The hiding of IP address one, preface this paper mainly introduces how to realize the hiding of IP address in the program. In fact, this article is not what I wrote. One of the "IP header Structure" part of my lazy typing, so copy, paste the lonely swordsman article, first say thank you! The Code section refers to a program written by a foreign program xes. So this is just a byproduct of the learning process. Since the program has been done, and then put up to communicate with you, together to improve it. This article just wants to explain the structure and sending mechanism of IP data. If someone changes it to a malicious IP attack tool, the consequences are at their own risk. Second, the IP header structure we know that all of the TCP/IP network data is transmitted over the Internet through encapsulation in IP packets, that is, the encapsulation establishes an IP datagram containing IP headers and data. In general, network software always generates IP headers with multiple 32-bit words, even if the IP header must be populated with an additional 0. The IP header contains all the necessary information to transmit the encapsulated data in the IP packet. The data structure and description of the IP header are as follows: the member length (BIT) describes the version number of the IP header of version 4, is currently IPv4, the latest is IPV6 header length 4 IP header, if there is no special choice, IP header is always 20 bytes long Type of Service 8 types of services that define the priority, latency, throughput, and reliability of data transfer total Packet length of IP packet, if no special option, generally 20 bytes long identification IP packet identity, the host uses it Uniquely determine each sent datagram Flag 3 IP data partition flag Fragment offset IP data split offset time to Live 8 datagrams live on the network, each through a router, the value minus one Protocol 8 TCP /IP protocol type, for example: ICMP is 1,IGMP for 2,tcp for 6,UDP 17 header Checksum 16 header check and source IP address 32 IP addresses Destination IP addr 32 Destination IP address other? Other options Data? Data implementation of their own definition of the IP header is a very meaningful thing, for example, by changing the priority and TTL of the IP head of the TOS, you can make your own data packets have a stronger transmission capacity and life, by modifying the IP headers of the source IP address can hide their own machine IP address and so on. Like the famous attack program "Teardrop TeardRop "is realized by deliberately manufacturing fragmented IP packets that the system cannot handle, and SYN Flooder and UDP flooder are spoofed by generating random source IP. Iii. implementation principle in general, custom IP headers are implemented by using the option IP_HDRINCL of the socket's library function setsockopt (), although this is easy to implement on UNIX and Linux platforms, Unfortunately, the IP_HDRINCL option is not supported in the Winsock1.1 and Winsock2.0 libraries of the Windows platform, so it is not possible to implement IP header customizations in Windows 9X/NT through the Winsock function library (setsockopt). , of course, can be achieved by writing a virtual device driver, but it is more complicated, but the appearance of Windows 2000 broke this situation, Windows2000 's Winsock2.2 function library fully supports the setsockopt () option Ip_hdrincl, Makes it easy for us to implement a custom IP header. The implementation method is as follows: Four, the code part {1. This program can only run on Window 2000. 2. You must have Administrator privileges. 3. The program requires a button and a memo. ----------------------------------------------------------------------before you run the program, change Srcip, Srcport, The value of Destip and Destport----------------------------------------------------------------------If you can't read the code below, it's best not to run it. ----------------------------------------------------------------------} unit Unit1; Interface uses Windows, Messages, Sysutils, Classes, Graphics, Controls, Forms, Dialogs, Stdctrls, Olectrls, Registr Y Const Srcip = ' 123.123.123.1 ';//sender IP Address srcport = 1234; file://Sender Port Destip = ' 127.0.0.2 '; file://Destination IP Address destport = 4321; file://Destination Port max_message = 4068; Max_packet = 4096; Type Tpacketbuffer = array[0..max_packet-1] of byte; TForm1 = Class (Tform) Button1:tbutton; Memo1:tmemo; Procedure Button1Click (Sender:tobject); Private {Private declarations} public {public declarations} procedure Sendit; End IP Header Type T_ip_header = Record ip_verlen:byte; Ip_tos:byte; Ip_totallength:word; Ip_id:word; Ip_offset:word; Ip_ttl:byte; Ip_protocol:byte; Ip_checksum:word; Ip_srcaddr:longword; Ip_destaddr:longword; End UDP header Type T_udp_header = record Src_portno:word; Dst_portno:word; Udp_length:word; Udp_checksum:word; End Some types of Winsock 2 declare u_char = char; U_short = Word; U_int = Integer; U_long = Longint; Sunb = packed record s_b1, s_b2, S_b3, S_b4:u_char; End SUNW = Packed record S_W1, S_w2:u_short; End IN_ADDR = Record Case integer of 0: (S_UN_B:SUNB); 1: (S_UN_W:SUNW); 2: (S_addr:u_long); End TINADDR = in_addr; sockaddr_in = Record case Integer of 0: (Sin_family:u_short; Sin_port:u_short; SIN_ADDR:TINADDR; SIN_ZERO:ARRAY[0..7] of Char); 1: (Sa_family:u_short; SA_DATA:ARRAY[0..13] of Char) end; TSOCKADDR = sockaddr_in; Tsocket = U_int; Const WSADESCRIPTION_LEN = 256; Wsasys_status_len = 128; Type pwsadata = ^twsadata; Wsadata = record//Wsdata Wversion:word; Whighversion:word; Szdescription:array[0..wsadescription_len] of Char; Szsystemstatus:array[0..wsasys_status_len] of Char; Imaxsockets:word; Imaxudpdg:word; Lpvendorinfo:pchar; End Twsadata = Wsadata; file://defines some Winsock 2 function functions closesocket (s:tsocket): Integer; stdcall; function socket (AF, Struct, Protocol:integer): Tsocket; stdcall; function sendto (s:tsocket; var Buf; Len, Flags:integer; varADDRTO:TSOCKADDR; Tolen:integer): Integer; stdcall; {} function setsockopt (s:tsocket; level, Optname:integer; Optval:pchar; Optlen:integer): Integer; stdcall; function inet_addr (Cp:pchar): U_long; stdcall; {pinaddr;} {tinaddr} function htons (hostshort:u_short): u_short; stdcall; function Wsagetlasterror:integer; stdcall; function WSAStartup (Wversionrequired:word; var wsdata:twsadata): Integer; stdcall; function Wsacleanup:integer; stdcall; Const AF_INET = 2; INTERNETWORK:UDP, TCP, etc. IP_HDRINCL = 2; IP Header Include sock_raw = 3; Raw-protocol interface ipproto_ip = 0; Dummy for IP ipproto_tcp = 6; TCP IPPROTO_UDP = 17; User Datagram Protocol Ipproto_raw = 255; Raw IP Packet Invalid_socket = tsocket (not (0)); Socket_error =-1; var Form1:tform1; Implementation//Import Winsock 2 Functions Const WinSocket = ' Ws2_32.dll '; function closesocket; External winsocket name ' closesocket '; FUnction socket; External winsocket name ' socket '; function SendTo; External winsocket name ' SendTo '; function setsockopt; External winsocket name ' setsockopt '; function inet_addr; External winsocket name ' inet_addr '; function htons; External winsocket name ' htons '; function WSAGetLastError; External winsocket name ' WSAGetLastError '; function WSAStartup; External winsocket name ' WSAStartup '; function WSACleanup; External winsocket name ' WSACleanup '; {$R *. DFM} function CheckSum (Var Buffer; Size:integer): Word; Type Twordarray = array[0..1] of Word; var Chksum:longword; I:integer; Begin Chksum: = 0; I: = 0; While Size > 1 do begin chksum: = Chksum + Twordarray (Buffer); Inc (I); Size: = size-sizeof (Word); End If size=1 then chksum: = Chksum + Byte (Twordarray (Buffer)); Chksum: = (chksum shr) + (Chksum and $FFFF); Chksum: = Chksum + (chksum shr 16); Result: = Word (chksum); End Procedure Buildheaders (Fromip:string; Ifromport:word; toip:string; Itoport:word; strmessage:string; Var Buf:tpacketbuffer; Var remote:tsockaddr; Var Itotalsize:word); Var Dwfromip:longword; Dwtoip:longword; Iipversion:word; Iipsize:word; Iphdr:t_ip_header; Udphdr:t_udp_header; Iudpsize:word; Iudpchecksumsize:word; Cksum:word; PTR: ^byte; Procedure Incptr (Value:integer); Begin PTR: = Pointer (integer (PTR) + Value); End Begin//Convert IP Address ' ss DWFROMIP: = inet_addr (PChar (FROMIP)); Dwtoip: = inet_addr (PChar (TOIP)); Initialize IP Header//itotalsize: = sizeof (IPHDR) + sizeof (UDPHDR) + length (strmessage); Iipversion: = 4; Iipsize: = sizeof (IPHDR) div sizeof (Longword); Iphdr.ip_verlen: = (iipversion SHL 4) or iipsize; Iphdr.ip_tos: = 0; IP type of service iphdr.ip_totallength: = Htons (itotalsize); Total packet len iphdr.ip_id: = 0; Unique identifier:set to 0 Iphdr.ip_offset: = 0; Fragment offset field Iphdr.ip_ttl: = 128; Time to live iphdr.ip_protocol: = $11; Protocol (UDP) Iphdr.ip_checksum: = 0; IP checksum iphdr.ip_srcaddr: = DWFROMIP; Source address iphdr.ip_destaddr: = Dwtoip; Destination address////Initialize UDP Header//iudpsize: = sizeof (UDPHDR) + length (strmessage); Udphdr.src_portno: = htons (Ifromport); Udphdr.dst_portno: = htons (Itoport); Udphdr.udp_length: = htons (iudpsize); Udphdr.udp_checksum: = 0; Iudpchecksumsize: = 0; PTR: = @buf [0]; Fillchar (Buf, SizeOf (Buf), 0); Move (Iphdr.ip_srcaddr, ptr^, SizeOf (IPHDR.IP_SRCADDR)); Incptr (SizeOf (IPHDR.IP_SRCADDR)); Iudpchecksumsize: = iudpchecksumsize + sizeof (IPHDR.IP_SRCADDR); Move (Iphdr.ip_destaddr, ptr^, SizeOf (IPHDR.IP_DESTADDR)); Incptr (SizeOf (IPHDR.IP_DESTADDR)); Iudpchecksumsize: = iudpchecksumsize + sizeof (IPHDR.IP_DESTADDR); Incptr (1); INC (iudpchecksumsize); Move (Iphdr.ip_protocol, ptr^, sizeof (Iphdr.ip_protocoL)); Incptr (sizeof (IPHDR.IP_PROTOCOL)); Iudpchecksumsize: = iudpchecksumsize + sizeof (IPHDR.IP_PROTOCOL); Move (udphdr.udp_length, ptr^, sizeof (udphdr.udp_length)); Incptr (sizeof (udphdr.udp_length)); Iudpchecksumsize: = iudpchecksumsize + sizeof (udphdr.udp_length); Move (UDPHDR, ptr^, sizeof (UDPHDR)); Incptr (sizeof (UDPHDR)); Iudpchecksumsize: = iudpchecksumsize + sizeof (UDPHDR); Move (Strmessage[1], ptr^, Length (strmessage)); Incptr (Length (strmessage)); Iudpchecksumsize: = iudpchecksumsize + length (strmessage); Cksum: = Checksum (buf, iudpchecksumsize); Udphdr.udp_checksum: = cksum; Now that the IP and UDP headers are OK, we can send it out. Fillchar (Buf, SizeOf (Buf), 0); PTR: = @Buf [0]; Move (IPHDR, ptr^, SizeOf (IPHDR)); Incptr (SizeOf (IPHDR)); Move (UDPHDR, ptr^, SizeOf (UDPHDR)); Incptr (SizeOf (UDPHDR)); Move (Strmessage[1], ptr^, Length (strmessage)); remote.sin_family: = af_inet; Remote.sin_port: = htons (Itoport); REMOTE.SIN_ADDR.S_ADDR: = Dwtoip; End Procedure Tform1.sendit; Var Sh:tsocket; Bopt:integer; Ret:integer; Buf:tpacketbuffer; REMOTE:TSOCKADDR; LOCAL:TSOCKADDR; Itotalsize:word; Wsdata:twsadata; Begin//Startup Winsock 2 ret: = WSAStartup ($0002, wsdata); If Ret<>0 then begin Memo1.lines.add (' WSA Startup failed. '); Exit End With Memo1.lines do begin Add (' WSA Startup: '); Add (' Desc.: ' +wsdata.szdescription); Add (' Status: ' +wsdata.szsystemstatus); End Try//Create socket SH: = socket (af_inet, Sock_raw, IPPROTO_UDP); if (sh = invalid_socket) THEN begin Memo1.lines.add (' SOCKET () failed: ' +inttostr (WSAGetLastError)); Exit End Memo1.lines.add (' Socket Handle = ' +inttostr (SH)); Option:header Include bopt: = 1; RET: = SetSockOpt (sh, ipproto_ip, Ip_hdrincl, @bOpt, SizeOf (bopt)); If ret = Socket_error then BEGIN Memo1.lines.add (' setsockopt (IP_HDRINCL) failed: ' +inttostr (WSAGetLastError)); Exit End Build thePacket Buildheaders (SRCIP, Srcport, Destip, Destport, ' This is A TEST packet ', Buf, Remote, itotalsize); Send the packet ret: = SendTo (sh, buf, itotalsize, 0, remote, SizeOf (remote)); If ret = Socket_error then Memo1.Lines.Add (' SendTo () failed: ' +inttostr (wsagetlasterror)) Else Memo1.Lines.Add (' Send ' +inttostr (ret) + ' bytes. '); Close socket closesocket (SH); Finally//Close Winsock 2 wsacleanup; End End Procedure Tform1.button1click (Sender:tobject); Begin Sendit; End End.
Delphi-ip Address of the hidden