li0n
02.06.2010, 16:17
Hallo ich werkle grade (wie schon ein Topic vorher erwähnt) an einem ARPreplay tool.
das ganze schaut im Moment so aus:
//main.c
#include "send.h"
int main(void) {
send_sniffed_pack();
return 0;
}
//send.h
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <unistd.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <netinet/tcp.h>
#include <arpa/inet.h>
#include <net/ethernet.h>
#include <arpa/inet.h>
#include <errno.h>
#include "sniff.h"
//--------------------------------------------------------------------------------------
int send_sniffed_pack() {
int sock;
int input;
int i;
struct sockaddr_in addr;
struct iphdr *ip = (struct iphdr*)(pack + sizeof(struct ether_header));
struct tcphdr *tcp = (struct tcphdr*)(pack + sizeof(struct ether_header) + sizeof(struct iphdr));
choosepack();
printf("how many times should the packet be sent? [enter a number or 0 for endless]\n");
scanf("%1i",&input);
if((sock = socket(AF_INET, SOCK_RAW, IPPROTO_TCP)) < 0) {
perror("Couldn't create a socket for sending the packet!");
exit(EXIT_FAILURE);
}
memset(&addr, '\0', sizeof(addr));
addr.sin_family = AF_INET;
addr.sin_port = tcp -> dest;
addr.sin_addr.s_addr = ip -> daddr;
i = input*2;
while(i >= input) {
if(input != 0) {
i--;
}
sleep(100);
if(sendto(sock, pack, packsiz, 0, (struct sockaddr*)&addr, sizeof(struct sockaddr_in)) < 0) {
perror("Couldn't send a packet\n");
}
}
close(sock);
return 0;
}
//sniff.h
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <unistd.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <netinet/tcp.h>
#include <arpa/inet.h>
#include <net/ethernet.h>
#include <arpa/inet.h>
#include <errno.h>
//----------------------------------------------------------------------------
void sniff();
void choosepack();
//----------------------------------------------------------------------------
const int packsiz = 12000;
char pack[12000];
//----------------------------------------------------------------------------
void sniff() {
int sock;
//this is the raw socket we want to sinff from:
if((sock = socket(AF_INET, SOCK_PACKET, htons(0x3))) < 0) {
perror("Couldn't create a socket for sniffing!!!");
exit(EXIT_FAILURE);
}
//now we read from the socket:
read(sock, pack, packsiz);
}
//----------------------------------------------------------------------------
void choosepack() {
struct ether_header *eth = (struct ether_header*)pack;
struct iphdr *ip = (struct iphdr*)(pack + sizeof(struct ether_header));
struct tcphdr *tcp = (struct tcphdr*)(pack + sizeof(struct tcphdr) + sizeof(struct iphdr));
char *pay = (pack + sizeof(struct tcphdr) + sizeof(struct iphdr) + sizeof(struct tcphdr));
int yn;
while(1) {
memset(pack, '\0', packsiz);
sniff();
printf("SRC MAC: %x:%x:%x:%x:%x:%x\n", eth -> ether_shost[0], eth -> ether_shost[1], eth -> ether_shost[2], eth -> ether_shost[3], eth -> ether_shost[4], eth -> ether_shost[5]);
printf("DST MAC: %x:%x:%x:%x:%x:%x\n", eth -> ether_dhost[0], eth -> ether_dhost[1], eth -> ether_dhost[2], eth -> ether_dhost[3], eth -> ether_dhost[4], eth -> ether_dhost[5]);
printf("SRC IP: %s\n", inet_ntoa(*(struct in_addr*) &ip -> saddr)); //print the source IP
printf("DST IP: %s\n", inet_ntoa(*(struct in_addr*) &ip -> daddr)); //print the destination IP
printf("use packet? [y/n]");
yn = getchar();
if(yn == 'y') {
return;
}
}
}
//----------------------------------------------------------------------------
so wenn ich das Programm jetzt aber starte bekomme ich folgende ausgabe:
SRC MAC: 0:17:31:b1:cf:ae
DST MAC: ff:ff:ff:ff:ff:ff
SRC IP: 192.168.178.22
DST IP: 192.168.178.255
use packet? [y/n]y
how many times should the packet be sent? [enter a number or 0 for endless]
100
Couldn't send a packet
: Permission denied
Warum ist das so?
Ich habe maal mit tcpdump gesnifft und es sah su aus als würde das Packet bis dahin öfters zurückgeschickt werden. Wobei ich mich da auch irren kann (wa nich selten ist)
greez li0n
PS: Ja ich weis das Das Tool NOCH keine ARP Packs erkennt wenn es sie sieh, was bei einem ARPreplay tool warscheinlich nicht so toll ist :D
das ganze schaut im Moment so aus:
//main.c
#include "send.h"
int main(void) {
send_sniffed_pack();
return 0;
}
//send.h
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <unistd.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <netinet/tcp.h>
#include <arpa/inet.h>
#include <net/ethernet.h>
#include <arpa/inet.h>
#include <errno.h>
#include "sniff.h"
//--------------------------------------------------------------------------------------
int send_sniffed_pack() {
int sock;
int input;
int i;
struct sockaddr_in addr;
struct iphdr *ip = (struct iphdr*)(pack + sizeof(struct ether_header));
struct tcphdr *tcp = (struct tcphdr*)(pack + sizeof(struct ether_header) + sizeof(struct iphdr));
choosepack();
printf("how many times should the packet be sent? [enter a number or 0 for endless]\n");
scanf("%1i",&input);
if((sock = socket(AF_INET, SOCK_RAW, IPPROTO_TCP)) < 0) {
perror("Couldn't create a socket for sending the packet!");
exit(EXIT_FAILURE);
}
memset(&addr, '\0', sizeof(addr));
addr.sin_family = AF_INET;
addr.sin_port = tcp -> dest;
addr.sin_addr.s_addr = ip -> daddr;
i = input*2;
while(i >= input) {
if(input != 0) {
i--;
}
sleep(100);
if(sendto(sock, pack, packsiz, 0, (struct sockaddr*)&addr, sizeof(struct sockaddr_in)) < 0) {
perror("Couldn't send a packet\n");
}
}
close(sock);
return 0;
}
//sniff.h
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <unistd.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <netinet/tcp.h>
#include <arpa/inet.h>
#include <net/ethernet.h>
#include <arpa/inet.h>
#include <errno.h>
//----------------------------------------------------------------------------
void sniff();
void choosepack();
//----------------------------------------------------------------------------
const int packsiz = 12000;
char pack[12000];
//----------------------------------------------------------------------------
void sniff() {
int sock;
//this is the raw socket we want to sinff from:
if((sock = socket(AF_INET, SOCK_PACKET, htons(0x3))) < 0) {
perror("Couldn't create a socket for sniffing!!!");
exit(EXIT_FAILURE);
}
//now we read from the socket:
read(sock, pack, packsiz);
}
//----------------------------------------------------------------------------
void choosepack() {
struct ether_header *eth = (struct ether_header*)pack;
struct iphdr *ip = (struct iphdr*)(pack + sizeof(struct ether_header));
struct tcphdr *tcp = (struct tcphdr*)(pack + sizeof(struct tcphdr) + sizeof(struct iphdr));
char *pay = (pack + sizeof(struct tcphdr) + sizeof(struct iphdr) + sizeof(struct tcphdr));
int yn;
while(1) {
memset(pack, '\0', packsiz);
sniff();
printf("SRC MAC: %x:%x:%x:%x:%x:%x\n", eth -> ether_shost[0], eth -> ether_shost[1], eth -> ether_shost[2], eth -> ether_shost[3], eth -> ether_shost[4], eth -> ether_shost[5]);
printf("DST MAC: %x:%x:%x:%x:%x:%x\n", eth -> ether_dhost[0], eth -> ether_dhost[1], eth -> ether_dhost[2], eth -> ether_dhost[3], eth -> ether_dhost[4], eth -> ether_dhost[5]);
printf("SRC IP: %s\n", inet_ntoa(*(struct in_addr*) &ip -> saddr)); //print the source IP
printf("DST IP: %s\n", inet_ntoa(*(struct in_addr*) &ip -> daddr)); //print the destination IP
printf("use packet? [y/n]");
yn = getchar();
if(yn == 'y') {
return;
}
}
}
//----------------------------------------------------------------------------
so wenn ich das Programm jetzt aber starte bekomme ich folgende ausgabe:
SRC MAC: 0:17:31:b1:cf:ae
DST MAC: ff:ff:ff:ff:ff:ff
SRC IP: 192.168.178.22
DST IP: 192.168.178.255
use packet? [y/n]y
how many times should the packet be sent? [enter a number or 0 for endless]
100
Couldn't send a packet
: Permission denied
Warum ist das so?
Ich habe maal mit tcpdump gesnifft und es sah su aus als würde das Packet bis dahin öfters zurückgeschickt werden. Wobei ich mich da auch irren kann (wa nich selten ist)
greez li0n
PS: Ja ich weis das Das Tool NOCH keine ARP Packs erkennt wenn es sie sieh, was bei einem ARPreplay tool warscheinlich nicht so toll ist :D