Skip to content
/ SuperNova Public

Python based ARP spoofing tool to perform MITM attacks

License

MIT license
5 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

b3rt1ng/SuperNova

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

77 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
install.sh
install.sh
 
 
mapper.py
mapper.py
 
 
relay.py
relay.py
 
 
resolver.py
resolver.py
 
 
supernova.py
supernova.py
 
 
ui.py
ui.py
 
 

Repository files navigation

python version working on linux working on windows not tested on osx
🌌SuperNova🌌

Performs a man in the middle with ease (and Scapy)

Key FeaturesHow To UseDownload manuallyHow does it work
Screenshot of the main UI

Key Features

  • Network Scan - Scan on your network to find all the devices connected to it
    • Displays the IP, MAC, Vendor name and the hostname of the device
  • ARP poisoning - Perform an ARP poisoning attack on the target and the router to put yourself in between
    • Choose a device to poison
    • Launch the attack
    • That's it !

How To Use

To clone and run this application, you'll need Git installed on your computer and Python 3.10 or higher. From your command line:

# Clone this repository
$ git clone https://github.com/b3rt1ng/SuperNova

# Go into the repository
$ cd SuperNova

# grant execution rights to the install script or simply run it with SU rights
$ chmod +x install.sh
$ ./install.sh

# Run the app with SU rights
$ sudo python3 supernova.py

Note The install file might not need the execution rights, but the main script does.

Download manually

Download scapy from here
Download the manufacutrer database from here

How does it work

Network scanning

The script will find out what your local IP is and then perform a ping sweep for every IP in the range of your local IP from 0 to 255.
Scanning the network is done like xxx.xxx.xxx.0-255.

MAC address resolver

The MAC address is resolved using the getmacbyip() function from the scapy library and then the script will use the manufacturer database to find out the vendor name of the device based on that MAC address.

ARP poisoning

The ARP poisoning is done using the ARP() function from the scapy library which allows you to send a custom ARP packet to your targeted device and to the router, telling them that you are the router and that the targeted device is you. Now the only thing you need to do is relay the packets between the targeted device and the router and you will be able to see all the traffic between the two devices.

More about the MITM attacks

A Man In The Middle attack occurring on your personal network is actually a trick that exploit the MAC on the data link layer (check out the OSI model if you need a quick refresh).
What our script is doing here is basically telling the router "hey i am the victim" and telling the victim "hey i am the router" therefore, you can act as a relay and see the packets sent from the victim to the router and vice versa assuming the script successfully managed to enable IP Forwarding or you manually set it on.

Useful to know

You can modify the code to process some packet as the following line shows (on relay.py)

pkts = sniff(prn=lambda x:x.sprintf("{IP:%IP.src% -> %IP.dst%}"), filter=f"ip host {self.victim_ip} and not arp")

But I highly recommend using wireshark for the packet shelling since it's way more convenient and it's a lot more powerful / complete

About

Python based ARP spoofing tool to perform MITM attacks

Topics

python-3 arp-spoofing scapy mitm-attacks arp-poisoning

Resources

Readme

License

MIT license
Activity

Stars

5 stars

Watchers

1 watching

Forks

1 fork
Report repository

Languages