> On unix there are many tools, but on WinNT 4.0 with WinPcap there are some
> tools for "arp spoofing" ?
try WCI and ARPWorks (perhaps you can download it from packetstorm)
(I have no try it)
WCI README:
#######################################################################
WCI - Windoze Connection Interceptor
====================================
WinARP0c2 is the Windoze brother of ARP0c2.c
Tested on: Windows 98/ Windows 2000
Coded for: Windows 95/98/NT3.51/NT4/2000
(see hwaddr() problem at the end of the source)
FX <fx_at_phenoelit.de>
Phenoelit (http://www.phenoelit.de)
(c) 2k
Version (Windoze like not using RCS ...) 2.1,
7/4/99 (this is our [System]Independance Day !)
``This code includes parts of software developed by the Politecnico
di Torino, and its contributors.''
It's unusual for Phenoelit, but greetings go to:
FtR, Ingopin, Bene, Flori, Zet
and especially to Packetstorm's Site Master Alan
Thanx for all your support.
Additional thanx to Hideaki Ihara, who discovered the SetReadTimeout bug.
--------DESCRIPTION----------
WCI is a simple connection interceptor for switched networks and especially for SMB.
+ ARP redirection/spoofing
+ automated bridging
+ automated routing
+ automated connection interception for ALL SMB servers in the local subnet
+ network cleanup on exit
Details:
ARP requests are replyed by WCI with it's onw Ethernet address. The real
destination is requested with ARP requests or is discovered from other
broadcasst traffic.
Intercepted traffic is bridged to the next hop gateway or the destination
address according to a routing table.
On startup, WCI enumerates all resources in the Windows netowking environment (SMB)
and intercepts all possible connections (any2any).
REQUIRES:
- Packet Driver Developers Pack (http://http://netgroup-serv.polito.it/winpcap/)
- Packet Driver installed
......... etc etc ...........
#######################################################################
Received on Feb 01 2001
Intro
