0
好了,所以我跑Ubunutu 14.04 LTS,我試圖毒害我自己的ARP緩存表,這樣做,失敗在ARP中毒蟒(Linux版)
我的私有IP地址是10.0。 0.1。
我的手機的私人IP地址是10.0.0.8。
這個例子只讓我們說我的MAC地址是axaxaxaxaxax。
我已經寫了下面的Python代碼:
from binascii import *
from struct import *
import socket;
class ethernetframe:
def __init__(self, destmac, srcmac, ethrtype):
self.destmac = unhexlify(destmac)
self.srcmac = unhexlify(srcmac)
self.ethrtype = unhexlify(ethrtype)
def uniteframe(self, payload):
frame = ''
frame = frame + self.destmac
frame = frame + self.srcmac
frame = frame + self.ethrtype
frame = frame + payload
frame = frame + unhexlify("00000000")
return frame
class arppacket:
def __init__(self,opcode,srcmac,srcip,dstmac,dstip):
if opcode == 1:
dstmac = "000000000000"
opcode = "0001"
else:
opcode = "0002"
self.opcode = unhexlify(opcode)
self.srcmac = unhexlify(srcmac)
self.srcip = pack('!4B',srcip[0],srcip[1],srcip[2],srcip[3])
self.dstmac = unhexlify(dstmac)
self.dstip = pack('!4B',dstip[0],dstip[1],dstip[2],dstip[3])
def unitepacket(self):
packet = ''
packet = packet + "\x00\x01\x08\x00\x06\x04"
packet = packet + self.opcode
packet = packet + self.srcmac
packet = packet + self.srcip
packet = packet + self.dstmac
packet = packet + self.dstip
return packet
e1 = ethernetframe("axaxaxaxaxax","axaxaxaxaxax","0800")
arp1 = arppacket(2,"axaxaxaxaxax",(10,0,0,8),"axaxaxaxaxax",(10,0,0,1))
arpacket = arp1.unitepacket()
fullethframe = e1.uniteframe(arpacket)
s = socket.socket(socket.AF_PACKET,socket.SOCK_RAW,socket.htons(0x0806))
s.bind(("eth0",0))
s.send(fullethframe)
現在,我監視整個過程使用Wireshark,ARP報文正在發送和它是正確形成,在絲鯊我看到了下面一行:
10.0.0.8是axaxaxaxaxax
這意味着我已經成功發送一個ARP回覆!說明解決了10.0.0.8的MAC地址是axaxaxaxaxax 自從ARP緩存自動更新,如果收到答覆無憂如果發送請求,這意味着在我的NIC驅動程序的arp緩存應該一直線加入指出 10.0.0.8與axaxaxaxaxax,解決
然而,當我在我的ubunutu的終端中運行
arp - a
或
arp - an
它沒有顯示.....,這意味着我沒有毒害我自己的ARP緩存,任何想法如何解決這個問題?
剛剛嘗試過,不起作用:/ – user3687265 2014-09-23 21:37:55