WEBVTT

00:01.440 --> 00:04.440
Okay, now you see that the program is working perfect.

00:04.600 --> 00:09.160
And still there is ways that we can improve this program.

00:09.680 --> 00:10.120
Okay.

00:12.360 --> 00:15.040
And how can we improve this?

00:16.320 --> 00:19.080
Let's first once again I want to execute this.

00:19.080 --> 00:20.320
And let's see.

00:23.200 --> 00:23.520
Okay.

00:23.560 --> 00:25.240
It is sending the packets.

00:25.600 --> 00:33.640
And now if I come back to here go to right here use this one.

00:33.640 --> 00:35.840
You see now it is changing the Mac address.

00:36.160 --> 00:36.560
Okay.

00:37.440 --> 00:43.080
And if I browse the internet multiple times.

00:46.600 --> 00:54.360
And also if I use Ctrl C here if I came back to windows.

00:56.720 --> 00:57.520
And.

00:59.960 --> 01:01.200
Try to see that.

01:01.910 --> 01:03.270
ARP table again.

01:04.070 --> 01:06.470
You see that it is not changing back.

01:06.470 --> 01:16.510
So it is better to whenever we finish our doing attacks or our ARP spoofing, it is better to restore

01:16.510 --> 01:17.030
the table.

01:17.070 --> 01:24.750
Okay, so for doing restore that table it is better to create a new function.

01:24.790 --> 01:25.190
Okay.

01:26.110 --> 01:30.670
So here I am going to create a new function for restoring the ARP table.

01:30.710 --> 01:31.390
Okay.

01:31.430 --> 01:37.910
So it is going to be restore and it is going to get or take two arguments.

01:37.910 --> 01:41.550
One of them is going to be destination IP and also source IP.

01:41.590 --> 01:42.030
Okay.

01:42.270 --> 01:46.070
So let's use destination underscore IP.

01:46.070 --> 01:50.910
And also we need to provide another thing that is called source IP.

01:52.790 --> 01:53.710
Very good.

01:53.750 --> 01:54.510
Beautiful.

01:54.830 --> 01:58.030
Now in here inside this we need two things okay.

01:58.070 --> 01:59.310
Destination Mac address.

01:59.310 --> 02:01.730
And also the source Mac address.

02:02.210 --> 02:09.570
And just like this one, we need to provide we need to create a packet.

02:09.610 --> 02:10.010
Okay.

02:11.850 --> 02:20.730
And here we are sending a packet to spoof or to fool the target and also the source.

02:20.770 --> 02:28.970
But here we are going to send a packet to give the real IP to target and also the real IP of the computer

02:28.970 --> 02:30.210
to router.

02:30.250 --> 02:35.170
So again here I am going to create a packet okay.

02:35.210 --> 02:39.810
It is equal to p dot ARP.

02:40.490 --> 02:45.570
And just like that OP is equal to number two because it is a response.

02:46.170 --> 02:51.610
And pdst which is the destination.

02:53.810 --> 02:54.130
Okay.

02:54.170 --> 02:55.490
Which is the destination.

02:55.610 --> 02:59.330
It is going to be equal to the destination IP.

03:01.090 --> 03:07.200
And also we have, uh, again, we have.

03:07.240 --> 03:08.320
It's okay.

03:09.840 --> 03:17.400
This time it is going to be equal to, um, destination Mac address here it was target Mac address.

03:17.400 --> 03:20.400
And now it is going to be destination Mac address okay.

03:20.440 --> 03:24.680
Destination Mac that we don't have destination Mac okay.

03:24.680 --> 03:27.960
Now let's go and create that destination Mac.

03:29.640 --> 03:34.000
Destination Mac is equal to.

03:34.640 --> 03:41.160
We have a function called Get Mac by using that destination IP address okay.

03:41.960 --> 03:44.800
Now we provided the destination Mac address here.

03:45.680 --> 03:53.400
And again let's try the other one which is going to be the source IP.

03:53.440 --> 03:58.680
Okay is RC is equal to source IP.

03:58.720 --> 04:00.800
That is provided as argument here.

04:01.040 --> 04:04.980
And also we need this source Mac address.

04:05.420 --> 04:08.740
So I'm going to use h w rc.

04:09.460 --> 04:15.060
It is equal to source underscore Mac.

04:15.460 --> 04:25.500
I don't have it here but I am going to use source underscore Mac is equal to it Mac.

04:25.620 --> 04:30.580
And here let's use source IP to get source Mac.

04:30.620 --> 04:32.540
Let me see if.

04:36.620 --> 04:43.220
Copy this and let's see if this book is the same or not.

04:43.260 --> 04:43.660
Okay.

04:44.260 --> 04:46.860
Now we have it here.

04:46.900 --> 04:47.300
Okay.

04:49.140 --> 04:53.700
Now I can, uh, I can see the details.

04:53.740 --> 04:54.300
Okay.

04:54.340 --> 04:55.620
The details for this.

04:56.220 --> 05:00.100
And if I want to see the details, I can use print statement here.

05:00.740 --> 05:03.650
And let's use the packet that we have.

05:04.370 --> 05:06.090
Dot show method.

05:08.450 --> 05:09.010
And.

05:14.690 --> 05:14.970
Okay.

05:15.010 --> 05:16.330
And also print.

05:18.410 --> 05:23.170
Packet dot summary.

05:23.610 --> 05:28.170
Okay I can call this function right here.

05:29.890 --> 05:32.730
Let's use uh restore.

05:33.930 --> 05:35.970
And here I need to provide two things.

05:35.970 --> 05:43.770
One of them is destination IP and also the source IP destination IP which is going to be IP for uh windows.

05:44.050 --> 05:44.490
Okay.

05:45.170 --> 05:46.690
And also the source IP.

05:50.250 --> 05:55.770
Is going to be ten 0 to 1 which is the router IP.

05:56.250 --> 06:01.970
So right now let's execute this and let's see the details of the packet.

06:04.510 --> 06:04.990
Okay.

06:06.550 --> 06:07.230
Beautiful.

06:07.230 --> 06:08.910
Let me use Ctrl C here.

06:10.030 --> 06:16.750
You see we have this op which is uh is at type okay.

06:17.190 --> 06:26.990
And also we have hardware source which is changed back to what it was okay to a mac address of the router

06:26.990 --> 06:28.750
and also the source IP.

06:29.030 --> 06:35.070
And also we have the Mac address of destination and the Mac IP for uh destination.

06:35.350 --> 06:35.710
Okay.

06:35.750 --> 06:36.390
Perfect.

06:37.870 --> 06:39.430
Uh, let me use ifconfig.

06:42.990 --> 06:50.070
And make sure that okay, now I'm sure that it is not my, uh, Mac address.

06:50.110 --> 06:50.430
Okay.

06:52.430 --> 06:54.710
It is the Mac address for Windows 7.

06:55.630 --> 07:00.430
Now, that is, now that you see that it is working, you need to,

07:04.460 --> 07:04.740
Okay.

07:04.780 --> 07:13.060
Instead of, uh, doing this here printing, we need to use, uh, send method here.

07:13.100 --> 07:15.900
Okay, so let's just use that.

07:16.060 --> 07:16.260
Okay.

07:16.300 --> 07:23.620
Scapy dot send and give the packet.

07:24.540 --> 07:28.260
And also let's use count is equal to number four.

07:28.860 --> 07:35.540
And also we have the verbose is equal to false.

07:36.900 --> 07:37.300
Okay.

07:37.940 --> 07:41.620
Now we have these all I think correct.

07:43.540 --> 07:49.500
Let's see that once again.

07:52.740 --> 07:53.420
Okay.

07:53.420 --> 07:56.340
Right now we are not printing anything and it's working perfect.

07:58.380 --> 08:04.810
And now that we have the restore function here We don't need to use it.

08:05.530 --> 08:05.730
Uh.

08:05.730 --> 08:06.570
Right here.

08:07.970 --> 08:08.370
Okay.

08:14.170 --> 08:17.770
Okay, now that you see, we are using restore here, I don't need to use it.

08:17.770 --> 08:22.970
The app here, I need to use it after I use, uh, control C okay.

08:27.090 --> 08:28.730
Let's provide the target.

08:31.770 --> 08:42.850
Uh, target IP is going to be equal to, uh, ten .0.2. 15.

08:43.410 --> 08:46.650
And also we need to have the gateway.

08:51.530 --> 08:57.290
Gateway IP is also going to be equal to ten .0.2.1.

08:57.930 --> 09:04.790
And now I don't need to call this function like this okay I will remove it later.

09:05.510 --> 09:05.910
Here.

09:06.510 --> 09:09.550
I can add that function here.

09:09.830 --> 09:12.510
So let's call our restore method here.

09:13.310 --> 09:22.910
And I will give the target IP and also get away IP.

09:22.910 --> 09:25.030
This is for the first one.

09:25.030 --> 09:26.910
And use Ctrl C and control V.

09:27.590 --> 09:34.990
Let's change this this time to target IP and also gateway.

09:37.310 --> 09:42.870
Gateway IP okay so it is almost completed.

09:43.030 --> 09:44.390
Let me remove this.

09:44.590 --> 09:47.510
Now it is not necessary.

09:47.870 --> 09:54.190
And also here you see we are using a lot of text here okay IP is text.

09:54.230 --> 10:01.870
Now instead of using them like this I can use target IP.

10:06.620 --> 10:10.620
And this one is going to be gateway IP.

10:12.980 --> 10:14.820
And also this one.

10:18.340 --> 10:21.260
Gateway IP.

10:21.260 --> 10:27.780
And also this one is going to be targeted.

10:29.860 --> 10:30.180
Okay.

10:30.220 --> 10:31.860
Also we need to change this.

10:31.900 --> 10:32.140
Okay.

10:32.140 --> 10:35.340
This text the text in control C quitting.

10:35.500 --> 10:39.460
Let's change this to something else like resetting your table.

10:41.260 --> 10:44.900
Resetting the ARP.

10:48.100 --> 10:50.380
Table.

10:50.660 --> 10:52.340
Let's say please wait.

10:57.820 --> 10:59.060
And let me save it.

11:08.120 --> 11:15.040
Sending two packets per packet plus Ctrl c okay, it is working.

11:16.160 --> 11:22.360
Now let me again come back here and do CLS.

11:25.400 --> 11:27.800
Now you see that it is restarted okay.

11:28.680 --> 11:31.240
Let's execute this again.

11:31.680 --> 11:35.040
Right now it is doing the ARP spoofing.

11:36.080 --> 11:40.160
And now let me move to windows.

11:40.240 --> 11:42.120
Try to check the ARP table.

11:42.360 --> 11:47.360
Right now you see that the Mac address is 36.

11:47.760 --> 11:50.520
And I want to cancel that attack.

11:50.520 --> 11:52.920
Now use Ctrl C okay.

11:53.920 --> 11:59.360
Now let me go back here and try to see if it has changed.

11:59.400 --> 12:02.160
Of course it is changed now to what it was.

12:02.200 --> 12:05.120
Okay so thanks for watching and I will see you later.