This is a hacking tool that allows users to exploit code injection with ARP spoofing.
For more information on how the attack works, see Documentation.pdf.
- for this tool, you need to install all the libraries from the dependencies file.
- run arp_spoofer.py with the appropriate command line parameters.
- run code_injector.py with the appropriate command line parameters.
- now you can inject the code.
- This will only work on a Linux machine.
- You must have "libcap" installed
Assume that:
- the network interface is eth0 :
- the IP of the victim is 192.168.1.16 :
- the code we want to inject is in the path ./injected.js :
Then, to execute the attack, call the following commands:
- sudo python3 arp_spoofer.py --interface eth0 --ip 192.168.1.16 2.
- sudo python3 code_injector.py --file ./injected.js
- create a network in the virtual box
- create 2 virtual machines in the virtual box, one of them with Linux connected to the previous network.
- download the code-injection-tool folder into the Linux virtual machine.
- proceed as in the previous example.
- try to connect to an http site from the victim machine.