共有回帖数 0 个
-
自己做的嗅探器
//main.cpp
#includewinsock2.h
#includestdio.h
#includememory.h
#includeWS2tcpip.h
#includeMSTcpIP.h
#include"Structure.h"
#pragma comment(lib,"ws2_32.lib")
#define FIN 0x01
#define SYN 0x02
#define RST 0x04
#define PSH 0x08
#define ACK 0x10
#define URG 0x20
#define ECE 0x40
#define CWR 0x80
int LoadWSA()
{
WSADATA wd;
if(WSAStartup(0x0202,&wd))
{
return(WSAGetLastError());
}
return 0;
}
int ud(char *argv[])
{
FILE *fp;
struct _UDPHeader udp;
IP ip;
struct sockaddr_in saddr;
char *buffer=(char*)malloc(65535);
int size;
if(LoadWSA())
{
FILE *fp;
fp=fopen(argv[2],"wb+");
if(fp==NULL)
{
exit(-1);
}
fprintf(fp,"Error:%drn",WSAGetLastError());
exit(-1);
}
//gethostname(name,sizeof(name));
//printf("hostname:%s",name);
//host=gethostbyname(name);
//saddr.sin_addr.S_un.S_addr=inet_addr("192.168.0.162");
saddr.sin_port=htons(0);
saddr.sin_family=2;
saddr.sin_addr.S_un.S_addr=inet_addr(argv[3]);
fp=fopen(argv[2],"wb+");
if(fp==NULL)
{
exit(-1);
}
fseek(fp,0,SEEK_END);
bool opt=1;
SOCKET sock=::socket(AF_INET,SOCK_RAW,0);
//memcpy(&saddr.sin_addr.S_un.S_addr,&host-h_addr_list,sizeof(long));
setsockopt(sock,IPPROTO_IP,IP_HDRINCL,(char*)&opt,1);
bind(sock,(struct sockaddr*)&saddr,sizeof(struct sockaddr));
unsigned long dw=1;
if(ioctlsocket(sock,SIO_RCVALL,&dw))
{
fprintf(fp,"Error:%dn",WSAGetLastError());
exit(-1);
}
for(;;)
{
size=recv(sock,buffer,65535,0);
if(size1)
{
fprintf(fp,"nError:%dn",WSAGetLastError());
continue;
}
memcpy(&ip,buffer,sizeof(ip));
if(ip.proto!=IPPROTO_UDP)
{
continue;
}
memcpy(&udp,buffer+sizeof(ip),sizeof(udp));
fprintf(fp,"rnProtocol:UDP");
fprintf(fp,"rnSourceIP:%s DestinationIP:%s",inet_ntoa(*(in_addr*)&ip.ipSouc),inet_ntoa(*(in_addr*)&ip.ipDest));
fprintf(fp,"rnSourcePort:%d DestinationPort:%d",ntohs(udp.sourcePort),ntohs(udp.destPort));
fprintf(fp,"rnSize:%d",udp.packLen);
fprintf(fp,"rnData:rn");
fwrite(buffer+sizeof(IP)+sizeof(struct _UDPHeader),1,size-sizeof(IP)-sizeof(struct _UDPHeader),fp);
fprintf(fp,"rn");
}
}
int tc(char * argv[])
{
FILE *fp;
struct _TCPHeader tcp;
IP ip;
char *buffer=(char*)malloc(65535);
char *writeBuf;
int size;
struct sockaddr_in saddr;
if(LoadWSA())
{
FILE *fp;
fp=fopen(argv[2],"wb+");
if(fp==NULL)
{
exit(-1);
}
fprintf(fp,"Error:%dn",WSAGetLastError());
exit(-1);
}
fp=fopen(argv[2],"wb+");
if(fp==NULL)
{
exit(-1);
}
//gethostname(name,sizeof(name));
//printf("hostname:%s",name);
//printf("Error:%dn",WSAGetLastError());
//host=gethostbyname(name);
//saddr.sin_addr.S_un.S_addr=inet_addr("192.168.0.162");
saddr.sin_port=htons(0);
saddr.sin_family=2;
saddr.sin_addr.S_un.S_addr=inet_addr(argv[3]);
fseek(fp,0,SEEK_END);
bool opt=0x01;
SOCKET sock=::socket(AF_INET,SOCK_RAW,0);
setsockopt(sock,IPPROTO_IP,IP_HDRINCL,(char*)&opt,1);
//memcpy(&saddr.sin_addr.S_un.S_addr,&host-h_addr_list,sizeof(long));
bind(sock,(struct sockaddr*)&saddr,sizeof(struct sockaddr));
unsigned long dw=1;
if(ioctlsocket(sock,SIO_RCVALL,&dw))
{
fprintf(fp,"Error:%drn",WSAGetLastError());
exit(-1);
}
for(;;)
{
size=recv(sock,buffer,65535,0);
if(size1)
{
fprintf(fp,"rnError:%drn",WSAGetLastError());
continue;
}
memcpy(&ip,buffer,sizeof(ip));
if(ip.proto!=IPPROTO_TCP)
{
continue;
}
memcpy(&tcp,buffer+sizeof(ip),sizeof(tcp));
switch(tcp.flags)
{
case FIN:fprintf(fp,"rnProtocol:TCP(FIN)");break;
case SYN:fprintf(fp,"rnProtocol:TCP(SYN)");break;
case RST:fprintf(fp,"rnProtocol:TCP(RST)");break;
case PSH:fprintf(fp,"rnProtocol:TCP(PSH)");break;
case ACK:fprintf(fp,"rnProtocol:TCP(ACK)");break;
case URG:fprintf(fp,"rnProtocol:TCP(URG)");break;
case ECE:fprintf(fp,"rnProtocol:TCP(ECE)");break;
case CWR:fprintf(fp,"rnProtocol:TCP(CWR)");break;
default:fprintf(fp,"rnProtocol:TCP(DATA)");
}
fprintf(fp,"rnSourceIP:%s DestinationIP:%s",inet_ntoa(*(in_addr*)&ip.ipSouc),inet_ntoa(*(in_addr*)&ip.ipDest));
fprintf(fp,"rnSourcePort:%d DestinationPort:%d",ntohs(tcp.sourcePort),ntohs(tcp.destinationPort));
fprintf(fp,"rnSize:%d",size-sizeof(IP)-sizeof(struct _TCPHeader));
fprintf(fp,"rnData:rn");
fwrite(buffer+sizeof(IP)+sizeof(struct _TCPHeader),1,size-sizeof(IP)-sizeof(struct _TCPHeader),fp);
fprintf(fp,"rn");
fprintf(fp,"rn");
}
}
int Go(char *argv[])
{
switch(atoi(argv[1]))
{
case 1//UDP
:
{
ud(argv);
}
case 2//TCP
:
{
tc(argv);
}
}
return 0;
}
int main(int argc,char *argv[])
{
if(argc4||argc4)
{
printf("Syntax:n");
printf("t%s [PROTOCOL] [FILE] [The IP you want to listen]",argv[0]);
printf("nt-UDP=1 TCP=2");
exit(-1);
}
Go(argv);
}
typedef struct IPHeader // 定义IP首部
{
unsigned char ver_ihl; // 4位首部长度,4位IP版本号
unsigned char tos; // 8位服务类型TOS
unsigned short tlen; // 16位总长度(字节)
unsigned short identification; // 16位标识
unsigned short flags_fo; // 3位标志位
unsigned char ttl; // 8位生存时间TTL
unsigned char proto; // 8位协议(TCP、UDP或其他)
unsigned short crc; // 16位IP首部校验和
unsigned long ipSouc; // 32位源IP地址
unsigned long ipDest; // 32位目的IP地址
}IP;
typedef struct _TCPHeader //定义TCP首部
{
unsigned short sourcePort; // 16位源端口
unsigned short destinationPort; // 16位目的端口
unsigned long sequenceNumber; // 32位序列号
unsigned long acknowledgeNumber; // 32位确认号
unsigned char dataoffer; // 数据偏移量
unsigned char flags; // 6位标志位
unsigned short windows; // 16位窗口大小
unsigned short checksum; // 16位校验和
unsigned short urgentPointer; // 16位紧急数据偏移量
}TCP;
typedef struct _UDPHeader
{
unsigned short sourcePort;
unsigned short destPort;
unsigned short packLen;
unsigned short checkSum;
}UDP;
楼主 2015-11-26 13:51 回复
Copyright © 2010~2015 直线网 版权所有,All Rights Reserved.沪ICP备10039589号
意见反馈 |
关于直线 |
版权声明 |
会员须知
