Penetration Testing and Ethical Hacking

Second semester $2023-2024(232)$

Homework $3$

$-------------------------------------------------------------------------------$

$-------------------------------------------------------------------------------$

a$)$ ARP Spoofing

In this programming assignment, you will be mimicking arpspoof command in Khali using Python$-$Scapy library $($see the ARPHandsOn.pdf on the blackboard for more details$).$

ARPSpoofing program should spoof more than one target and the router on the same time.

Hint: the ARPSpoofing should send the ARP responses of type isAt $($OP $2)$ that will poison the ARP table of the targets and change them so that the Routers Mac address is changed to the Mac address of the attacker.

b$)$ ARP Spoofing Detectors

For the second part of the homework, you will build ARPSpoofingDetector, an ARP spoofing detector using Python$-$Scapy. The program will use the Scapy library to listen to incoming connections, and report the presence of ARP spoofing attacks.

i$)$ ARPSpoofingDetector$1$:You can write a program that as soon as it gets executed, it stores the value for the Mac address for the router and then keep an eye on that every $10$ seconds.

ii$)$ ARPSpoofingDetector$2$: A better way of doing this is to look at the way our ARPSpoofing program works $($part a$).$ By looking at this program should give you a good idea of detecting these attacks. We can wait for IP packets of type isAt then do some kind of analysis.

c$)$ Detector Bypassing

For the third part of the homework, you should bypass the detector you built in part b$.$

Hint: Run your script with root privileges within virtualbox environments.

Submit all your Python files as one Python file with your name and ID as a comment. Separately, in a Microsoft Word file or a pdf file, you should have annotated screenshots of your code outputs.