Skip to content

Releases: europa502/shARP

shARP_1.0

14 May 18:19
@europa502 europa502
v1.0
da90c3c
Compare
Choose a tag to compare
shARP_1.0 Latest
Latest 
		           ||                               _______       _______          
		           ||                  /\          |        ?    |        ?     
		           ||                 /  \         |         ?   |         ?    
		           ||                /    \        |         ?   |         ?    
		     //    ||-------        /      \       |________?    |________?     
		    //     ||      ||      /--------\      |     \       |              
		   //_____ ||      ||     /          \     |      \      |              
		        // ||      ||    /            \    |       \     |             
		       //  ||      ||   /              \   |        \    |             
		      //   ||      ||  /                \  |         \   |             
	_______________________________________________________________________________________

Description-

ARP spoofing allows an attacker to intercept data frames on a network, modify the traffic, or stop all traffic. Often the attack is used as an opening for other attacks, such as denial of service, man in the middle, or session hijacking attacks. This anti- ARP spoofing program, (shARP) detects the presence of a third party in a private network actively. It has 2 mode: defensive and offensive.

Latest Release - shARP_2.0

Defensive mode protects the end user from the spoofer by disconnecting the user's system from the network. This mode also alerts the user by an audio message as soon as spoofing is detected.

def

defcom

Offensive mode disconnects the user's system from the network and further kicks out the attacker by sending De-authentication packets to his system, this doesn't let him reconnect to the network until the program is manually reset.

of

offen

ofcom

Records

The program creates a log file (/usr/shARP/)containing the details of the attack such as the attackers mac address, mac vendor, time and date of the attack.

We can identify the NIC of the attackers system with the help of the obtained mac address. The whole program is designed specially for linux and is written in Linux shell command (bash command). In the offensive mode the program downloads an open-source application from with the permission of the user namely aircrack-ng (if not present in the user's system already). Visit https://www.aircrack-ng.org for more info.

Edits-

If you wish to get an audio alert please download espeak or comment out those lines in the source code.

How to use

help

bash ./shARP.sh -r [interface] to reset the network card and driver.

bash ./shARP.sh -d [interface] to activate the program in defense mode.

bash ./shARP.sh -o [interface] to activate the program in offense mode.

bash ./shARP.sh -h for help.

Note -

  1. I won't suggest using this software over wired connections, especially in offensive mode as it might cause network instability.
  2. Use the offensive mode only with the NICs that supports monitor mode.
  3. Offensive mode does DOS attack on the ARP-spoofer. So use Offensive mode only after making sure that you have appropriate right over the network and the devices connected to it and make sure that doing so is legal in your Country/State.
Assets 6