attacker_ip, hwsrc=self.attacker_mac)
arp_reply = sr1(arp_request, timeout=1, verbose=0)
if arp_reply and arp_reply.hwsrc != target_mac:
print(f'ARP spoofing detected: {target_ip} ({target_mac}) -> {arp_reply.hwsrc}')
class ArpDetectorPageUI: def init(self, master): self.master = master self.master.title('ARP Detector') self.master.geometry('400x150')
self.timeout_label = tk.Label(self.master, text='Detection Time (s)')
self.timeout_label.pack()
self.timeout_entry = tk.Entry(self.master)
self.timeout_entry.pack()
self.start_button = tk.Button(self.master, text='Start', command=self.start_detection)
self.start_button.pack()
def start_detection(self):
timeout = int(self.timeout_entry.get())
self.master.withdraw()
ArpDetectorPage(self.master, timeout)
class IcmpFloodDetectorPage: def init(self, master, timeout): self.master = master self.timeout = timeout self.interface = 'ens33' self.target_ip = '192.168.1.1' self.thread = None self.stop_event = threading.Event()
self.frame = tk.Frame(self.master)
self.frame.pack()
self.status_label = tk.Label(self.frame, text='Idle')
self.status_label.pack()
self.start_button = tk.Button(self.frame, text='Start', command=self.start_detection)
self.start_button.pack()
self.stop_button = tk.Button(self.frame, text='Stop', command=self.stop_detection, state=tk.DISABLED)
self.stop_button.pack()
def start_detection(self):
self.status_label.config(text='Running')
self.start_button.config(state=tk.DISABLED)
self.stop_button.config(state=tk.NORMAL)
self.thread = threading.Thread(target=self.run)
self.thread.start()
def stop_detection(self):
self.status_label.config(text='Idle')
self.start_button.config(state=tk.NORMAL)
self.stop_button.config(state=tk.DISABLED)
self.stop_event.set()
self.thread.join()
def run(self):
while not self.stop_event.is_set():
self.detect_icmp_flood()
time.sleep(5)
self.timer += 5
if self.timer >= self.timeout:
print('No ICMP flood detected')
self.stop_event.set()
def detect_icmp_flood(self):
icmp_request = IP(dst=self.target_ip)/ICMP()
icmp_reply = sr1(icmp_request, timeout=1, verbose=0)
if icmp_reply:
print(f'ICMP flood detected: {icmp_reply.src} -> {icmp_reply.dst}')
class IcmpFloodDetectorPageUI: def init(self, master): self.master = master self.master.title('ICMP Flood Detector') self.master.geometry('400x150')
self.timeout_label = tk.Label(self.master, text='Detection Time (s)')
self.timeout_label.pack()
self.timeout_entry = tk.Entry(self.master)
self.timeout_entry.pack()
self.start_button = tk.Button(self.master, text='Start', command=self.start_detection)
self.start_button.pack()
def start_detection(self):
timeout = int(self.timeout_entry.get())
self.master.withdraw()
IcmpFloodDetectorPage(self.master, timeout)
class TcpAttackDetectorPage: def init(self, master, timeout): self.master = master self.timeout = timeout self.interface = 'ens33' self.target_ip = '192.168.1.1' self.thread = None self.stop_event = threading.Event()
self.frame = tk.Frame(self.master)
self.frame.pack()
self.status_label = tk.Label(self.frame, text='Idle')
self.status_label.pack()
self.start_button = tk.Button(self.frame, text='Start', command=self.start_detection)
self.start_button.pack()
self.stop_button = tk.Button(self.frame, text='Stop', command=self.stop_detection, state=tk.DISABLED)
self.stop_button.pack()
def start_detection(self):
self.status_label.config(text='Running')
self.start_button.config(state=tk.DISABLED)
self.stop_button.config(state=tk.NORMAL)
self.thread = threading.Thread(target=self.run)
self.thread.start()
def stop_detection(self):
self.status_label.config(text='Idle')
self.start_button.config(state=tk.NORMAL)
self.stop_button.config(state=tk.DISABLED)
self.stop_event.set()
self.thread.join()
def run(self):
while not self.stop_event.is_set():
self.detect_tcp_attack()
time.sleep(5)
self.timer += 5
if self.timer >= self.timeout:
print('No TCP attack detected')
self.stop_event.set()
def detect_tcp_attack(self):
tcp_request = IP(dst=self.target_ip)/TCP()
tcp_reply = sr1(tcp_request, timeout=1, verbose=0)
if tcp_reply:
print(f'TCP attack detected: {tcp_reply.src} -> {tcp_reply.dst}')
class TcpAttackDetectorPageUI: def init(self, master): self.master = master self.master.title('TCP Attack Detector') self.master.geometry('400x150')
self.timeout_label = tk.Label(self.master, text='Detection Time (s)')
self.timeout_label.pack()
self.timeout_entry = tk.Entry(self.master)
self.timeout_entry.pack()
self.start_button = tk.Button(self.master, text='Start', command=self.start_detection)
self.start_button.pack()
def start_detection(self):
timeout = int(self.timeout_entry.get())
self.master.withdraw()
TcpAttackDetectorPage(self.master, timeout)
class NetworkScannerPage: def init(self, master): self.master = master self.interface = 'ens33' self.ip_mac_map = {}
self.frame = tk.Frame(self.master)
self.frame.pack()
self.scan_button = tk.Button(self.frame, text='Scan', command=self.scan_network)
self.scan_button.pack()
self.result_label = tk.Label(self.frame, text='')
self.result_label.pack()
def scan_network(self):
for ip in netifaces.ifaddresses(self.interface)[netifaces.AF_INET][0]['addr'].split('.')[:-1]:
for i in range(1, 255):
target_ip = f'{ip}.{i}'
arp_request = ARP(pdst=target_ip)
arp_reply = sr1(arp_request, timeout=1, verbose=0)
if arp_reply and arp_reply.hwsrc not in ('00:00:00:00:00:00', get_if_hwaddr(self.interface)):
self.ip_mac_map[target_ip] = arp_reply.hwsrc
result = ''
for ip, mac in self.ip_mac_map.items():
result += f'{ip} ({mac})
' self.result_label.config(text=result)
class NetworkScannerPageUI: def init(self, master): self.master = master self.master.title('Network Scanner') self.master.geometry('400x300')
self.network_scanner_page = NetworkScannerPage(self.master)
原文地址: https://www.cveoy.top/t/topic/jnVM 著作权归作者所有。请勿转载和采集!