NetCut-like API Translate Indonesia
NetCut-like API is a Python-based application built with Flask to manage ARP spoofing, network scanning, IP whitelisting, and more on a local network. This application allows you to perform network scans, start ARP spoofing attacks, manage whitelisted IPs, and provides a web-based dashboard for easy management.
- Features
- Requirements
- Installation
- Npcap Installation and Virtual Machine Recommendation
- WinPcap Installation (For Windows)
- Visual C++ Build Tools Installation (For Windows)
- Usage
- Running on Termux
- Warnings
- Notes
- License
- ARP Spoofing: Start and stop ARP spoofing attacks on a specified network with the ability to customize the number of threads used.
- Network Scanning: Scan the local network to discover devices and their MAC addresses, with the option to load previously scanned devices from a JSON file.
- IP Whitelisting: Add and remove IPs from a whitelist to exclude them from ARP spoofing. The whitelist is stored in a JSON file for persistence.
- Web-based Dashboard: Manage all features from a simple web interface, including network scanning, ARP spoofing, and whitelist management.
- Cross-Platform Support: The application can run on both Windows (using WMI) and Linux/Android (using psutil) for network interface detection.
- Periodic Network Scanning: Automatically update the list of target IPs by periodically scanning the network.
- Error Handling and Thread Management: Forcefully stop ARP spoofing if any error occurs, ensuring safe thread management.
- CORS Enabled: Cross-Origin Resource Sharing is enabled for ease of use in diverse environments.
- Python 3.x
- Flask
- Flask-CORS
- Scapy
- WMI (for Windows)
- psutil (for Linux/Android)
- Netifaces
- Threading
- JSON
Important: If you are running this application on Windows, it is strongly recommended to install Npcap instead of WinPcap. Npcap is the updated and actively maintained version of WinPcap.
Additionally, for stability and security reasons, it is recommended to run ARP spoofing in a virtual machine (VM) environment such as VMware or VirtualBox. This prevents any unintended disruptions to your primary operating system.
-
Download Npcap:
- You can download Npcap from the official website: Npcap Download.
-
Install Npcap:
- Run the installer and ensure to select the "WinPcap API-compatible mode" option during installation.
-
Verify Npcap Installation:
- After installation, you can verify Npcap is working by running the following command in a terminal:
nping --version
- After installation, you can verify Npcap is working by running the following command in a terminal:
To avoid potential issues such as Blue Screen of Death (BSOD) or network disruptions during ARP spoofing, it is highly recommended to run this application within a virtual machine (VM) environment:
- VMware: Download VMware
- VirtualBox: Download VirtualBox
Running in a virtualized environment isolates the ARP spoofing activity from the host system, reducing the risk of system instability or crashes.
If you're running this application on Windows and prefer WinPcap, it must be installed to allow Scapy to capture and inject packets. However, Npcap is preferred due to its modern support.
-
Download WinPcap:
- You can download WinPcap from the official website: WinPcap Download.
-
Install WinPcap:
- Run the installer and follow the on-screen instructions to complete the installation.
-
Verify Installation:
- After installing WinPcap, verify that it is working by running the following command in a terminal:
nping --version
- After installing WinPcap, verify that it is working by running the following command in a terminal:
Some Python libraries require Visual C++ Build Tools to be installed, especially when compiling C/C++ extensions. Here's how to install it:
-
Download Visual C++ Build Tools:
- You can download it from the official Microsoft website: Download Visual C++ Build Tools.
-
Install Visual C++ Build Tools:
- Run the installer and make sure to select the following components:
- Desktop development with C++.
- Windows 10 SDK (if available).
- Run the installer and make sure to select the following components:
-
Complete the Installation:
- After the installation is complete, Python will be able to compile libraries that require these build tools.
-
Clone the Repository:
git clone https://github.com/zimibot/Spoofing_Network.git cd netcut-like-api
-
Install the Required Dependencies:
pip install -r requirements.txt
-
Install WMI on Windows (if not installed):
pip install WMI
-
Run the Application:
python api.py
- Start the Flask application by running
python api.py
in your terminal. - The API will be accessible on
http://localhost:5000
.- Note: Port
5000
is used exclusively for the API.
- Note: Port
- The dashboard itself is not served by the Flask API. To access the dashboard, you need to open the
index.html
file separately.
-
Ensure the Flask API is Running: Make sure the Flask API is running on your machine (
http://localhost:5000
). -
Open the
index.html
File Using Python:- Navigate to the directory where
index.html
is located:cd /path/to/your/index.html
- Start a simple HTTP server using Python:
This command will serve the files in the directory on port
python -m http.server 8080
8080
.
- Navigate to the directory where
-
Access the Dashboard:
- From Your Computer: Open a browser and go to
http://localhost:8080/index.html
. - From Another Device: Use the IP address of your machine (e.g.,
http://<Your-IP>:8080/index.html
).
- From Your Computer: Open a browser and go to
GET /scan_interfaces
: Scan available network interfaces and save them to JSON.GET /interface_data
: Retrieve the list of network interfaces from the JSON file.GET /scan_network
: Scan devices on the network, excluding whitelisted IPs.- Parameters:
interface
(Index of the network interface)
- Parameters:
GET /scan_network_data
: Retrieve previously scanned network data from the JSON file.POST /start_netcut
: Start ARP spoofing on specified IPs.- Parameters:
interface
,target_ips
,num_threads
- Parameters:
POST /stop_netcut
: Stop all running ARP spoofing attacks.POST /force_stop_netcut
: Forcefully stop all running ARP spoofing attacks and clear the session.POST /whitelist
: Add IPs to the whitelist.- Parameters:
ip
(The IP address(es) to be added)
- Parameters:
DELETE /whitelist
: Remove IPs from the whitelist.- Parameters:
ip
(The IP address(es) to be removed)
- Parameters:
GET /whitelist
: Get the list of whitelisted IPs.GET /help
: Display API documentation and help information.
ality
- Whitelist Management: Add or remove IP addresses from the whitelist directly from the dashboard.
- ARP Spoofing Management: Start, stop, or force stop ARP spoofing attacks. Customize the target IPs and the number of threads used.
- Network Scanning: Perform network scans to discover devices. The scanned devices are displayed on the dashboard and can be used to select target IPs for ARP spoofing.
- Multiple Target IP Selection: Select multiple IP addresses from scanned devices to target with ARP spoofing, with an option to select "all" devices.
- Error Notifications: Receive real-time error notifications via pop-ups using SweetAlert2.
Important: Ensure that your device is rooted before proceeding. Root access is required to run ARP spoofing and network scanning on Android through Termux.
-
Install Termux: Download and install Termux from the Google Play Store or F-Droid.
-
Update and Upgrade Termux Packages:
pkg update -y pkg upgrade -y
-
Install Python and Pip:
pkg install python -y
-
Install Required Python Packages:
pip install flask flask-cors scapy psutil netifaces
-
Clone the Repository:
pkg install git -y git clone https://github.com/zimibot/Spoofing_Network.git cd Spoofing_Network
- Start the Flask application in Termux:
python api.py
-
Ensure the Flask API is Running:
- Ensure that your Flask API is running on
http://localhost:5000
by executing:python api.py
- Ensure that your Flask API is running on
-
Serve
index.html
Using Python:- Install a Python HTTP server to serve the
index.html
file:cd /path/to/your/index.html python -m http.server 8080
- This command will serve the files in the directory on port
8080
.
- Install a Python HTTP server to serve the
-
Access the Dashboard:
- From Your Android Device: Open a web browser and navigate to
http://localhost:8080/index.html
. - From Another Device: Find the IP address of your Android device by running
ifconfig
in Termux. Access the dashboard usinghttp://<Your-IP>:8080/index.html
.
- From Your Android Device: Open a web browser and navigate to
- From Your Android Device: Open a browser and go to
http://localhost:5000
. - From Another Device: Find the IP address of your Android device by running
ifconfig
in Termux, then access the API usinghttp://<Your-IP>:5000
.
Warning: If the number of threads used for ARP spoofing is too high, it can lead to a Blue Screen of Death (BSOD) on Windows systems. It is recommended to limit the number of threads to avoid overloading the network drivers. If you encounter BSOD issues, consider reducing the number of threads or running the application in a virtual environment such as VMware or VirtualBox.
- Ensure you have the proper permissions and legal rights to perform network scanning and ARP spoofing on the network you are testing.
- For Windows systems, ensure that the
wmi
module is installed and available. - For Termux, make sure that the script correctly detects the environment and uses
psutil
for network interface detection. - Root access is required on Android when using Termux to perform network scanning and ARP spoofing.
- Windows users must install Npcap for capturing and injecting network packets. It is recommended to run the application in VMware or VirtualBox to ensure system stability during ARP spoofing.
- Windows users must also install Visual C++ Build Tools for compiling certain Python libraries.
This project is licensed under the MIT License. See the LICENSE file for details.