This project contains a basic ARP packet sniffer written in x86 Assembly (NASM syntax), designed for educational and ethical hacking purposes. It detects ARP traffic on the local network and prints the source and destination MAC addresses.
β οΈ Use this tool only on networks you own or have explicit permission to test. Unauthorized use is illegal.
sniffer.asmβ Basic ARP packet sniffersniffer_mac.asmβ Extended version with MAC address printing
You have two main options:
WSL (Windows Subsystem for Linux) allows you to run Linux tools on Windows easily.
-
Install WSL: Open PowerShell as Administrator and run:
wsl --install
Reboot your system when prompted.
-
Launch Ubuntu (or your chosen distro) from the Start Menu.
-
Install NASM:
sudo apt update sudo apt install nasm
-
Access your code: Navigate to your Windows folder (e.g., if your code is in
C:\Users\YourName\assembly):cd /mnt/c/Users/YourName/assembly -
Compile and run the sniffer:
nasm -f elf32 sniffer_mac.asm -o sniffer.o ld -m elf_i386 sniffer.o -o sniffer sudo ./sniffer
-
Download NASM: https://www.nasm.us/pub/nasm/releasebuilds/
-
Download DOSBox: https://www.dosbox.com/download.php?main=1
-
Save your
.asmfile in a folder (e.g.C:\ASM) -
Open DOSBox and run:
mount c c:\ASM c: nasm hello.asm -f bin -o hello.com hello
Note: This is limited to real-mode 16-bit programs. Not suitable for ARP/network sniffers.
ARP intercettato
MAC destinazione: 00:1A:2B:3C:4D:5E
MAC sorgente: 52:10:9F:EE:10:88
You can enhance this project to:
- Extract ARP sender and target IP addresses
- Log packets to a file
- Add timestamping to packets
- Build a basic ARP poisoning detector
MIT License β Use freely for ethical and educational purposes.
Open an issue or contact the author if you need help setting up NASM or WSL on your system.