WCI - Windoze Connection Interceptor
====================================
WinARP0c2 is the Windoze brother of ARP0c2.c
Tested on: Windows 98/ Windows 2000
Coded for: Windows 95/98/NT3.51/NT4/2000
(see hwaddr() problem at the end of the source)
FX <fx@phenoelit.de>
Phenoelit (http://www.phenoelit.de)
(c) 2k
Version (Windoze like not using RCS ...) 2.3,
7/4/99 (this is our [System]Independance Day !)
``This code includes parts of software developed by the Politecnico
di Torino, and its contributors.''
It's unusual for Phenoelit, but greetings go to:
FtR, Ingopin, Bene, Flori, Zet
and especially to Packetstorm's Site Master Alan
Thanx for all your support.
Additional thanx to Hideaki Ihara, who discovered the SetReadTimeout bug.
More thanx to pedrp <pedrocarneiro@netc.pt> for reporting the LPPACKET memory leak
--------DESCRIPTION----------
WCI is a simple connection interceptor for switched networks and especially for SMB.
+ ARP redirection/spoofing
+ automated bridging
+ automated routing
+ automated connection interception for ALL SMB servers in the local subnet
+ network cleanup on exit
Details:
ARP requests are replyed by WCI with it's onw Ethernet address. The real
destination is requested with ARP requests or is discovered from other
broadcasst traffic.
Intercepted traffic is bridged to the next hop gateway or the destination
address according to a routing table.
On startup, WCI enumerates all resources in the Windows netowking environment (SMB)
and intercepts all possible connections (any2any).
REQUIRES:
- Packet Driver Developers Pack (http://http://netgroup-serv.polito.it/winpcap/)
- Packet Driver installed
Building on Windoze with VC 6 and the monster cool packet32.lib:
- create a console application workspace
- insert this file in the project
- add path to packet32.h and packet.lib to your settings
- make sure the project links with the following libraries:
mpr.lib wsock32.lib libpcap.lib packet.lib netapi32.lib
Usage:
FIRST make sure you have the packet driver installed and working.
then:
wci [-v] [-i <interface number>]
When running, press [t] to display all current tables or [q] to exit.
You have to use a routing table. It is supplied in the file "routes.txt" in
SPACE separated order. The first entry in this file should reflect the local
subnet. In this line, gateway is allways 0.0.0.0, to reflect local delivery.
Be very careful with spaces and linefeeds. The file must not contain any blank
lines or spaces before the first or after the last entry.
Format:
<network> <netmask> <gateway>
<network2> <netmask2> <gateway2>
Example:
192.168.1.0 255.255.255.0 0.0.0.0
192.168.2.0 255.255.255.0 192.168.1.1
0.0.0.0 0.0.0.0 192.168.1.254
Command Line:
To prevent the interception of enumerated Windoze resources, start with -n.
To see a list of interceptable resources, start with -T.
LAST WORDS:
We are usually not at home in Windoze environments. Sorry for the terrible port.
ScriptKiddy words:
------------------
* if you don't know how it works, let it be
* if you don't know what it is good for, let it be
THIS IS - as Windoze people have to know - for education only. Use it at your own risk.
I don't want and don't take any responsibility for things done with this software.
By using it you agree with this.
Hey, I'm not your daddy.
ARP 重定向引擎用于网络安全应用开发
需积分: 0 147 浏览量
2008-09-22
14:23:14
上传
评论
收藏 43KB ZIP 举报
jlsnmp
- 粉丝: 0
- 资源: 1
最新资源
- 基于keras+fasterRCNN,在VOC格式的口罩数据集上训练,检测人群中有无戴口罩python源码+模型
- 基于opencv+qt5机器视觉的传统缺陷检测, 即采用标准图片和待测图片进行pixel to pixel的XOR操作源码+文档
- 管道内检测缺陷数据库管理系统源码+文档说明+sln
- 毕业设计-低功耗STM32F411开发板(原理图+PCB源文件+官方例程+驱动等)源码+文档说明+截图
- 基于yolov5-tensorRT检测+发动机缸体内壁缺陷检测系统源码+文档说明
- 基于C++实现的锂电池缺陷检测源码+文档说明
- push_version
- 软件自制图像批量压缩工具
- 经典缺陷检测算法源码整理包含PaDiM(2020ICPR)、PatchCore(2022CVPR)、SimpleNet+文档说明
- 基于深度学习的抗梯度噪声的缺陷检测器python源码+文档说明+模型的预训练
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
评论0