1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 | /*************** * Author : 5kyc1ad * 2016.03.20 : 01:30 * Update * - 2016.03.22 : Input Bcast & Expand IP Range to send ARP ****************/ #include <tins/tins.h> #include <thread> #include <unistd.h> #include <stdio.h> #include <iostream> #include <map> #include <string> #include <time.h> using namespace std; using namespace Tins; void ARPsniffing(char *); void sendARP(char *, char *); int main(int argc, char *argv[]) { if(argc!=3) { cout << "[*] Usage : " << argv[0] << " [MY_IP] [BCAST]" << endl; return 1; } thread sniffThread(ARPsniffing, argv[1]); sleep(1); thread sendingARPThread(sendARP, argv[1], argv[2]); sendingARPThread.join(); sniffThread.join(); return 0; } void ARPsniffing(char *my_ip){ map<IPv4Address, HWAddress<6>> mac_list; int TIMEOUT = 20; char config[256] = {0,}; Sniffer sniff("wlan0"); sprintf(config, "arp dest %s", my_ip); cout << "[*] Configure : Filtering=" << config << ", TIMEOUT="<< TIMEOUT << endl; sniff.set_filter(config); int cur = time(NULL); while(time(NULL) < cur + TIMEOUT) { Packet p = sniff.next_packet(); if(p.pdu()->find_pdu<ARP>() && p.pdu()->rfind_pdu<ARP>().opcode() == 2) { mac_list.insert(pair<IPv4Address, HWAddress<6>>(p.pdu()->rfind_pdu<ARP>().sender_ip_addr(), p.pdu()->rfind_pdu<ARP>().sender_hw_addr())); } } clog << "[*][*] Saved ip-mac Table [*][*]" << endl; for(map<IPv4Address, HWAddress<6>>::iterator i=mac_list.begin(); i != mac_list.end() ; i++) { clog << i->first << " : " << i->second << endl; } } void sendARP(char *my_ip, char *bcast){ char tmp[30] = {0,}; int ip1, ip2, ip3, ip4, net; PacketSender sender; sscanf(bcast, "%d.%d.%d.%d", &ip1, &ip2, &net, &ip4); sscanf(my_ip, "%d.%d.%d.%d", &ip1, &ip2, &ip3, &ip4); ip4 = 0; for(int j=0; j<=net; j++){ for(int i=0; i<=255; i++){ sprintf(tmp, "%d.%d.%d.%d", ip1, ip2, j, i); IPv4Address to_resolve(tmp); NetworkInterface iface(to_resolve); auto info = iface.addresses(); EthernetII eth = ARP::make_arp_request(to_resolve, info.ip_addr, info.hw_addr); sender.send(eth, iface); usleep(10000); clog << "[*] ARP Request to " << tmp << endl; } } } | cs |
'Network Security' 카테고리의 다른 글
| Kali를 이용한 WPA/WPA2 공격 (0) | 2018.02.20 |
|---|---|
| WPA, WPA2 공부 (0) | 2018.02.19 |
| [ARP Spoofing] 1. Find victims(in private network) using ARP Request (0) | 2016.03.19 |
__미니__
E-mail : skyclad0x7b7@gmail.com 나와 계약해서 슈퍼 하-카가 되어 주지 않을래?