Skip to content

Commit 838f702

Browse files
authored
Update README.md
1 parent 0be372b commit 838f702

1 file changed

Lines changed: 5 additions & 5 deletions

File tree

README.md

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,15 +1,15 @@
1-
<img width="301" alt="image" src="https://user-images.githubusercontent.com/59119926/184553797-ad7050a9-6455-45d1-b00f-b1ae5c90e8aa.png">
2-
3-
Make a local network unresponsive by poisoning ARP and spoofing RA packets </br>
1+
# ArpWarp
2+
Make a local network unresponsive with 1 cmd </br>
3+
The screenshots illustrate this attack running from a kali nethunter phone, and from a windows terminal. </br> </br>
4+
<img align="right" img width="268" alt="image" src="https://user-images.githubusercontent.com/59119926/184556919-e8b286b4-6207-4c13-b791-5ec2744927c1.png">
5+
<img align="right" img width="301" alt="image" src="https://user-images.githubusercontent.com/59119926/184553797-ad7050a9-6455-45d1-b00f-b1ae5c90e8aa.png">
46

57
# How it works
68
This attack continously sends spoofed ARP packets (using [scapy](https://github.com/secdev/scapy)) to every host on the network, poisoning its ARP table. </br>
79
The gateway is mapped to an incorrect MAC address and therefore the traffic never reaches its true destination, making the network unresponsive. </br>
810
Furthermore, the gateway also receives an ARP packet from each host that contains a spoofed MAC address.
911
</br></br>
1012
For IPv6 networks, this attack periodically sends a spoofed RA packet with the gateway's lladdr to the multicast address on the local link, which would signal the router is dead. This would prevent the hosts from forwarding traffic to the gateway. Furthermore, a [scapy](https://github.com/secdev/scapy) method is running on a separate thread in the background, sniffing traffic and immediately invalidates incoming RA packets from routers by sending spoofed ones that indicate the router is not operational (`routerlifetime=0`). </br></br>
11-
An illustration of running the attacker from a nethunter (kali) phone: <br>
12-
<img width="268" alt="image" src="https://user-images.githubusercontent.com/59119926/184556919-e8b286b4-6207-4c13-b791-5ec2744927c1.png">
1313

1414

1515
# Requirements

0 commit comments

Comments
 (0)