Server anti ARP Spoofing batch ARP double bind script without temporary file (LZ Myst version)

Time:2020-5-30

ARP double bind script, no temporary file (lz-myst version) with the following contents, saved in bat format, is available.

Copy codeThe code is as follows:
for /f “tokens=13” %%I in (‘ipconfig /all ^|find “Default Gateway”‘) do set GatewayIP=%%I
for /f “tokens=1,2” %%I in (‘arp -a ^|find “%GatewayIP%”‘) do if %%I==%GatewayIP% arp -s %%I %%J
for /f “tokens=15” %%i in (‘ipconfig /all ^|find “IP Address”‘) do set ip=%%i
for /f “tokens=12” %%i in (‘ipconfig /all ^|find “Physical Address”‘) do set mac=%%i
arp -s %ip% %mac%

Note that the above code has some problems in practical application, because if there is a machine with ARP virus in the local area network, it will send spoofing packets continuously, so there will be problems in automatic gateway acquisition. For this reason, another code has been modified to write the MAC address of the real gateway. There is no need to write the IP address of the real gateway. The code is as follows.

Change the red character in the code box below to your real MAC address!!!
MAC address format: 00-14-78-32-14-f2 is the arp-a display format.

Copy codeThe code is as follows:
for /f “tokens=13” %%I in (‘ipconfig /all ^|find “Default Gateway”‘) do set GatewayIP=%%I
ARP – S% gatewayip% real gateway mac
for /f “tokens=15” %%i in (‘ipconfig /all ^|find “IP Address”‘) do set ip=%%i
for /f “tokens=12” %%i in (‘ipconfig /all ^|find “Physical Address”‘) do set mac=%%i
arp -s %ip% %mac%