arp-sk is basically an ARP Traffic Generation Tool. It’s quite old but still very useful!
There are 2 basics mode:
– who-has: build a request ARP message.
– reply: build a reply ARP message (default)
Other advanced modes should come very soon
– arping: send a who-has to every host on the LAN to see who is here
– promisc: detection of boxes that are sniffing on the network using promiscuous mode of their network interface
– arpmim: perform Man in the Middle attack
Link level options
-s: set the source address of the packet.
Default : MAC address of the interface used to send the packets.
-d: set the destination address of the packet
Default: broadcast
These 2 options have a strong influence on the ARP message itself.
Here are the default according to these options:
– request
1 2 3 4 5 6 7 8 9 |
# ./arp-sk -i eth1 -w + Running mode "who-has" + IfName: eth1 + Source MAC: 52:54:05:f4:62:30 + Source ARP MAC: 52:54:05:f4:62:30 + Source ARP IP : 192.168.1.1 (batman) + Target MAC: ff:ff:ff:ff:ff:ff + Target ARP MAC: 00:00:00:00:00:00 + Target ARP IP : 255.255.255.255 (255.255.255.255) |
– reply
1 2 3 4 5 6 7 8 9 |
# ./arp-sk -i eth1 -r + Running mode "reply" + IfName: eth1 + Source MAC: 52:54:05:f4:62:30 + Source ARP MAC: 52:54:05:f4:62:30 + Source ARP IP : 192.168.1.1 (batman) + Target MAC: ff:ff:ff:ff:ff:ff + Target ARP MAC: ff:ff:ff:ff:ff:ff + Target ARP IP : 255.255.255.255 (255.255.255.255) |
The only difference comes from the destiantion mac address from ARP message, since it has to be 00:00:00:00:00:00. For the reply mode, consistency is preserved and the destination MAC address used for the link layer is copied in the ARP message.
You can download arp-sk here:
greetingsfrompoland says
Hello to all ! Greetings From Poland. very Good Page !