這是最近的一段代碼。
也沒有什麼好說的,簡單的socket編程,設定網卡為混雜模式,接受所有封包,並列印所有封包的基本資料,及內容。
#include<stdio.h>#include<winsock2.h>#include<string.h>#include<windows.h>#include<mstcpip.h>#pragma comment(lib,"ws2_32.lib")#define RECVPORT 7000 //綁定的接包連接埠號碼struct iphdr{unsigned char head;unsigned char tos;unsigned short length; //IP包頭定義unsigned short flags;unsigned short offset;unsigned char ttl;unsigned char protc;unsigned short checksum;unsigned int sourceip;unsigned int destip; };struct udphdr{unsigned int sourceport;unsigned int destport;unsigned int length;//UDP包頭定義unsigned int checksum;};struct tcphdr{USHORT sourceport;USHORT destport;unsigned int seq;unsigned int ack;//TCP包頭定義unsigned char offset;unsigned char flags;USHORT win;USHORT checksum;USHORT urg;};FILE *f;char orig[100],*p,end;char type[20]={0},version[20]={0},plat[20]={0},ttl[20]={0},win[20]={0},df[20]={0},tos[20]={0};int i=0,j=0;int ttli,dfi,tosi,winb,wine;bool winf=false;int solve(char *buff) //解包函數定義{struct iphdr *ip;struct tcphdr *tcp;struct udphdr *udp;struct sockaddr_in test1,test2;BYTE *datat=NULL,*datau=NULL;BYTE test;ip=(struct iphdr*)buff;//取IP頭tcp=(struct tcphdr*)(buff+((ip->head)&0xf)*sizeof(unsigned int)); //取TCP頭 udp=(struct udphdr*)(buff+((ip->head)&0xf)*sizeof(unsigned int)); //取UDP頭test1.sin_addr.s_addr=ip->sourceip; test2.sin_addr.s_addr=ip->destip;datat=((BYTE *)tcp)+(tcp->offset>>4)*4;datau=(BYTE *)udp;printf("從:%s,",inet_ntoa(test1.sin_addr));printf("到:%s\n",inet_ntoa(test2.sin_addr));switch(ip->protc){case 1:printf("Proto ICMP,");break; case 2:printf("Proto IGMP,");break;case 6:printf("Proto TCP,");break;case 8:printf("Proto EGP,");break;case 9:printf("Proto IGP,");break;case 17:printf("Proto UDP,");break;case 41:printf("Proto IPv6,");break;case 89:printf("Proto OSPF,");break;default:printf("Proto error,");break;}if(ip->protc==6){int port=0;port=ntohs(tcp->sourceport);printf("從TCP連接埠:%d,到TCP連接埠:%d,SEQ:%d,ACK:%d\n",ntohs(tcp->sourceport),ntohs(tcp->destport),ntohl(tcp->seq),ntohl(tcp->ack));switch(port){ case 21:printf("這是一個ftp協議資料包\n");break;case 80:printf("這是一個HTTP協議資料包\n");break;case 110:printf("這是一個pop3協議資料包\n");break;case 25:printf("這是一個SMTP協議資料包\n ");break;}printf("FLAGS:");if(tcp->flags&0x20)printf("URG ");if(tcp->flags&0x10)printf("ACK ");if(tcp->flags&0x8) //對TCP命令,輸出標誌位printf("PSH ");if(tcp->flags&0x4)printf("RST ");if(tcp->flags&0x2)printf("SYN ");if(tcp->flags&0x1)printf("FIN ");printf("data:%s\n",datat);}else if(ip->protc==17){printf("從UDP連接埠:%d,到UDP連接埠:%d,\nDATA:%s",ntohs(udp->sourceport),ntohs(udp->destport),datau);}printf("TTL:%d\n",ip->ttl);printf("\n");return 0;}int main(){WSADATA ws;long lresult;SOCKET sock;struct sockaddr_in myaddress;//定義主函數變數struct hostent *host;char name[100],buffer[65535],k; int err1,err2,err3,i; printf("輸入ENTER鍵開始\n");k=getchar();lresult=WSAStartup(MAKEWORD(2,2),&ws);if(lresult<0)printf("error!");myaddress.sin_family=AF_INET;myaddress.sin_port=htons(RECVPORT); //初始化gethostname(name,sizeof(name));host=gethostbyname(name);memcpy(&myaddress.sin_addr,host->h_addr_list[0],host->h_length); sock=socket(AF_INET,SOCK_RAW,IPPROTO_IP);err2=bind(sock,(PSOCKADDR)&myaddress,sizeof(myaddress)); //綁定連接埠if(err2<0){printf("BIND ERROR!");exit(1);}DWORD inbuffer=1;DWORD outbuffer[10];DWORD returned=0;err1=WSAIoctl(sock,SIO_RCVALL,&inbuffer,sizeof(inbuffer),&outbuffer,sizeof(outbuffer),&returned,NULL,NULL);if(err1<0){printf("IO OPTION SET ERROR!");//設定連接埠為接收所有包模式exit(1);}for(i=1;i<=30;i++){memset(buffer,0,sizeof(buffer));//清空接收緩衝區err3=recv(sock,buffer,sizeof(buffer),0); //接包if(err3<0){printf("RECEIVE ERROR!");exit(1);}solve(buffer); //定義解包函數解包}return 0;}
菜鳥言論,僅供娛樂。