Already learned socket programming, but the original socket is not used. Recently listened to the network security teacher's class, whim, wrote a grab package program demo, the code to share to everyone, interested can see. Quoted a network security teacher's words: "You should be in the spirit of technology to practice, hey, some people, write wrote it into a hacker."
#define _crt_secure_no_warnings #include <stdio.h> #include <WinSock2.h> #include <ws2tcpip.h># Include <stdlib.h> #include <Windows.h> #include <string.h> #pragma comment (lib, "Ws2_32.lib") # Define Source_port 7234#define max_receivebyte 255#define max_addr_len 32#define sio_rcvall (IOC_IN| IOC_VENDOR|1)//define the NIC for promiscuous mode typedef struct IP_HDR//Define IP header {unsigned char H_VERLEN;//4 bit head ministerial, 4-bit IP version number unsigned char tos;// 8-bit service type tosunsigned short TATAL_LEN;//16 bit total length unsigned short ident;//16 bit marked unsigned short frag_and_flags;// Offset and 3-bit flag bit unsigned char ttl;//8 bit lifetime ttlunsigned char proto;//8 bit Protocol (TCP,UDP or others) unsigned short checksum;// 16-bit IP header check and unsigned int sourceip;//32 bit source IP address unsigned int destip;//32 bit destination IP address}ipheader;typedef struct tsd_hdr//define TCP pseudo header { unsigned long saddr;//source address unsigned long daddr;//destination address char mbz;char ptcl;//protocol type unsigned short tcpl;//tcp length}psdheader; typedef struct TCP_HDR//defines TCP header {unsigned short sport;//16 bit source port unsigned short dport;//16 bit destination port unsigned int seq;// 32-bit serial number unsigned int ack;//32 digit Confirmation number unsigned char LENRES;//4 bit header length/6 bit reserved word unsigned char FLAG;//6 bit flag bit unsigned short win;//16 bit window size unsigned short sum;/ /16-bit inspection and unsigned short URP;//16-bit emergency data offset}tcpheader;typedef struct udp_hdr//definition UDP header {unsigned short sport;// 16-bit Source port unsigned short dport;//16 bit destination port unsigned short len;//udp length unsigned short cksum;//check and}udpheader;typedef struct ICMP _hdr//defines the ICMP header {unsigned short sport;unsigned short dport;unsigned char type;unsigned char code;unsigned short cksum; unsigned short id;unsigned short seq;unsigned long timestamp;} Icmpheader;int Main (int argc, char **argv) {SOCKET sock; Wsadata Wsd;char recvbuf[65535] = {0};char temp[65535] = {0};D word dwbytesret;int pcount = 0;unsigned int optval = 1;u nsigned char* dataip = nullptr;unsigned char* datatcp = nullptr;unsigned char* dataudp = nullptr;unsigned char* dataicmp = Nullptr;int lentcp, LENUDP, lenicmp, Lenip;char tcpflag[6] = {' F ', ' S ', ' R ', ' A ', ' U '};//defines the TCP flag bit WSAStartup (Makeword (2, 1), &WSD); if (sock = socket (af_inet, Sock_raw, Ipproto_IP)) = = Socket_error)//Create an original socket {exit (0);} Char far name[maxbyte];gethostname (name, maxbyte), struct hostent far* phostent;phostent = (struct hostent*) malloc ( sizeof (struct hostent));p hostent = gethostbyname (name); sockaddr_in sa;sa.sin_family = Af_inet;sa.sin_port = htons (1);//The original socket has no concept of port, so this value is arbitrarily set memcpy (&SA.SIN_ADDR, PHOSTENT->H_ADDR_LIST[0],PHOSTENT->H_LENGTH);//Set the native address bind (sock, (sockaddr*) &sa, sizeof (SA));//Bind if ( WSAGetLastError () = = 10013) {exit (0);} Set the NIC to promiscuous mode, also known as Pan-listen mode. You can listen for all packages that pass through. WSAIoctl (sock, Sio_rcvall, &optval, sizeof (optval), nullptr, 0, &dwbytesret,nullptr,nullptr); Udpheader * pudpheader;//udp head struct pointer ipheader * PIPHEADER;//IP head struct pointer tcpheader * ptcpheader;//tcp head struct pointer icmpheader * PICMPHEADER;//ICMP head struct pointer char Szsourceip[max_addr_len], szdestip[max_addr_len];//source IP and destination ipsockaddr_in saSource, sadest;//Source address struct, destination address struct//set various head pointers Pipheader = (ipheader*) Recvbuf;ptcpheader = (tcpheader*) (recvbuf + sizeof (Ipheader)) ;p Udpheader = (udpheader*) (recvbuf + sizeof (ipheader));p icmphEader = (icmpheader*) (recvbuf + sizeof (ipheader)); int iiphlen = sizeof (unsigned long) * (Pipheader->h_verlen & 0x0f ); while (1) {memset (recvbuf, 0, sizeof (RECVBUF));//emptying Buffer recv (sock, Recvbuf, sizeof (RECVBUF), 0);//Receive Package// Get source address and destination Address saSource.sin_addr.s_addr = pipheader->sourceip;strncpy (Szsourceip, Inet_ntoa (sasource.sin_addr), Max_ Addr_len); saDest.sin_addr.s_addr = pipheader->destip;strncpy (Szdestip, Inet_ntoa (sadest.sin_addr), Max_addr_len );//calculate the length of various packages (only after judging whether the package is meaningful, first calculated) Lenip = Ntohs (pipheader->tatal_len); lentcp = Ntohs (Pipheader->tatal_len)-( sizeof (Ipheader) + sizeof (tcpheader)) lenudp = Ntohs (pipheader->tatal_len)-(sizeof (Ipheader) + sizeof (Udpheader)) ; lenicmp = Ntohs (pipheader->tatal_len)-(sizeof (Ipheader) + sizeof (Icmpheader));//Determine if TCP packet if (pipheader-> Proto = = ipproto_tcp&&lentcp! = 0) {pcount++;//count plus one dataip = (unsigned char *) recvbuf;datatcp = (unsigned char *) rec Vbuf + sizeof (ipheader) + sizeof (Tcpheader), System ("CLS");p rintf ("\n############## # # #数据包 [%i]=%d Byte Data ############# ", Pcount, Lentcp);p rintf (" \n**********ip protocol Header *********** ");p rintf (" \ n marked:%i ", Ntohs (pipheader->ident)); printf ("\ n total Length:%i", Ntohs (Pipheader->tatal_len));p rintf ("\ n offset:%i", Ntohs (Pipheader->frag_and_flags)); printf ("\ nthe time to live:%d", Pipheader->ttl);p rintf ("\ n Service type:%d", Pipheader->tos);p rintf ("\ n protocol type:%d",pipheader-> Proto);p rintf ("\ n Test and:%i", Ntohs (pipheader->checksum));p rintf ("\ n source ip:%s", Szsourceip);p rintf ("\ n Purpose ip:%s", Szdestip);p rintf ("\n**********tcp protocol Header ***********");p rintf ("\ n Source port:%i", Ntohs (Ptcpheader->sport));p rintf ("\ N Destination Port:%i ", Ntohs (Ptcpheader->dport));p rintf (" \ n serial Number:%i ", Ntohs (PTCPHEADER->SEQ));p rintf (" \ n answer number:%i ", Ntohs ( Ptcpheader->ack));p rintf ("\ n Test and:%i", Ntohs (ptcpheader->sum));p rintf ("\ n flag bit:"); unsigned char flagmask = 1;int k ;//print flag bit for (k = 0; k < 6; k++) {if ((ptcpheader->flag) &flagmask) printf ("%c", Tcpflag[k]); elseprintf (""); Flagmask = Flagmask << 1;} Prints the first 100 bytes of hexadecimal data printf ("\ n data: \ n"); for (int i = 0; I < 100; i++) {printf ("%x", Datatcp[i]);}} +++++++++++++++++++++++++++++//can add other packets in the judgment and processing//+++++++++++++++++++++++++++++}}
Run effect
A clutch program implemented under Windows using the original socket demo