資源簡介
有C++編寫的,網絡抓包程序,將本機網卡至于混雜模式,可分析的數據包有UDP,TCP,以及IP包
代碼片段和文件信息
#include?“HdFuns.h“
#include?
#include?
#include?“DataStruct.h“
void?AnalyzeIpPackets(char?*buff)
{
PIPHEADER?pIphdr?=?(PIPHEADER)buff;
in_addr?source?dest;//源地址和目的地址
char?szSourceIp[32]?szDestIp[32];
printf(“\n-----------------------------------\n“);
source.S_un.S_addr?=?pIphdr->ipSourceAdd;//源IP
dest.S_un.S_addr?=?pIphdr->ipDestination;//目的IP
::strcpy(szSourceIp?::inet_ntoa(source));
::strcpy(szDestIp?::inet_ntoa(dest));
printf(“Soure?IP:%s\n“szSourceIp);
printf(“Destination?IP:%s\n“szDestIp);
//IP頭長度
int?nIpHeaderLen?=?(pIphdr->ipVersion?&?0xf)?*?sizeof(ULONG);
switch(pIphdr->ipProtocol)
{
case?IPPROTO_TCP://TCP
AnalyzeTcpPackets(buff?+?nIpHeaderLen);
break;
case?IPPROTO_UDP://UDP
AnalyzeUdpPackets(buff?+?nIpHeaderLen);
break;
case?IPPROTO_ICMP:
break;
}
}
void?AnalyzeTcpPackets(char?*buff)
{
PTCPHEADER?pTcpHdr?=?(PTCPHEADER)buff;
printf(“Protocol:TCP\n“);
//輸出端口號
printf(“Source?Port:%d\n“::ntohs(pTcpHdr->sourcePort));
printf(“Destination?Port:%d\n“::ntohs(pTcpHdr->destPort));
::memset(szText?‘?‘?nRet);
int?dataLen?=?nRet?-?sizeof(IPHEADER)?-?sizeof(TCPHEADER);//計算數據的長度
::memcpy(szText?&buff[sizeof(TCPHEADER)]?dataLen);//將數據包中的數據拷貝到緩沖區中
for?(int?i?=?0;?i? {
//按字節分析數據
if?(szText[i]? {
szText[i]?=?-szText[i];
}
printf(“%X?“?szText[i]);
}
switch(::ntohs(pTcpHdr->destPort))
{
case?21:
break;
case?80:
case?8080:
break;
}
}
void?AnalyzeUdpPackets(char?*buff)
{
printf(“Protocol:UDP\n“);
PUDPHEADER?pUdpHdr?=?(PUDPHEADER)buff;
printf(“Source?Port:%d\n“::ntohs(pUdpHdr->sourcePort));
printf(“Source?Port:%d\n“::ntohs(pUdpHdr->destinationPort));
::memset(szText?‘?‘??nRet);//清空緩沖區
int?dataLen?=nRet?-?sizeof(UDPHEADER)?-?sizeof(IPHEADER);
::memcpy(szText?buff?+?sizeof(UDPHEADER)?dataLen);
for?(int?i?=?0;?i? {
if?(szText[i]? {
szText[i]?=?-szText[i];
}
printf(“%X?“?szText[i]);
}
}
//主函數內容
#include?“InitSocket.h“
#include?
#include?“HdFuns.h“
#include?
using?namespace?std;
CInitSocket?initSock;
int?nRet;
int?main(void)
{
SOCKET?sRaw?=?::socket(AF_INET?SOCK_RAW?IPPROTO_IP);//原始套接字
char?szHostName[56];//主機名
SOCKADDR_IN?localAddr;//本地地址
struct?hostent?*pHost;
::gethostname(szHostName?56);//獲取主機名
if?((pHost?=?::gethostbyname((char*)szHostName))?==?NULL)
{
return?0;
}
localAddr.sin_family?=?AF_INET;
localAddr.sin_port??=?::htons(0);
::memcpy(&localAddr.sin_addr.S_un.S_addr?pHost->h_addr_list[0]?pHost->h_length);
cout<<“Bind?to?interface?:“<<::inet_ntoa(localAddr.sin_addr)<
{
return?0;
}
DWORD?dwValue?=?1;
if?(::ioctlsocket(sRaw?SIO_RCVALL?&dwValue)?!=?0)//設置網卡為混雜模式
{
return?0;
}
char?buff[1024];
while(true)
{
nRet?=?::recv(sRaw?buff?1024?0);/?屬性????????????大小?????日期????時間???名稱
-----------?---------??----------?-----??----
?????文件???????3247??2009-04-22?15:21??Sniffer\1.cpp
?????文件???????3341??2009-04-22?15:06??Sniffer\1.dsp
?????文件????????510??2009-04-22?15:22??Sniffer\1.dsw
?????文件??????33792??2009-04-22?15:22??Sniffer\1.ncb
?????文件??????48640??2009-04-22?15:22??Sniffer\1.opt
?????文件???????1079??2009-04-22?15:21??Sniffer\1.plg
?????文件???????1312??2009-04-22?14:44??Sniffer\DataStruct.h
?????文件?????380844??2009-04-22?15:21??Sniffer\Debug\1.ilk
?????文件??????57089??2009-04-22?15:21??Sniffer\Debug\1.obj
?????文件????3643536??2009-04-22?15:06??Sniffer\Debug\1.pch
?????文件?????590848??2009-04-22?15:21??Sniffer\Debug\1.pdb
?????文件?????249898??2009-04-22?15:21??Sniffer\Debug\Sniffer.exe
?????文件?????197632??2009-04-22?15:21??Sniffer\Debug\vc60.idb
?????文件?????135168??2009-04-22?15:21??Sniffer\Debug\vc60.pdb
?????文件????????250??2009-04-22?14:46??Sniffer\HdFuns.h
?????文件????????580??2009-04-22?14:45??Sniffer\InitSocket.h
?????目錄??????????0??2009-04-22?19:26??Sniffer\Debug
?????目錄??????????0??2009-04-22?15:22??Sniffer
-----------?---------??----------?-----??----
??????????????5347766????????????????????18
- 上一篇:C++版的rinex文件讀取源代碼
- 下一篇:歐拉法求解微分方程組
評論
共有 條評論
川公網安備 51152502000135號