/************************************************************************/
/* 云守护版 sniffer的实现 542335496@qq.com */
/************************************************************************/
#include <WINSOCK2.H>
#include <stdio.h>
#pragma comment(lib,"ws2_32")
#define SIO_RCVALL _WSAIOW(IOC_VENDOR,1)
typedef struct _TCPHeader{
USHORT sourcePort;
USHORT destinationPort;
ULONG sequenceNumber;
ULONG acknowledgeNubmer;
UCHAR dataoffset;
UCHAR flags;
USHORT windows;
USHORT checksum;
USHORT urgentPointer;
}TCPHeader,*PTCPHeader;
typedef struct _UDPHeader{
USHORT sourcePort;
USHORT destinationPort;
USHORT len;
USHORT checksum;
}UDPHeader,*PUDPHeader;
typedef struct _IPHeader{
UCHAR iphVerLen;
UCHAR ipTOS;
USHORT ipLength;
USHORT ipID;
USHORT ipFlags;
UCHAR ipTTL;
UCHAR ipProtocol;
USHORT ipChecksum;
ULONG ipSource;
ULONG ipDestination;
}IPHeader,*PIPHeader;
void DecodeTCPPacket(char *pData);
void DecodeUDPPacket(char *pData);
void DecodeIPPacket(char *pData);
BOOL SetConsoleColor(WORD wAttributes){
HANDLE hconsole=GetStdHandle(STD_OUTPUT_HANDLE);
if(hconsole==INVALID_HANDLE_VALUE){
return FALSE;
}
return SetConsoleTextAttribute(hconsole,wAttributes);
}
void main(){
WSADATA ws;
WSAStartup(MAKEWORD(2,2),&ws);
SOCKET sRaw=socket(AF_INET,SOCK_RAW,IPPROTO_IP);
char szHostName[56];
SOCKADDR_IN addr_in;
struct hostent *pHost;
gethostname(szHostName,56);
if((pHost=gethostbyname((char*)szHostName))==NULL){
return ;
}
addr_in.sin_family=AF_INET;
addr_in.sin_port=htons(0);
memcpy(&addr_in.sin_addr.S_un.S_addr,pHost->h_addr_list[0],pHost->h_length);
printf("Binding To Interface: %s \n",::inet_ntoa(addr_in.sin_addr));
if(bind(sRaw,(SOCKADDR *)&addr_in,sizeof(addr_in))==SOCKET_ERROR){
return ;
}
DWORD dwValue=1;
if(ioctlsocket(sRaw,SIO_RCVALL,&dwValue)!=0){
return ;
}
char buffer[1024];
int nRet;
while(TRUE){
nRet=recv(sRaw,buffer,1024,0);
if(nRet>0){
DecodeIPPacket(buffer);
}
}
closesocket(sRaw);
}
void DecodeTCPPacket(char *pData)
{
TCPHeader *pTcpHeader=(TCPHeader*)pData;
SetConsoleColor(FOREGROUND_RED|FOREGROUND_INTENSITY|BACKGROUND_BLUE);
printf("\tTCP Port:%d =>%d \n",ntohs(pTcpHeader->sourcePort),ntohs(pTcpHeader->destinationPort));
// SetConsoleColor(FOREGROUND_RED| FOREGROUND_GREEN| FOREGROUND_BLUE);
SetConsoleColor(FOREGROUND_INTENSITY|FOREGROUND_INTENSITY|FOREGROUND_INTENSITY);
}
void DecodeUDPPacket(char *pData){
UDPHeader *pUDPHeader=(UDPHeader*)pData;
SetConsoleColor(FOREGROUND_GREEN|FOREGROUND_INTENSITY|BACKGROUND_BLUE);
printf("\t UDP Port:%d => %d \n",ntohs(pUDPHeader->sourcePort),ntohs(pUDPHeader->destinationPort));
SetConsoleColor(FOREGROUND_INTENSITY|FOREGROUND_INTENSITY|FOREGROUND_INTENSITY);
}
void DecodeIPPacket(char *pData){
IPHeader *pIPHeader=(IPHeader*) pData;
in_addr source,dest;
char szSourceIp[32],szDestIp[32];
source.S_un.S_addr=pIPHeader->ipSource;
dest.S_un.S_addr=pIPHeader->ipDestination;
strcpy(szSourceIp,::inet_ntoa(source));
strcpy(szDestIp,::inet_ntoa(dest));
printf("\t %s => %s \n",szSourceIp,szDestIp);
int nHeaderLen=(pIPHeader->iphVerLen&0xF)*sizeof(ULONG);
switch(pIPHeader->ipProtocol)
{
case IPPROTO_TCP:
DecodeTCPPacket(pData+nHeaderLen);
break;
case IPPROTO_UDP:
DecodeUDPPacket(pData+nHeaderLen);
break;
case IPPROTO_ICMP:
break;
default:
break;
}
}
云守护版sniffer的实现
最新推荐文章于 2023-04-15 14:20:27 发布