Arp Sniffer在linux下面的具体实现
Arp Sniffer在linux下面的具体实现
*============================================================================
Coder: Paris-ye
Released on: 1/9/2003
Test on: redhat 9.0
Information:
This is a arp spoof sniffer.
W <--- workstation
B <--- Server or GateWay
M <--- Man in the middle (agent),self IP address
Make:
first you must install "pcap" and "libnet"
gcc -I/usr/local/include -L/usr/local/lib -o sniffer sniffer.c -lpcap -lnet
Usage:
./sniffer -I [Interface] -M [Self IP] -W [Workstation IP] -S [Server IP] -P [port]
============================================================================*/
#include ;
#include ;
#include ;
#include ;
#include ;
#define MAXBUF 1024*4
#define PCAP_TOUT 5
#define PROMISC 0
#define TRUE 1
#define FALSE 0
/* Ethernet protocol IDs */
#define ETHERTYPE_PUP 0x0200 /* Xerox PUP */
#define ETHERTYPE_IP 0x0800 /* IP */
#define ETHERTYPE_ARP 0x0806 /* Address resolution */
#define ETHERTYPE_REVARP 0x8035 /* Reverse ARP */
/* This structure defines an ethernet arp header. */
/* ARP protocol opcodes. */
#define ARPOP_REQUEST 1 /* ARP request. */
#define ARPOP_REPLY 2 /* ARP reply. */
#define ARPOP_RREQUEST 3 /* RARP request. */
#define ARPOP_RREPLY 4 /* RARP reply. */
#define ARPOP_InREQUEST 8 /* InARP request. */
#define ARPOP_InREPLY 9 /* InARP reply. */
#define ARPOP_NAK 10 /* (ATM)ARP NAK. */
/* ARP protocol HARDWARE identifiers. */
#define ARPHRD_NETROM 0 /* From KA9Q: NET/ROM pseudo. */
#define ARPHRD_ETHER 1 /* Ethernet 10/100Mbps. */
#define ARPHRD_EETHER 2 /* Experimental Ethernet. */
#define ARPHRD_AX25 3 /* AX.25 Level 2. */
#define ARPHRD_PRONET 4 /* PROnet token ring. */
#define ARPHRD_CHAOS 5 /* Chaosnet. */
#define ARPHRD_IEEE802 6 /* IEEE 802.2 Ethernet/TR/TB. */
#define ARPHRD_ARCNET 7 /* ARCnet. */
#define ARPHRD_APPLETLK 8 /* APPLEtalk. */
#define ARPHRD_DLCI 15 /* Frame Relay DLCI. */
#define ARPHRD_ATM 19 /* ATM. */
#define ARPHRD_METRICOM 23 /* Metricom STRIP (new IANA id). */
/* Dummy types for non ARP hardware */
#define ARPHRD_SLIP 0x256
#define ARPHRD_CSLIP 0x257
#define ARPHRD_SLIP6 0x258
#define ARPHRD_CSLIP6 0x259
#define ARPHRD_RSRVD 0x260 /* Notional KISS type. */
#define ARPHRD_ADAPT 0x264
#define ARPHRD_ROSE 0x270
#define ARPHRD_X25 0x271 /* CCITT X.25. */
#define ARPHDR_HWX25 0x272 /* Boards with X.25 in firmware. */
#define ARPHRD_PPP 0x512
#define ARPHRD_CISCO 0x513 /* Cisco HDLC. */
#define ARPHRD_HDLC ARPHRD_CISCO
#define ARPHRD_LAPB 0x516 /* LAPB. */
#define ARPHRD_DDCMP 0x517 /* Digitals DDCMP. */
#define ARPHRD_RAWHDLC 0x518 /* Raw HDLC. */
#define ARPHRD_TUNNEL 0x768 /* IPIP tunnel. */
#define ARPHRD_TUNNEL6 0x769 /* IPIP6 tunnel. */
#define ARPHRD_FRAD 0x770 /* Frame Relay Access Device. */
#define ARPHRD_SKIP 0x771 /* SKIP vif. */
#define ARPHRD_LOOPBACK 0x772 /* Loopback device. */
#define ARPHRD_LOCALTLK 0x773 /* Localtalk device. */
#define ARPHRD_FDDI 0x774 /* Fiber Distributed Data Interface. */
#define ARPHRD_BIF 0x775 /* AP1000 BIF. */
#define ARPHRD_SIT 0x776 /* sit0 device - IPv6-in-IPv4. */
#define ARPHRD_IPDDP 0x777 /* IP-in-DDP tunnel. */
#define ARPHRD_IPGRE 0x778 
评论暂时关闭