Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [PEN-TEST] Arp Spoofing under WinNT 4.0

From: y0ni <y0ni () MAIL COM>
Date: Thu, 1 Feb 2001 13:55:39 +0100
On unix there are many tools, but on WinNT 4.0 with WinPcap there are some
tools for "arp spoofing" ?


try WCI and ARPWorks (perhaps you can download it from packetstorm)
(I have no try it)

WCI README:
#######################################################################
  WCI - Windoze Connection Interceptor
  ====================================

  WinARP0c2 is the Windoze brother of ARP0c2.c
  Tested on: Windows 98/ Windows 2000
  Coded for: Windows 95/98/NT3.51/NT4/2000
                                (see hwaddr() problem at the end of the source)

  FX <fx () phenoelit de>
  Phenoelit (http://www.phenoelit.de)
  (c) 2k

  Version (Windoze like not using RCS ...) 2.1,
  7/4/99 (this is our [System]Independance Day !)

  ``This code includes parts of software developed by the Politecnico
  di Torino, and its contributors.''

  It's unusual for Phenoelit, but greetings go to:
                        FtR, Ingopin, Bene, Flori, Zet
                        and especially to Packetstorm's Site Master Alan
                Thanx for all your support.
  Additional thanx to Hideaki Ihara, who discovered the SetReadTimeout bug.

  --------DESCRIPTION----------
  WCI is a simple connection interceptor for switched networks and especially for SMB.
  + ARP redirection/spoofing
  + automated bridging
  + automated routing
  + automated connection interception for ALL SMB servers in the local subnet
  + network cleanup on exit


 Details:
  ARP requests are replyed by WCI with it's onw Ethernet address. The real
  destination is requested with ARP requests or is discovered from other
  broadcasst traffic.

  Intercepted traffic is bridged to the next hop gateway or the destination
  address according to a routing table.

  On startup, WCI enumerates all resources in the Windows netowking environment (SMB)
  and intercepts all possible connections (any2any).

 REQUIRES:
                - Packet Driver Developers Pack (http://http://netgroup-serv.polito.it/winpcap/)
                - Packet Driver installed

......... etc etc ...........

#######################################################################
Previous By Date Next
Previous By Thread Next

Current thread: