linux下簡單的sniffer程式

最後更新：2018-12-04 來源：互聯網

上載者：User

創建阿里雲帳戶，並獲得超過 40 款產品的免費試用版；而企業帳戶則可以享有總值 $1200 的免費試用版。立即註冊！

/***************************************
* Author : 李亞楠
* Time : 2006-04-02
* function: 檢測本機網路
****************************************/

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include <unistd.h>
#include <sys/socket.h>
#include <sys/types.h>
#include <linux/in.h>
#include <linux/if_ether.h>
#include <net/if.h>
#include <sys/ioctl.h>
#define INTERFACE "eth0"
int Set_Promisc(char *interface,int sock);
void Write_File(FILE *fp,unsigned char *buf,int len);
int main()
{
int sock,size,i,j;
FILE *fp;
unsigned char buffer[2048];
unsigned char *data;
fp = fopen("sniffer.txt","w");
if(!fp)
{
  printf("can not open the file/n");
  return;
}
if((sock = socket(PF_PACKET,SOCK_RAW,htons(ETH_P_IP))) < 0)
{
  printf("socket init error/n");
  return -1;
}

Set_Promisc(INTERFACE,sock);
while(1)
{
  printf("-------------------/n");
  size = recvfrom(sock,buffer,2048,0,NULL,NULL);
  printf("%d bytes read/n",size);
  if(size < 14)
  {
   printf("recv error/n");
   close(sock);
   return -1;
  }
  Write_File(fp, buffer,size);
  printf("the dst MAC is    %02x:%02x:%02x:%02x:%02x:%02x/n",buffer[0],buffer[1],buffer[2],
                        buffer[3],buffer[4],buffer[5]);
                printf("the source MAC is %02x:%02x:%02x:%02x:%02x:%02x/n",buffer[6],buffer[7],buffer[8],
                        buffer[9],buffer[10],buffer[11]);
                printf("Packet type is %02x%02x/n",buffer[12],buffer[13]);
                data = buffer+14;
                size = size - 14;
  for(i=0;i<size;i+=16)
  {
   for(j=i;j<i+16;j++)
   {
    if(j<size)
     printf("%02x ",data[j]);
    else
     break;
   }
   printf("/n");
  }
}
fclose(fp);
  return 0;
}
//設定網卡為混雜模式，使其可以接收到非發往原生資料包
int Set_Promisc(char *interface,int sock)
{
struct ifreq ifr;
strncpy(ifr.ifr_name,interface,strnlen(interface)+1);
if((ioctl(sock,SIOCGIFFLAGS,&ifr) == -1))
{
  printf("Couldn't retrive flags for the interface/n");
  exit(0);
}
printf("The interface is ::%s/n",interface);
printf("Retrieved flags from the interface successly/n");
ifr.ifr_flags |= IFF_PROMISC;
if(ioctl(sock,SIOCSIFFLAGS,&ifr) == -1)
{
  printf("Could not set the PROMISC flag/n");
  exit(0);
}
printf("Setting interface::%s::to promisc/n",interface);
return(0);
}
//寫檔案
void Write_File(FILE *fp,unsigned char *buf,int len)
{
int i;
int base;
/*
fp = fopen("sniffer.txt","a");
if(!fp)
{
  printf("can not open the file/n");
  return;
}
*/
fprintf(fp,"%s:%d/n","receive packet:",len);
if(buf[12] == 0x88 && buf[13] == 0x63)
{
  fprintf(fp,"%s/n""the PPPoE discovery packet found");
}
for (base=0; base<len; base += 16)
{
  for (i=base; i<base+16; i++)
  {
  if (i < len)
   {
    fprintf(fp, "%02x ", (unsigned) buf[i]);
       }
    else
   {
    fprintf(fp, "   ");
       }
  }
  fprintf(fp, " ");
  for (i=base; i<base+16; i++)
  {
       if (i < len)
   {
    if (isprint(buf[i]))
    {
         fprintf(fp, "%c", buf[i]);
    }
     else
    {
         fprintf(fp, ".");
    }
       }
   else {
    break;
       }
}
  fprintf(fp, "/n");
    }
fprintf(fp, "/n");
//fclose(fp);
}

本文章原先以中文撰寫並發佈於 aliyun.com，亦設英文版本，僅作資訊用途。本網站不對文章的準確性，完整性或可靠性或其任何翻譯作出任何明示或暗示的陳述或保證。如對該文章有任何疑慮或投訴，請傳送電郵至 info-contact@alibabacloud.com 並提供相關疑慮或投訴的詳細說明。職員會於 5 個工作天內與您聯絡，一經驗證之後，即會刪除該侵權內容。

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More