MacOS10.12利用ettercap+driftnet实现arp嗅探
一直想在自己电脑上玩玩局域网hacking,于是从最简单的arp获取他人流量,查看他人聊天图片开始;
0x01 前言
其实也就是ettercap+driftnet组合的一个效果,网上有前辈已经给出了教程:
同一局域网环境下的arp欺骗和中间人攻击(mac)
这篇目前基本都可以照着实现,但有一点,port去掉了driftnet包,导致我们不能通过MacPorts来直接安装driftnet。
0x02 编译driftnet
GitHub:https://github.com/deiv/driftnet/
看作者给出的说明中写到:
To compile, generate the needed autotools files with autoreconf -fi (you probably need to install autotools) then run ./configure; make; make install. Driftnet is at a very early stage of development and probably won't work for you at all.
归纳下来,就是我们需要先在Mac上安装autotools,安装方法是通过MacPorts来安装。
- 下载并安装MacPorts(官网即可)
- 依次执行以下命令:
sudo port install M4
sudo port install autoconf
sudo port install automake
然后开始编译:
autoreconf -fi
./configure
make
make install
然而这里有坑,直接编译是行不通的。这里我看了issue并请教了回答的大牛,总结下大牛给出的解决方案:
- ./configure之前需要确保libpcap、libjpeg、libungif、libpng已经安装,方法是通过brew安装
- make之前需要做的是:(这里直接截取https://github.com/deiv/driftnet/issues/7)
change src/layer2.c:12 <netinet/ether.h> to <netinet/if_ether.h>
or just run sudo ln -s /usr/include/netinet/if_ether.h /usr/include/netinet/ether.h
insert these lines to the top of src/config.h
#ifndef _FUCK_ETHER__
#define _FUCK_ETHER__
#define ETH_ALEN 6
#define ETH_HLAN 14
#define ETH_ZLEN 60
#define ETH_DATA_LEN 1500
#define ETH_FRAME_LEN 1514
#define ETH_FCS_LEN 4
#define ETH_P_IP 0x0800
#define ETH_P_IPV6 0x86DD
#define ETH_P_ARP 0x0806
#define ETH_P_PAE 0x888E
struct ethhdr
{
unsigned char h_dest[ETH_ALEN];
unsigned char h_source[ETH_ALEN];
unsigned short h_proto;
}__attribute__((packed));
#endif
- 这个时候按道理来说可以直接make编译了,但是我电脑又出现了新的问题:
各种头文件找不到,其实都已经存在电脑中了,想想应该是环境变量的问题,怎么改都改不掉,最后只能通过一个个映射的方式了:
ln -s /usr/local/Cellar/glib/2.54.0/include/glib-2.0/ /usr/local/include/glib-2.0
(ps: 缺什么映射什么……)
- 成功编译后安装:make install 基本没问题。安装成功后直接运行driftnet出现错误:
@inu1255 大师傅说这个的确存在问题,运行driftnet -a即可。
0x03 小结
感谢@inu1255 大师傅提供的帮助,dritfnet挺好玩的,但是Mac系统下编译并不顺畅。最后附一张结果图吧:
楼主你好,我也是MAC,下载这个driftnet已经一整天了还是没有下好...
driftnet 还有个下载的网址,说是
Get driftnet-0.1.6.tar.gz. You should be able to build it by typing `make'; there is no autoconf script. Please send bugfixes, suggestions, and adulation to me. You can also read the README file, changelog, and list of things to do. Or, read the manual page.
http://www.ex-parrot.com/~chris/driftnet/
我下载了,然后cd到那个文件夹,make还是不可以啊:
报错:
cc -g -Wall -I/usr/include/pcap -D_BSD_SOURCE `gtk-config --cflags` -DDRIFTNET_VERSION='"0.1.6"' `cat endianness` -c -o gif.o gif.c
/bin/sh: gtk-config: command not found
gif.c:23:49: error: too few arguments to function call, expected 2, have 1
g = I->us = DGifOpenFileHandle(fileno(I->fp));
~~~~~~~~~~~~~~~~~~ ^
/usr/local/include/gif_lib.h:180:1: note: 'DGifOpenFileHandle' declared here
GifFileType *DGifOpenFileHandle(int GifFileHandle, int *Error);
^
gif.c:39:38: error: too few arguments to function call, expected 2, have 1
DGifCloseFile((GifFileType*)I->us);
~~~~~~~~~~~~~ ^
/usr/local/include/gif_lib.h:183:5: note: 'DGifCloseFile' declared here
int DGifCloseFile(GifFileType * GifFile, int *ErrorCode);
^
gif.c:117:20: error: too few arguments to function call, expected 2, have 1
DGifCloseFile(g);
~~~~~~~~~~~~~ ^
/usr/local/include/gif_lib.h:183:5: note: 'DGifCloseFile' declared here
int DGifCloseFile(GifFileType * GifFile, int *ErrorCode);
^
3 errors generated.
make: *** [gif.o] Error 1
我是个刚入门的学生,真的不知道该怎么下载这个软件啊TTATT
centos 7 ..... 头疼 。。@@
---------------------------------------------
^
httpd.c: 在函数‘stop_http_display’中:
httpd.c:349:5: 警告:隐式声明函数‘pthread_cancel’ [-Wimplicit-function-declaration]
pthread_cancel(server_thread);
^
httpd.c:350:5: 警告:隐式声明函数‘pthread_join’ [-Wimplicit-function-declaration]
pthread_join(server_thread, NULL);
^
make[3]: *** [httpd.o] 错误 1
make[3]: 离开目录“/home/fish/KMD3/driftnet-master/src/http_display”
make[2]: *** [all-recursive] 错误 1
make[2]: 离开目录“/home/fish/KMD3/driftnet-master/src”
make[1]: *** [all] 错误 2
make[1]: 离开目录“/home/fish/KMD3/driftnet-master/src”
make: *** [all-recursive] 错误 1
http_display文件编译错误 怎么会有这种问题。。。
Making all in http_display
CC httpd.o
rm -f 'web_data.c'
echo '#include "web_data.h"' >> web_data.c
echo '#include ' >> web_data.c
for f in static_web/close.png static_web/index.html static_web/jquery.js static_web/lightbox.min.css static_web/lightbox.min.js static_web/loading.gif static_web/next.png static_web/prev.png ; do \
echo -n 'unsigned char ' >> web_data.c; \
basename $f | sed 's@[-. ]@_@g' >> web_data.c; \
echo '[] = {' >> web_data.c; \
cat $f | xxd -i >> web_data.c; \
echo '};' >> web_data.c; \
done
echo 'web_static_file_t static_content[] = {' >> web_data.c
for f in static_web/close.png static_web/index.html static_web/jquery.js static_web/lightbox.min.css static_web/lightbox.min.js static_web/loading.gif static_web/next.png static_web/prev.png ; do \
echo '{' >> web_data.c; \
basename $f | sed 's@\(.*\)@"\1",@g' >> web_data.c; \
basename $f | sed 's@[-. ]@_@g' >> web_data.c; \
echo ',' >> web_data.c; \
cat $f | wc -c >> web_data.c; \
echo '},' >> web_data.c ;\
done
echo '{NULL, NULL, 0}};' >> web_data.c
CC web_data.o
web_data.c:3:1: error: expected external declaration
-n unsigned char
^
web_data.c:3:2: error: unknown type name 'n'
-n unsigned char
^
web_data.c:3:4: error: expected identifier or '('
-n unsigned char
^
卡安装driftnet了,zsh: no such file or directory: ./configure
好了。。。我以为直接安装,没有克隆下来编译
你好,请问下,我在make时候,出现 :
Making all in src
/Library/Developer/CommandLineTools/usr/bin/make all-recursive
Making all in media
make[3]: Nothing to be done for `all'.
Making all in display
CC display.o
display.c:23:10: fatal error: 'gtk/gtk.h' file not found
#include
^~~~~~~~~~~
1 error generated.
make[3]: *** [display.o] Error 1
make[2]: *** [all-recursive] Error 1
make[1]: *** [all] Error 2
make: *** [all-recursive] Error 1
本地有安装gtk2.0 ,并且,如果通过ln -s 方式映射 gtk路径,会产生更多的file not found
请问,有啥解决办法没?
mac系统为 10.13.3
请问你解决了没
同问
多次映射试下呢
我也是这个问题呢
楼主,你好!我的Mac上libungif无法通过brew安装,所以卡在了./configure这个步骤,一直报
checking for DGifOpenFileHandle in -lgif... no
configure: error: cannot find lib gif
你遇到过这个问题吗?
giflib
giflib已经装了,还是会出现这个问题
楼主有试过适合mac平台的类似driftnet的脚本不
你好,我想要xss platform的邀请码
不好意思,平台目前仅内部使用。网上有一些免费XSS平台可供使用,可自行百度。