bash 通过shell发送arp
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/503135/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Sending arp via shell
提问by bot47
Is there a way a send custom (and event undemanded) arp responses via shell (e.g. by hand or by a shell script) on MacOS X or any other UNIX? In addition, is there a way of making the software ask for the MAC representation for all IPs in the current subnet without sending pings the anyone?
有没有办法在 MacOS X 或任何其他 UNIX 上通过 shell(例如手动或通过 shell 脚本)发送自定义(和不需要的事件)arp 响应?此外,有没有办法让软件要求当前子网中所有 IP 的 MAC 表示,而无需向任何人发送 ping?
采纳答案by Joao da Silva
A packet generatormight do the trick. The wikipedia page links to some implementations but I don't know if they work on OSX.
一个数据包生成可能做的伎俩。维基百科页面链接到一些实现,但我不知道它们是否适用于 OSX。
回答by Jacek ?awrynowicz
Yes there is. This kind of activity is used in ARP Spoofing and ARP Poisoning attacks and is preformed for ex. by arpspoof. If You want to discover host's MAC, when You know its IP and it is located in Yours broadcast domain (LAN), use arping. ARP is layer 2 protocol, so it's packets are not forwarded by routers but it's much more reliable then ICMP echo (ping).
就在这里。这种活动用于 ARP 欺骗和 ARP 中毒攻击,并且是为例如执行的。由arpspoof. 如果您想发现主机的 MAC,当您知道它的 IP 并且它位于您的广播域 (LAN) 中时,请使用arping. ARP 是第 2 层协议,因此它的数据包不会由路由器转发,但它比 ICMP 回显(ping)可靠得多。
Some tools:
一些工具:
arp- standard program (win/unix) used to list host's IP-MAC address association cache, which contains already learnt IPsarping- unix program which sends ARP Request for a given IP and displays MAC contained in received ARP Responsearpspoof- a program from dsniff package generating bogus ARP Responses
arp- 用于列出主机的 IP-MAC 地址关联缓存的标准程序 (win/unix),其中包含已学习的 IParping- unix 程序,它发送给定 IP 的 ARP 请求并显示接收到的 ARP 响应中包含的 MACarpspoof- 来自 dsniff 包的程序生成虚假 ARP 响应
回答by nazar
There are also arp-scanusing libpcap; and arpdropperusing libnet.
也有arp-scan使用libpcap; 并arpdropper使用libnet.
To passively (or actively) sniff your network for ARP packets and display the IP and MAC address of the machine that generated the packet you may use a Mac OS X application called ArpSpyX.
要被动(或主动)嗅探网络中的 ARP 数据包并显示生成数据包的机器的 IP 和 MAC 地址,您可以使用名为ArpSpyX的 Mac OS X 应用程序。
# arpdropper requires http://sourceforge.net/projects/libnet-dev/ to compile
# (libnet & arpdropper successfully compiled on Mac OS X 10.6.8)
curl -LO http://thebends.googlecode.com/svn/trunk/misc/arpdropper.c
gcc -Wall -Wextra -lnet -o arpdropper arpdropper.c
./arpdropper
# Usage: ./arpdropper -i <device> -s <source ip> -d <dest ip>
# For arp replies:
# ./arpdropper -r -i <device> -s <source ip> -m <source mac> -d <dest ip>
# using nmap
# get a pre-compiled Mac OS X version of nmap at:
# http://nmap.org/download.html#macosx or
# http://www.berndsworld.com/downloads/
nmap -PR -oN nmap-arpscan.txt 192.168.0.0/16
