Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
Ask the Team  Mailing Lists  Advertising Info  Advisories  About SecuriTeam  Blogs Brought to you by: Suppliers of: Website Testing Tools Network Testing Tools Software Testing Tools SecuriTeam in Your Inbox New vulnerability? New tool? Tell us (Our PGP key).	arp_spoofer - Full ARP Packets Manipulation 4 Jan. 2006     Credit: The information has been provided by phonix.04. Download the tool: http://packetstormsecurity.org/UNIX/security/arp_spoofer.tar.gz Website Security Scan Code Vulnerability Test Network Assessment Tool Detect hidden vulnerabilities Exhaustive automated testing Real-time, continuous security Get guidance from professionals of internal or 3rd party code. scanning for your entire network    Details Protect your website! Use an External Vulnerability Scanner! Nothing to install. First report in 1 hour! www.beyondsecurity.com/vulnerability-scanner This program (coded in C using PF_PACKET sockets) allows full manipulation of ARP packets, including specification of Source MAC/IP Addresses and Destination MAC/IP Addresses. This can be useful when diagnosing networking problems including host/switch ARP Poisoning testing, and router testing. Source code: /*************************************************  * [ ARP SPOOFER ] created by phonix_04  *  * This is an arp spoofer, that allows users to  * specify both IP and MAC addresses of the  * packet.  *  * Contact:  * Email: phonix.04@gmail.com  *  *************************************************/ #include <stdio.h> #include <stdlib.h> #include <sys/socket.h> #include <sys/types.h> #include <netinet/in.h> #include <netinet/tcp.h> #include <netinet/ip.h> #include <features.h> #include <netpacket/packet.h> #include <net/ethernet.h> #include <sys/ioctl.h> #include <linux/sockios.h> #include <linux/if.h> typedef int SOCKET; #define ROOT 0 #define TRUE 1 #define FALSE 0 #define ARG_COUNT 1+5 struct mac_address {     unsigned char hardware[5]; }; SOCKET create_socket(int root) {     SOCKET sd;     if (root == 1) {         if (geteuid() != ROOT) {             printf("Need root to run this prog\n");             exit(-1);         }     }     sd = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL));     return sd; } void *create_packet(struct mac_address *mac_source, struct mac_address *mac_target, char *ip_source, char *ip_target) {     char *packet = (char *)malloc(60);     int x;     memset(packet, 0, 60);     for(x=0; x<=6; x++) {         packet[x] = *((char *)mac_target+x);     }     for(x=0; x<=6; x++) {         packet[6+x] = *((char *)mac_source+x);     }     *(unsigned short *)(packet+12) = (unsigned short)htons(0x0806);     *(unsigned short *)(packet+14) = (unsigned short)htons(1);     *(unsigned short *)(packet+16) = (unsigned short)htons(0x0800);     *(unsigned char *)(packet+18) = 6;     *(unsigned char *)(packet+19) = 4;     *(unsigned short *)(packet+20) = (unsigned short)htons(2);     for(x=0; x<=6; x++) {         packet[22+x] = *((char *)mac_source+x);     }     *(unsigned long *)(packet+28) = inet_addr(ip_source);     for(x=0; x<=6; x++) {         packet[32+x] = *((char *)mac_target+x);     }     *(unsigned long *)(packet+38) = inet_addr(ip_target);     return packet; } struct sockaddr_ll* create_interface_sockaddr(SOCKET sd, char *interface) {     struct ifreq ifreq;     static struct sockaddr_ll sll;     memset(&sll, 0, sizeof(struct sockaddr_ll));     strncpy(ifreq.ifr_ifrn.ifrn_name, interface, IFNAMSIZ);     if (ioctl(sd, SIOCGIFINDEX, &ifreq) < 0) {         printf("Error Getting Interface Index\n");         exit(-1);     }     sll.sll_family = AF_PACKET;     sll.sll_ifindex = ifreq.ifr_ifru.ifru_ivalue;     return &sll; } void send_packet(SOCKET sd, void *packet, int size, char *interface) {     struct sockaddr_ll *sll;     sll = create_interface_sockaddr(sd, interface);     if (sendto(sd, packet, size, 0, (struct sockaddr *)sll, sizeof(struct sockaddr_ll)) < 0) {         printf("Error Sending Packet\n");         exit(-1);     } } void convert_mac(const char *input, struct mac_address *output) {     int x, y;     char data[6*2];     memset(output, 0, sizeof(struct mac_address));     strncpy(data, input, 6*2);     for(x=0; x<=6*2; x++) {         if (data[x] >= 'a' && data[x] <= 'f') {             data[x] = data[x] - 0x20;         }     }     for(x=0, y=0; x<=6*2; x+=2, y++) {         if (data[x] >= 'A' && data[x] <= 'F') {             output->hardware[y] = ((data[x] - 55) * 0x10);         } else {             output->hardware[y] = ((data[x] - 0x30) * 0x10);         }         if (data[x+1] >= 'A' && data[x] <= 'F') {             output->hardware[y] |= (data[x+1] - 55);         } else {             output->hardware[y] |= (data[x+1] - 0x30);         }     } } void print_usage(char **args) {     char *app_name = *(char **)((char *)args+0);     printf("USAGE: %s INTERFACE MAC_SOURCE MAC_DEST IP_SOURCE IP_DEST\n", app_name);     printf("EXAMPLE: %s eth0 000FFDA32EFA A33AD553AF6F 192.168.0.1 192.168.0.2\n", app_name); } void print_banner() {     printf("\n====[ARP SPOOFER ]=====================\n");     printf("===========[ CREATED BY PHONIX_04 ]====\n\n"); } int main(int argc, char **argv) {     SOCKET sd;     void *packet;     struct mac_address mac_source, mac_dest;     print_banner();     if (argc != ARG_COUNT) {         print_usage(argv);         exit(-1);     }     convert_mac(argv[2], &mac_source);     convert_mac(argv[3], &mac_dest);     sd = create_socket(TRUE);     if (sd < 0) {         printf("Error Creating Socket\n");     }     packet = create_packet(&mac_source, &mac_dest, argv[4], argv[5]);     send_packet(sd, packet, 60, argv[1]);     free(packet);     printf("=======[ SUMMARY ]=====================\n");     printf(" Packet Sent Successfully\n");     printf(" Using Interface: %s\n", argv[1]);     printf(" Source Mac: %s\n", argv[2]);     printf(" Target Mac: %s\n", argv[3]);     printf(" Source IP: %s\n", argv[4]);     printf(" Dest IP: %s\n", argv[5]);     printf("========================================\n"); }  Comments:  Add new comment:  Subject:  Name/Nick/Email:          Chars Left:	All Sections Security News Unix focus Exploits Tools Windows focus Security Reviews  Related Articles Netifera - Modular Open Source Platform for Security Tools WarVOX - Tools for Exploring, Classifying, and Auditing Telephone Systems Webshag - Web Server Audit Tool Browser Fuzzer FSpy - Linux Filesystem Activity Monitoring telnetrecon - Telnet Recon Zerowine Sandbox JPEG Fuzzer VNC Server Fuzzer RSH Fuzzer Exomind Browser Rider MP3 TAG Fuzzer PDFuzzer - PDF File Standard Fuzzer Miranda - UPNP Administration and Audit Tool  Featured Articles Microsoft Embedded OpenType Font Engine Heap Buffer Overflow (MS09-029) Virtualmin Multiple Vulnerabilities Microsoft WordPad Word97 Converter Stack Buffer Overflow Vulnerability (MS09-010) WordPress Unchecked Privileges in admin.php and Multiple Information Disclosures Microsoft PowerPoint Conversion Filter Heap Corruption Vulnerability (MS09-017) Adobe Shockwave Player Director File Parsing Pointer Overwrite Mozilla Firefox Java Applet Loading Vulnerability
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus - Blogs - CVEs

Copyright © 1998-2010 Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®