If someone feels like exploring the idea further and needs to collect mac addresses, I've written a small script to get MAC's and associated IP's It's not a slick c program, or anything... but a php script... meant to run from the command line... ----------------------------- begin script here ---------------------------- #!/usr/local/bin/php -f <?php $dumpcommand='tcpdump -e -n -t ip'; $maddr[]='00:80:C8:E8:1B:73'; ## Your Mac Address.... i didnt see a reason ## to have to manually get it ## plus it helps with the foreach loops ## (they dont like un-init'd arrays) $ipaddr[]='24.127.14.132'; ## See Above... but its your ip (duh?) $counter=1; ## whether you want the script to count ## processed packets for you... #################################################################### # Script... Dont modify unless I screwed up (which I probably did) # #################################################################### set_time_limit(0); $pp=popen($dumpcommand, 'r'); function ip_fix($ip) { $ip=explode('.', $ip); $newip.=$ip[0].'.'; $newip.=$ip[1].'.'; $newip.=$ip[2].'.'; $newip.=$ip[3]; return($newip); } function mac_fix($mac) { $mac=explode(':', $mac); if ( strlen($mac[0]) == 1 ) { $mac[0]='0'.$mac[0]; } $mac=implode(':', $mac); return($mac); } function match($mac, $ip) { global $maddr, $ipaddr, $count, $counter; if( eregi('..:..:..:..:..:..', $mac) ) { $same=2; foreach($maddr as $madr) { if ( $madr == $mac ) { $same=1; } } foreach($ipaddr as $ipadr) { if ( $ipadr == $ip ) { $same=1; } } if ( $same != 1 ) { $maddr[]=$mac; $ipaddr[]=$ip; echo ' '.$mac.' <---> '.$ip.chr(10); if ( $counter == 1 ) { echo '['.str_pad($count, 12, '.', STR_PAD_LEFT).']'; } } } } if ( $counter == 1 ) { $count=0; } while($line=fgets($pp, 9999)) { $bang=explode(' ', $line); if ( $counter == 1 ) { $count++; if ( $count > 1 ) { echo chr(8); echo chr(8); echo chr(8); echo chr(8); echo chr(8); echo chr(8); echo chr(8); echo chr(8); echo chr(8); echo chr(8); echo chr(8); echo chr(8); echo chr(8); echo chr(8); } echo '['.str_pad($count, 12, '.', STR_PAD_LEFT).']'; } if ( mac_fix($bang[0]) != $maddr[0] ) { match(mac_fix($bang[0]), ip_fix($bang[4])); } else { match(mac_fix($bang[1]), ip_fix($bang[6])); } } ?> -------------------------------- End Script Here: ------------------- -----Original Message----- From: b0iler _ [mailto:b0ilerat_private] Sent: Tuesday, February 05, 2002 7:21 PM To: Vuln-Devat_private Subject: Re: chaging your @home IP address... could you take a bunch of them....probably. I had a simular idea a few weeks ago, I posted to bsrf's message board and no one replied. http://dvd.box.sk/wb/index.php3?did=blacksun&disp=65015 If you don't want to visit that link here is the post: " Posted by b0iler *.tnt1.holman.wi.da.uu.net - 2002/Jan/26 09:27 Cable lan hacking.. I had an idea recently, but I suck at C and don't have cable.. so no way to test it. The goal is simple: get around restrictions cable isps set on users. The 400kb/s "cap" they put on you or whatever. The idea is to spoof the ips/macs of other users on the lan inorder to trick the isp into thinking the requests are comming from more than one customer and therefore it will give you 400kb/s per ip/mac. Since it's a lan, this will be non-blind spoofing, so sniffing the packets will allow you to read them. And if for some reason you can't just send random packets with spoofed ips out and sniff them you can DoS the other users (also works to increase overall bandwidth problems in the lan ;) It's possible right? I mean you could get like 5mb/s if you had 20 or so ips going at once and sniffing them. " seems like it would work, but as someone posted the "cap" might not be set by the ip/mac/user but purhaps the modem. _________________________________________________________________ Join the world's largest e-mail service with MSN Hotmail. http://www.hotmail.com
This archive was generated by hypermail 2b30 : Tue Feb 05 2002 - 21:38:27 PST