ARPySnitch.py 文件源码

def run(self):
        try:
            arp_header = struct.unpack('!2s2s1s1s2s6s4s6s4s', self.arpdata[14:42])
            if hexlify(arp_header[4]) == "0002" and hexlify(arp_header[5]) != self.GW_MAC.replace(":","") and socket.inet_ntoa(arp_header[6]) == self.GW_IP:
                try:
                   if hexlify(arp_header[5]) not in Attacker:
                    Attacker.append(hexlify(arp_header[5]))
                    print "="*50 
                    print foreground.RED + "ARP Poison Detected" + foreground.RESET
                    print "="*50 
                    print "******************_ARP_HEADER_******************"
                    print "Hardware Type: ", hexlify(arp_header[0])
                    print "Protocol Type: ", hexlify(arp_header[1])
                    print "Hardware Size: ", hexlify(arp_header[2])
                    print "Protocol Size: ", hexlify(arp_header[3])
                    print "Opcode: ", opcodes[hexlify(arp_header[4])]
                    print "Attacker's MAC : ", foreground.RED + hexlify(arp_header[5]) + foreground.RESET
                    print "Source IP : ", socket.inet_ntoa(arp_header[6])
                    print "Destination MAC : ", hexlify(arp_header[7])
                    print "Destination IP : ", socket.inet_ntoa(arp_header[8])
                   else:
                    pass
                except:
                    pass
        except:
                pass