import os import time import sys import platform from scapy.all import * from tkinter import * from tkinter import messagebox from tkinter import filedialog

设置界面

root = Tk() root.title('ARP欺骗检测软件') root.geometry('400x300')

注册界面

def register(): register_window = Toplevel(root) register_window.title('注册') register_window.geometry('300x200') Label(register_window, text='请输入用户名：').pack() username = Entry(register_window) username.pack() Label(register_window, text='请输入密码：').pack() password = Entry(register_window, show='*') password.pack() def register_confirm(): with open('user.txt', 'a') as f: f.write(username.get() + ' ' + password.get() + '\n') messagebox.showinfo('提示', '注册成功！') register_window.destroy() Button(register_window, text='确认', command=register_confirm).pack()

登录界面

def login(): login_window = Toplevel(root) login_window.title('登录') login_window.geometry('300x200') Label(login_window, text='请输入用户名：').pack() username = Entry(login_window) username.pack() Label(login_window, text='请输入密码：').pack() password = Entry(login_window, show='*') password.pack() def login_confirm(): with open('user.txt', 'r') as f: users = f.readlines() for user in users: if user.split()[0] == username.get() and user.split()[1] == password.get(): messagebox.showinfo('提示', '登录成功！') login_window.destroy() return messagebox.showerror('错误', '用户名或密码错误！') Button(login_window, text='确认', command=login_confirm).pack()

ICMP flood攻击检测

def icmp_flood(): sniff_filter = 'icmp' sniff_timeout = 10 sniff_count = 0 sniff_packets = sniff(filter=sniff_filter, timeout=sniff_timeout) for packet in sniff_packets: sniff_count += 1 if sniff_count > 100: messagebox.showwarning('警告', '检测到ICMP flood攻击！') else: messagebox.showinfo('提示', '未检测到ICMP flood攻击！')

TCP攻击检测

def tcp_attack(): sniff_filter = 'tcp' sniff_timeout = 10 sniff_count = 0 sniff_packets = sniff(filter=sniff_filter, timeout=sniff_timeout) for packet in sniff_packets: sniff_count += 1 if sniff_count > 100: messagebox.showwarning('警告', '检测到TCP攻击！') else: messagebox.showinfo('提示', '未检测到TCP攻击！')

ARP欺骗攻击检测

def arp_spoofing(): sniff_filter = 'arp' sniff_timeout = 10 sniff_count = 0 sniff_packets = sniff(filter=sniff_filter, timeout=sniff_timeout) for packet in sniff_packets: sniff_count += 1 if sniff_count > 100: messagebox.showwarning('警告', '检测到ARP欺骗攻击！') else: messagebox.showinfo('提示', '未检测到ARP欺骗攻击！')

扫描局域网主机

def scan_network(): network = '192.168.1.0/24' arp_request = ARP(pdst=network) broadcast = Ether(dst='ff:ff:ff:ff:ff:ff') arp_broadcast = broadcast/arp_request answered_list = srp(arp_broadcast, timeout=1, verbose=False)[0] clients = [] for element in answered_list: client = {'ip': element[1].psrc, 'mac': element[1].hwsrc} clients.append(client) with open('clients.txt', 'w') as f: for client in clients: f.write(client['ip'] + ' ' + client['mac'] + '\n') messagebox.showinfo('提示', '扫描完成！')

检测攻击源

def detect_attack(): with open('clients.txt', 'r') as f: clients = f.readlines() for client in clients: ip = client.split()[0] mac = client.split()[1] sniff_filter = 'arp and src host ' + ip sniff_timeout = 10 sniff_count = 0 sniff_packets = sniff(filter=sniff_filter, timeout=sniff_timeout) for packet in sniff_packets: sniff_count += 1 if sniff_count > 100: messagebox.showwarning('警告', '检测到攻击源IP地址为' + ip + '，MAC地址为' + mac + '！') else: messagebox.showinfo('提示', '未检测到攻击源IP地址为' + ip + '，MAC地址为' + mac + '的攻击！')

创建用户和客户端记录文件

if not os.path.exists('user.txt'): open('user.txt', 'w').close() if not os.path.exists('clients.txt'): open('clients.txt', 'w').close()

创建按钮

register_button = Button(root, text='注册', command=register) register_button.pack(pady=10) login_button = Button(root, text='登录', command=login) login_button.pack(pady=10) icmp_flood_button = Button(root, text='检测ICMP flood攻击', command=icmp_flood) icmp_flood_button.pack(pady=10) tcp_attack_button = Button(root, text='检测TCP攻击', command=tcp_attack) tcp_attack_button.pack(pady=10) arpspoofing_button = Button(root, text='检测ARP欺骗攻击', command=arp_spoofing) arpspoofing_button.pack(pady=10) scan_network_button = Button(root, text='扫描局域网主机', command=scan_network) scan_network_button.pack(pady=10) detect_attack_button = Button(root, text='检测攻击源', command=detect_attack) detect_attack_button.pack(pady=10)

查看检测记录功能

def view_detection_log(): # 打开文件对话框，让用户选择要查看的记录文件 file_path = filedialog.askopenfilename(defaultextension='.txt') # 如果用户选择了文件，则打开并显示内容 if file_path: with open(file_path, 'r') as f: log_content = f.read() # 使用文本框或其他方式显示检测记录 # 例如： # text_area = Text(root) # text_area.pack() # text_area.insert(END, log_content) messagebox.showinfo('提示', '已显示检测记录！') else: messagebox.showerror('错误', '未选择记录文件！')

view_detection_log_button = Button(root, text='查看检测记录', command=view_detection_log) view_detection_log_button.pack(pady=10)

root.mainloop()