If someone feels like exploring the idea further and needs to collect
mac addresses, I've written a small script to get MAC's and associated
IP's
It's not a slick c program, or anything... but a php script... meant to
run from the command line...
----------------------------- begin script here
----------------------------
#!/usr/local/bin/php -f
<?php
$dumpcommand='tcpdump -e -n -t ip';
$maddr[]='00:80:C8:E8:1B:73'; ## Your Mac Address.... i didnt see a
reason
## to have to manually get it
## plus it helps with the foreach loops
## (they dont like un-init'd arrays)
$ipaddr[]='24.127.14.132'; ## See Above... but its your ip (duh?)
$counter=1; ## whether you want the script to count
## processed packets for you...
####################################################################
# Script... Dont modify unless I screwed up (which I probably did) #
####################################################################
set_time_limit(0);
$pp=popen($dumpcommand, 'r');
function ip_fix($ip) {
$ip=explode('.', $ip);
$newip.=$ip[0].'.';
$newip.=$ip[1].'.';
$newip.=$ip[2].'.';
$newip.=$ip[3];
return($newip);
}
function mac_fix($mac) {
$mac=explode(':', $mac);
if ( strlen($mac[0]) == 1 ) {
$mac[0]='0'.$mac[0];
}
$mac=implode(':', $mac);
return($mac);
}
function match($mac, $ip) {
global $maddr, $ipaddr, $count, $counter;
if( eregi('..:..:..:..:..:..', $mac) ) {
$same=2;
foreach($maddr as $madr) {
if ( $madr == $mac ) {
$same=1;
}
}
foreach($ipaddr as $ipadr) {
if ( $ipadr == $ip ) {
$same=1;
}
}
if ( $same != 1 ) {
$maddr[]=$mac;
$ipaddr[]=$ip;
echo ' '.$mac.' <---> '.$ip.chr(10);
if ( $counter == 1 ) {
echo '['.str_pad($count, 12, '.', STR_PAD_LEFT).']';
}
}
}
}
if ( $counter == 1 ) {
$count=0;
}
while($line=fgets($pp, 9999)) {
$bang=explode(' ', $line);
if ( $counter == 1 ) {
$count++;
if ( $count > 1 ) {
echo chr(8);
echo chr(8);
echo chr(8);
echo chr(8);
echo chr(8);
echo chr(8);
echo chr(8);
echo chr(8);
echo chr(8);
echo chr(8);
echo chr(8);
echo chr(8);
echo chr(8);
echo chr(8);
}
echo '['.str_pad($count, 12, '.', STR_PAD_LEFT).']';
}
if ( mac_fix($bang[0]) != $maddr[0] ) {
match(mac_fix($bang[0]), ip_fix($bang[4]));
} else {
match(mac_fix($bang[1]), ip_fix($bang[6]));
}
}
?>
-------------------------------- End Script Here: -------------------
-----Original Message-----
From: b0iler _ [mailto:b0ilerat_private]
Sent: Tuesday, February 05, 2002 7:21 PM
To: Vuln-Devat_private
Subject: Re: chaging your @home IP address... could you take a bunch of
them....probably.
I had a simular idea a few weeks ago, I posted to bsrf's message board
and
no one replied.
http://dvd.box.sk/wb/index.php3?did=blacksun&disp=65015
If you don't want to visit that link here is the post:
"
Posted by b0iler *.tnt1.holman.wi.da.uu.net - 2002/Jan/26 09:27
Cable lan hacking..
I had an idea recently, but I suck at C and don't have cable.. so no way
to
test it.
The goal is simple: get around restrictions cable isps set on users. The
400kb/s "cap" they put on you or whatever. The idea is to spoof the
ips/macs
of other users on the lan inorder to trick the isp into thinking the
requests are comming from more than one customer and therefore it will
give
you 400kb/s per ip/mac. Since it's a lan, this will be non-blind
spoofing,
so sniffing the packets will allow you to read them. And if for some
reason
you can't just send random packets with spoofed ips out and sniff them
you
can DoS the other users (also works to increase overall bandwidth
problems
in the lan ;)
It's possible right? I mean you could get like 5mb/s if you had 20 or so
ips
going at once and sniffing them.
"
seems like it would work, but as someone posted the "cap" might not be
set
by the ip/mac/user but purhaps the modem.
_________________________________________________________________
Join the world's largest e-mail service with MSN Hotmail.
http://www.hotmail.com
This archive was generated by hypermail 2b30 : Tue Feb 05 2002 - 21:38:27 PST