A) WinPCAP driving profile
WinPCAP is an abbreviation of Windows Packet Capture, which is a product of Libpcap under Windows, which is a project of Free and Open Source. The main feature is to capture the original datagram, including datagrams that are sent / received on the shared network and exchanged exchanges; and before the data returns to the application, according to custom rules, certain specific data reports Filtered.
The specific details are no longer redundant, see the relevant information.
Although WinPCAP design is to capture a datagram, but it also provides us with a way to send a package. That is, the data packet is sent by the function PCAP_SENDPACKET () provided by packet.dll.
2) Start
Depending on ARP working principle, we can construct different ARP request / response packets to achieve different purposes. Where the working principle, see the "Talking WinPCAP Drive Write ARP Multi-Function Tool" (http://www.xfocus.net/articles), this article describes the ARP spoof The principle and implementation of the same.
Note:
1. The specific implementation is also affected by the "Network Law", setting the idea of "key" host from this.
2. The code uses 9CBS blog "Pigyxp" Handle Teach you to play ARP package "(good article), and
Some other source code in the network.
3. TODO: ARP spoofing implementation.
Source code:
Why don't you support uploading files? Download connection
http://ys168.com/ys168up/d1/yy.aspx?f=04k49e2e3e1e4e1d5g8a01aw4alaturea08apd6avi7avi5f5G1D9E4E7D6E1A24E5E5E6D8E0C3
