我的书签
添加书签
移除书签arp.spoof
This module keeps spoofing selected hosts on the network using crafted ARP packets in order to perform a MITM attack.
Commands
arp.spoof on
Start ARP spoofer.
arp.ban on
Start ARP spoofer in ban mode, meaning the target(s) connectivity will not work.
arp.spoof/ban off
Stop ARP spoofer.
Parameters
| parameter | default | description |
|---|---|---|
arp.spoof.targets | <entire subnet> | A comma separated list of MAC addresses, IP addresses, IP ranges or aliases to spoof (a list of supported range formats). |
arp.spoof.whitelist | A comma separated list of MAC addresses, IP addresses, IP ranges or aliases to skip while spoofing. | |
arp.spoof.internal | false | If true, local connections among computers of the network will be spoofed as well, otherwise only connections going to and coming from the external network. |
arp.spoof.fullduplex | false | If true, both the targets and the gateway will be attacked, otherwise only the target (if the router has ARP spoofing protections in place this will make the attack fail). |
Examples
Ban the address 192.168.1.6 from the network:
> set arp.spoof.targets 192.168.1.6; arp.ban on
Spoof 192.168.1.2, 192.168.1.3 and 192.168.1.4:
> set arp.spoof.targets 192.168.1.2-4; arp.spoof on
