#ifndef _H_SYNSCAN_H_
#define _H_SYNSCAN_H_
#include"Common.h"
class SynScan
{
public:
int SynScaner();
private:
int GetAllDevs();
int GetAdapterMacAddr( int selIndex );
int GetIpByHost(const char *lpszHost );
unsigned short CheckSum(unsigned short packet[], int size ) ;//CRC
int EncodeSynPacket( byte packet[], const char *lpszSrcIpAddr, const char *lpszDstIpAddr, byte srcMacAddr[]);
// void packet_handler(u_char *param, const struct pcap_pkthdr *header, const u_char *pkt_data);
public:
DEVS_INFO devsList[64];
pcap_if_t *d;
//pcap_if_t *alldevs;
pcap_t *handle;
byte localMacAddr[6];
std::vector<std::string> ipList;
};
#endif
/
#include"SYNScan.h"
int SynScan::GetAllDevs()
{
int nDevsNum = 0;
pcap_if_t *alldevs;
char errbuf[PCAP_ERRBUF_SIZE];
if ( pcap_findalldevs(&alldevs,errbuf) == -1 )
{
return -1;
printf("error in pcap_findalldevs_ex: %s\n",errbuf);
}
for ( pcap_if_t *d = alldevs; d != NULL; d = d->next )
{
strcpy( devsList[nDevsNum].szDevName, d->name );
strcpy( devsList[nDevsNum].szDevsDescription, d->description );
nDevsNum++;
}
//pcap_freealldevs(alldevs);
d=alldevs;
return nDevsNum;
}
int SynScan:: GetAdapterMacAddr( int selIndex )// localMacAddr
{
LPADAPTER lpAdapter = PacketOpenAdapter( devsList[selIndex-1].szDevName);
if (!lpAdapter || (lpAdapter->hFile == INVALID_HANDLE_VALUE))
{
return -1;
}
PPACKET_OID_DATA oidData = ( PPACKET_OID_DATA )malloc(6 + sizeof(PACKET_OID_DATA));
if ( NULL == oidData )
{
PacketCloseAdapter(lpAdapter);
return -1;
}
oidData->Oid = OID_802_3_CURRENT_ADDRESS;
oidData->Length = 6;
memset(oidData->Data, 0, 6 );
BOOLEAN bStatus = PacketRequest(lpAdapter, FALSE, oidData);
if ( bStatus )
{
for ( int i = 0; i < 6; ++i )
{
localMacAddr[i] = (oidData->Data)[i];
}
}
else
{
return -1;
free( oidData );
}
free( oidData );
PacketCloseAdapter( lpAdapter );
return 0;
}
int SynScan::GetIpByHost(const char *lpszHost)
{
WSADATA wsadata;
WSAStartup(MAKEWORD(2, 2),&wsadata);
hostent *phost=gethostbyname( lpszHost );
in_addr addr;
char *p = phost->h_addr_list[0];
for(int i = 1; NULL != p; i++)
{
memcpy(&addr.S_un.S_addr, p, phost->h_length);
ipList.push_back( inet_ntoa( addr ));
p = phost->h_addr_list[i];
}
return 0;
}
// int GetGatewayMacAddr( byte macAddr[] )
//{
// byte mac[] = {0x00, 0x00, 0x5e, 0x00, 0x01, 0x48};
// //00-00-5e-00-01-48
// memcpy( macAddr, mac, 6 );
// return 0;
//}
unsigned short SynScan::CheckSum(unsigned short packet[], int size ) //CRC
{
unsigned long cksum = 0;
while (size > 1)
{
cksum += *packet++;
size -= sizeof(USHORT);
}
if (size)
{
cksum += *(UCHAR*)packet;
}
cksum = (cksum >> 16) + (cksum & 0xFFFF);
cksum += (cksum >>16);
return (USHORT)(~cksum);
}
int SynScan:: EncodeSynPacket( byte packet[], const char *lpszSrcIpAddr, const char *lpszDstIpAddr, byte srcMacAddr[])
{
TCP_HEADER tcpHeader;
memset(&tcpHeader, 0, sizeof tcpHeader );
*(unsigned short *)tcpHeader.srcPort = htons(9999);
*(unsigned short *)tcpHeader.dstPort = htons(80);
*(unsigned int *)tcpHeader.seqNumber = htonl(0xFFFF);
*(unsigned int *)tcpHeader.ackNumber = htonl(0x00);
tcpHeader.headLen = 5 << 4;
tcpHeader.contrl = 1 << 1;
*(unsigned short *)tcpHeader.wndSize = htons(0xFFFF);
IP_HEADER ipHeader;
memset( &ipHeader, 0, sizeof ipHeader );
unsigned char versionAndLen = 0x04;
versionAndLen <<= 4;
versionAndLen |= sizeof ipHeader / 4; //版本 + 头长度
ipHeader.versionAndHeader = versionAndLen;
*(unsigned short *)ipHeader.totalLen = htons( sizeof(IP_HEADER) + sizeof(TCP_HEADER) );
ipHeader.ttl = 0xFF;
ipHeader.hiProtovolType = 0x06;
*(unsigned int *)(ipHeader.srcIpAddr) = inet_addr(lpszSrcIpAddr);
*(unsigned int *)(ipHeader.dstIpAddr) = inet_addr(lpszDstIpAddr);
//*(unsigned short *)(ipHeader.headerCheckSum) = CheckSum( (unsigned short *)&ipHeader, sizeof ipHeader );
byte gatewayMac[] = {0x00, 0x00, 0x5e, 0x00, 0x01, 0x48};
ETHERNET_HEADER ethHeader;
memset(ðHeader, 0, sizeof ethHeader);
memcpy(ethHeader.dstMacAddr, gatewayMac, 6);
memcpy(ethHeader.srcMacAddr, srcMacAddr, 6);
*(unsigned short *)ethHeader.ethernetType = htons(0x0800);
//memset(packet, 0, sizeof packet);
memcpy(packet, ðHeader, sizeof ethHeader);
memcpy(packet + sizeof ethHeader, &ipHeader, sizeof ipHeader);
memcpy(packet + sizeof ethHeader + sizeof ipHeader, &tcpHeader, sizeof tcpHeader);
return (sizeof ethHeader + sizeof ipHeader + sizeof tcpHeader);
}
/* 回调函数,当收到每一个数据包时会被libpcap所调用 */
void packet_handler(u_char *param, const struct pcap_pkthdr *header, const u_char *pkt_data)
{
struct tm *ltime;
char timestr[16];
IP_HEADER *ih;
TCP_HEADER *tcp;
u_int ip_len;
u_short sport,dport;
time_t local_tv_sec;
/* 将时间戳转换成可识别的格式 */
local_tv_sec = header->ts.tv_sec;
ltime=localtime(&local_tv_sec);
strftime( timestr, sizeof timestr, "%H:%M:%S", ltime);
/* 获得IP数据包头部的位置 */
ih = (IP_HEADER*) (pkt_data +
14); //以太网头部长度
/* 获得UDP首部的位置 */
ip_len = (ih->versionAndHeader & 0xf) * 4;
tcp = (TCP_HEADER *) ((u_char*)ih + ip_len);
/* 将网络字节序列转换成主机字节序列 */
sport = ntohs( *(unsigned short* )tcp->srcPort);
dport = ntohs( *(unsigned short* )tcp->dstPort );
in_addr addr1,addr2;
addr1.S_un.S_addr=*(unsigned long*)ih->srcIpAddr;
addr2.S_un.S_addr=*(unsigned long*)ih->dstIpAddr;
u_short s =80;
//int seq = ntohl (*(unsigned int * )tcp->seqNumber);
//int ack = ntohl(*(unsigned int *)tcp->ackNumber);
/* 打印IP地址和tcp端口 */
if(s==sport) //打印个发送目的端口试试
/* 打印数据包的时间戳和长度 */
{ printf("%s.%.6d len:%d ", timestr, header->ts.tv_usec, header->len);
printf("%s [%d] TTL %d \n",
inet_ntoa(addr1),sport /* ,seq,ack,*/,ih->ttl);
}
}
int SynScan::SynScaner()
{
//system("mode con cols=110 lines=20");
pcap_if_t *alldevs;
int nDevsNum = GetAllDevs();
alldevs =d;
if ( nDevsNum < 1 )
{
printf("Get adapter infomation failed!");
exit(0);
}
for ( int i = 0; i < nDevsNum; ++i )
{
printf("%d %s\t%s\n", i+1, devsList[i].szDevName, devsList[i].szDevsDescription );
}
printf("Input your select adapter index: ");
int selIndex = 0;
scanf("%d", &selIndex);
if ( selIndex < 0 || selIndex > nDevsNum+1 )
{
printf("Out of range!\nPress any key to exit...");
getch();
return 0;
}
int i;
for(i=0; i< selIndex-1 ;d=d->next, i++);// /* 跳转到已选设备 */
char szError[PCAP_ERRBUF_SIZE];
handle = pcap_open_live(devsList[selIndex-1].szDevName, 65536, 1, 1000, szError );
if ( NULL == handle )
{
printf("Open adapter failed!\nPress any key to exit...");
getch();
return 0;
}
byte localMacAddr[6];
memset(localMacAddr, 0, sizeof localMacAddr);
if ( 0 != GetAdapterMacAddr(selIndex) )
{
printf("Get localhost mac addr failed!\nPress any key to exit...");
getch();
return 0;
}
printf("input address : \n");
char szAdd[128]=" ";
cin>>szAdd;
GetIpByHost(szAdd);
std::vector<std::string>::iterator ite = ipList.begin();
while(ite!= ipList.end())
{
cout<<*ite<<endl;
ite++;
}
//构造包
byte packet[1024];
int size = EncodeSynPacket( packet, "0.0.0.0", ipList[0].c_str(), localMacAddr);
//return 0;
ETHERNET_HEADER *pEtherentHeader = (ETHERNET_HEADER *)packet;
IP_HEADER *pIpHeader = ( IP_HEADER *)(packet + sizeof(ETHERNET_HEADER));
TCP_HEADER *pTcpHeader = ( TCP_HEADER *)(packet + sizeof(ETHERNET_HEADER) + sizeof(IP_HEADER));
//*srand(time(0));
unsigned short srcPort = 0;//= rand() %0xFFFFFFFF;
unsigned int srcIpAddr = 0;
unsigned int baseIpAddr = ntohl(inet_addr("10.126.0.0"));
byte psdPacket[128];
memset(psdPacket, 0x00, sizeof psdPacket );
PSDTCP_HEADER *psdHeader = (PSDTCP_HEADER *)psdPacket;
*(unsigned int *)(psdHeader->dstIpAddr) = inet_addr(ipList[0].c_str());
*(unsigned short *)(psdHeader->tcpLen) = htons(sizeof(TCP_HEADER));
psdHeader->protocol = 0x06;
psdHeader->padding = 0x00;
memcpy( psdPacket + sizeof(PSDTCP_HEADER), pTcpHeader, sizeof(TCP_HEADER));
unsigned int seq = 0;
srand( time(0) );
i=10;
while ( i--)
{
for ( int i = 0; i < 6; ++i )
{
pEtherentHeader->srcMacAddr[i] = (byte)(rand() % (0xFF+1) );
}
seq = rand() % 0xFFFFFF;
srcPort = rand() % 0xFFFF;
srcIpAddr = baseIpAddr + rand() % 0xFFFF;
*(unsigned int *)(pIpHeader->srcIpAddr) = htonl(srcIpAddr);
*(unsigned short *)(pIpHeader->headerCheckSum) = 0x0000;
*(unsigned short *)(pIpHeader->headerCheckSum) = CheckSum( ( unsigned short * )pIpHeader, sizeof (IP_HEADER));
*(unsigned int *)(psdHeader->srcIpAddr) = htonl(srcIpAddr);
*(unsigned int *)(psdHeader->srcIpAddr) = htonl(srcIpAddr);
TCP_HEADER *psdTcpHeader = (TCP_HEADER *)(psdPacket + sizeof(PSDTCP_HEADER) );
*(unsigned int *)(psdTcpHeader->seqNumber) = htonl(seq);
*(unsigned int *)(pTcpHeader->seqNumber) = htonl(seq);//htonl(rand() % 0xFFFFFF );
*(unsigned short *)(pTcpHeader->srcPort) = htons(srcPort);
*(unsigned short *)(psdTcpHeader->srcPort) = htons(srcPort);
*(unsigned short *)(pTcpHeader->checkSum) = 0x0000;
*(unsigned short *)(pTcpHeader->checkSum) = CheckSum( (unsigned short *)psdPacket, sizeof(PSDTCP_HEADER) + sizeof(TCP_HEADER) );
//system("pause");
Sleep(0);
pcap_sendpacket(handle, packet, size);
}
cout<<"packet sended !!! "<<endl;
//catch bage
//char errbuf[PCAP_ERRBUF_SIZE];
u_int netmask;
char packet_filter[] = "ip and tcp";
struct bpf_program fcode;
/* 检查数据链路层,为了简单,我们只考虑以太网 */
if(pcap_datalink(handle) != DLT_EN10MB)
{
fprintf(stderr,"\nThis program works only on Ethernet networks.\n");
/* 释放设备列表 */
pcap_freealldevs(alldevs);
return -1;
}
if(d->addresses != NULL)
/* 获得接口第一个地址的掩码 */
netmask=((struct sockaddr_in *)(d->addresses->netmask))->sin_addr.S_un.S_addr;
else
/* 如果接口没有地址,那么我们假设一个C类的掩码 */
netmask=0xffffff;
//编译过滤器
if (pcap_compile(handle, &fcode, packet_filter, 1, netmask) <0 )
{
fprintf(stderr,"\nUnable to compile the packet filter. Check the syntax.\n");
/* 释放设备列表 */
pcap_freealldevs(alldevs);
return -1;
}
//设置过滤器
if (pcap_setfilter(handle, &fcode)<0)
{
fprintf(stderr,"\nError setting the filter.\n");
/* 释放设备列表 */
pcap_freealldevs(alldevs);
return -1;
}
printf("\nlistening on %s...\n", d->description);
/* 释放设备列表 */
pcap_freealldevs(alldevs);
/* 开始捕捉 */
pcap_loop(handle, 0, packet_handler, NULL);
if ( NULL == handle )
{
printf("\nUnable to open the adapter. %s is not supported by WinPcap\n");
return 0;
}
pcap_close(handle);
return 1;
}