Arp Sniffer在linux下面的具体实现

文章由LinuxBoy分享于2019-03-24 11:03:14热评（561）

Arp Sniffer在linux下面的具体实现

*============================================================================
Coder: Paris-ye
Released on: 1/9/2003
Test on: redhat 9.0
Information:
This is a arp spoof sniffer.
W <--- workstation
B <--- Server or GateWay
M <--- Man in the middle (agent),self IP address
Make:
first you must install "pcap" and "libnet"
gcc -I/usr/local/include -L/usr/local/lib -o sniffer sniffer.c -lpcap -lnet
Usage:
./sniffer -I [Interface] -M [Self IP] -W [Workstation IP] -S [Server IP] -P [port]
============================================================================*/
#include ;
#include ;
#include ;
#include ;
#include ;
#define MAXBUF 1024*4
#define PCAP_TOUT 5
#define PROMISC 0
#define TRUE 1
#define FALSE 0
/* Ethernet protocol IDs */
#define ETHERTYPE_PUP           0x0200          /* Xerox PUP */
#define ETHERTYPE_IP            0x0800          /* IP */
#define ETHERTYPE_ARP           0x0806          /* Address resolution */
#define ETHERTYPE_REVARP        0x8035          /* Reverse ARP */
/* This structure defines an ethernet arp header. */
/* ARP protocol opcodes. */
#define ARPOP_REQUEST   1               /* ARP request. */
#define ARPOP_REPLY     2               /* ARP reply. */
#define ARPOP_RREQUEST 3               /* RARP request. */
#define ARPOP_RREPLY    4               /* RARP reply. */
#define ARPOP_InREQUEST 8               /* InARP request. */
#define ARPOP_InREPLY   9               /* InARP reply. */
#define ARPOP_NAK       10              /* (ATM)ARP NAK. */
/* ARP protocol HARDWARE identifiers. */
#define ARPHRD_NETROM   0               /* From KA9Q: NET/ROM pseudo. */
#define ARPHRD_ETHER    1               /* Ethernet 10/100Mbps. */
#define ARPHRD_EETHER   2               /* Experimental Ethernet. */
#define ARPHRD_AX25     3               /* AX.25 Level 2. */
#define ARPHRD_PRONET   4               /* PROnet token ring. */
#define ARPHRD_CHAOS    5               /* Chaosnet. */
#define ARPHRD_IEEE802 6               /* IEEE 802.2 Ethernet/TR/TB. */
#define ARPHRD_ARCNET   7               /* ARCnet. */
#define ARPHRD_APPLETLK 8               /* APPLEtalk. */
#define ARPHRD_DLCI     15              /* Frame Relay DLCI. */
#define ARPHRD_ATM      19              /* ATM. */
#define ARPHRD_METRICOM 23              /* Metricom STRIP (new IANA id). */
/* Dummy types for non ARP hardware */
#define ARPHRD_SLIP       0x256
#define ARPHRD_CSLIP      0x257
#define ARPHRD_SLIP6      0x258
#define ARPHRD_CSLIP6     0x259
#define ARPHRD_RSRVD      0x260             /* Notional KISS type. */
#define ARPHRD_ADAPT      0x264
#define ARPHRD_ROSE       0x270
#define ARPHRD_X25        0x271             /* CCITT X.25. */
#define ARPHDR_HWX25      0x272             /* Boards with X.25 in firmware. */
#define ARPHRD_PPP        0x512
#define ARPHRD_CISCO      0x513             /* Cisco HDLC. */
#define ARPHRD_HDLC       ARPHRD_CISCO
#define ARPHRD_LAPB       0x516             /* LAPB. */
#define ARPHRD_DDCMP      0x517             /* Digitals DDCMP. */
#define ARPHRD_RAWHDLC    0x518             /* Raw HDLC. */

#define ARPHRD_TUNNEL     0x768             /* IPIP tunnel. */
#define ARPHRD_TUNNEL6    0x769             /* IPIP6 tunnel. */
#define ARPHRD_FRAD       0x770             /* Frame Relay Access Device. */
#define ARPHRD_SKIP       0x771             /* SKIP vif. */
#define ARPHRD_LOOPBACK   0x772             /* Loopback device. */
#define ARPHRD_LOCALTLK   0x773             /* Localtalk device. */
#define ARPHRD_FDDI       0x774             /* Fiber Distributed Data Interface. */
#define ARPHRD_BIF        0x775             /* AP1000 BIF. */
#define ARPHRD_SIT        0x776             /* sit0 device - IPv6-in-IPv4. */
#define ARPHRD_IPDDP      0x777             /* IP-in-DDP tunnel. */
#define ARPHRD_IPGRE      0x778

推荐文章：

Arp Sniffer在linux下面的具体实现