I am trying to build a simple Man-in-the-Middle Tool, similar (but much simpler) to mitmproxy. To get into a MITM position i am using arpspoof. The following picture shows a simplified setup. (I am using UDP sockets for the connection, because Client and Server utilizs a specific protocol (DTLS) and the library i am using to setup the connection wraps UDP sockets.)
While all my other test without actual arp spoofing went well, i hit a wall with this setup, since i am (understandybly) not able to bind my tool on 192.168.0.3:12345 to 192.168.0.1:12345 and the incoming datagrams from Client (that are correctly showing up on 192.168.0.3) are addressed to 192.168.0.1. The resoluting questions are:
- Is there a way to bind a socket to an IP that is NOT assigned to an interface on the machine (with python 3)?
- Is there another option i am missing? (I need to use the DTLS library, doing everything manually with the limited DTLS support of scapy probably won't work out)
- If i can somehow overcome this, how would i achieve spoofing the outgoing Datagrams on an existing socket?
- Is there maybe another option to proxy the incoming traffic, modify the destination adress, forward it to my tool, craft the response, proxy it, modify the source adress and send it to the client? (If this does make any sense to you)