📄 ipmandoc.cpp
字号:
sourport=swaps(pUDPHead->SourPort);
destport=swaps(pUDPHead->DestPort);
pdata=((BYTE *)pUDPHead)+UDP_HEAD_LEN;
/* TODO */
totallen-=UDP_HEAD_LEN;
flag=TRUE;
if(cmdline.option&OPT_LISTEN_PORT) {
flag=FALSE;
if((cmdline.option&OPT_LISTEN_PORT_1)&&
(cmdline.queport[0]==sourport||
cmdline.queport[0]==destport))
flag=TRUE;
else if((cmdline.option&OPT_LISTEN_PORT_2)&&
((cmdline.queport[0]==sourport&&cmdline.queport[1]==destport)||
(cmdline.queport[0]==destport&&cmdline.queport[1]==sourport)))
flag=TRUE;
}
else if(cmdline.option&OPT_LISTEN_INIT) {
flag=FALSE;
for(i=0;i<inifile.portno;i++)
if(sourport==inifile.qport[i]||
destport==inifile.qport[i]) break;
if(i<inifile.portno) flag=TRUE;
}
if(flag) {
index=pIPListView->GetListCtrl().InsertItem(0,"UDP");
strIP=StrIPAddr(psourip);
pIPListView->GetListCtrl().SetItem(index,1,LVIF_TEXT,strIP, 0, 0, 0,0);
strPORT.Format("%d",sourport);
pIPListView->GetListCtrl().SetItem(index,2,LVIF_TEXT,strPORT, 0, 0, 0,0);
strAll="UDP:"+strIP+":"+strPORT+" -> ";
strIP=StrIPAddr(pdestip);
pIPListView->GetListCtrl().SetItem(index,3,LVIF_TEXT,strIP, 0, 0, 0,0);
strPORT.Format("%d",destport);
pIPListView->GetListCtrl().SetItem(index,4,LVIF_TEXT,strPORT, 0, 0, 0,0);
strB.Format("%d Byte(s)",totallen);
pIPListView->GetListCtrl().SetItem(index,5,LVIF_TEXT,strB, 0, 0, 0,0);
strData=StrData(pdata,totallen,pIPManDoc->m_display);
pIPListView->GetListCtrl().SetItem(index,6,LVIF_TEXT,strData, 0, 0, 0,0);
strAll=strAll+strIP+":"+strPORT+":\r\n"+strB+":\r\n"+strData;
}
break;
case IP_PROTO_ICMP: /* ICMP packet */
flag=TRUE;
if(cmdline.option&OPT_LISTEN_PORT)
flag=FALSE;
if(flag) {
pICMPHead=(struct ICMPPacketHead *)(Buffer+ETHER_HEAD_LEN+headlen);
totallen-=headlen;
pdata=((BYTE *)pICMPHead)+ICMP_HEAD_LEN;
totallen-=ICMP_HEAD_LEN;
/* TODO */
index=pIPListView->GetListCtrl().InsertItem(0,"ICMP");
strIP=StrIPAddr(psourip);
pIPListView->GetListCtrl().SetItem(index,1,LVIF_TEXT,strIP, 0, 0, 0,0);
strPORT="-"; //无需端口
pIPListView->GetListCtrl().SetItem(index,2,LVIF_TEXT,strPORT, 0, 0, 0,0);
strAll="ICMP:"+strIP+":"+strPORT+" -> ";
strIP=StrIPAddr(pdestip);
pIPListView->GetListCtrl().SetItem(index,3,LVIF_TEXT,strIP, 0, 0, 0,0);
strPORT="-"; //无需端口
pIPListView->GetListCtrl().SetItem(index,4,LVIF_TEXT,strPORT, 0, 0, 0,0);
strB.Format("%d Byte(s)",totallen);
pIPListView->GetListCtrl().SetItem(index,5,LVIF_TEXT,strB, 0, 0, 0,0);
strData.Format("ICMP Message:Type:%d Code:%d\n",pICMPHead->Type,pICMPHead->Code);
pIPListView->GetListCtrl().SetItem(index,6,LVIF_TEXT,strData, 0, 0, 0,0);
strAll=strAll+strIP+":"+strPORT+":\r\n"+strB+":\r\n"+strData;
}
break;
default: /* Unknown packet */
/*fprintf(stderr,"Unknown ip packet type.\n");*/
break;
}
}
break;
case ETHER_PROTO_ARP: /* ARP packet */
if((cmdline.option&OPT_LISTEN_SPEC)==0) {
pARPHead=(struct ARPPacket*)(Buffer+ETHER_HEAD_LEN);
psourip=&(pARPHead->SourIP);
pdestip=&(pARPHead->DestIP);
psoureth=&(pARPHead->SourEther);
pdesteth=&(pARPHead->DestEther);
/* TODO */
index=pIPListView->GetListCtrl().InsertItem(0,"ARP");
strMAC=StrEtherAddr(psoureth);
strIP=StrIPAddr(psourip);
str=strIP+"("+strMAC+")";
pIPListView->GetListCtrl().SetItem(index,1,LVIF_TEXT,str, 0, 0, 0,0);
strPORT="-"; //无需端口
pIPListView->GetListCtrl().SetItem(index,2,LVIF_TEXT,strPORT, 0, 0, 0,0);
strAll="ARP:"+str+":"+strPORT+" -> ";
strMAC=StrEtherAddr(pdesteth);
strIP=StrIPAddr(pdestip);
str=strIP+"("+strMAC+")";
pIPListView->GetListCtrl().SetItem(index,3,LVIF_TEXT,str, 0, 0, 0,0);
strPORT="-"; //无需端口
pIPListView->GetListCtrl().SetItem(index,4,LVIF_TEXT,strPORT, 0, 0, 0,0);
strB="-";
pIPListView->GetListCtrl().SetItem(index,5,LVIF_TEXT,strPORT, 0, 0, 0,0);
strData.Format(" Operation:%d\n",swaps(pARPHead->Oper));
pIPListView->GetListCtrl().SetItem(index,6,LVIF_TEXT,strData, 0, 0, 0,0);
strAll="ARP: "+str+strIP+":"+strPORT+":\r\n"+strB+":\r\n"+strData;
}
break;
default: /* Unknown packet */
//pDlg->m_ctlList.InsertString(0,"Unknown ethernet packet type.");
//pDlg->m_ctlList.AddString("Unknown ethernet packet type.");
//pDlg->m_ctlList.AddString("可能是有人访问网上邻居哟!");
break;
}
str1=strAll;
findCount=pFilterListView->GetListCtrl().GetItemCount();
for(tem=0;tem<findCount;tem++)
{
str1.MakeLower();
strFind=pFilterListView->GetListCtrl().GetItemText(tem,0);
strFind.MakeLower();
if(str1.Find(strFind)!=-1)pMACListView->GetListCtrl().InsertItem(0,strAll);
}
//pDlg->m_FilterBox.InsertString(0,strAll);
continue;
}
//pDlg->m_ctlList.AddString("leave listen!");
return 0;
}
//-------------------------------------------------------------
//------------------------------arp线程----------------------
UINT ArpThread(LPVOID param)
{
//int line=10;
//========================
/* Set Filter */
filter=NDIS_PACKET_TYPE_DIRECTED;
SetOid(hVxD, OID_GEN_CURRENT_PACKET_FILTER, 4, filter);
//========================
pDlg->m_IPEdit1.GetAddress(cmdline.queip[0].AddrByte[0],
cmdline.queip[0].AddrByte[1],
cmdline.queip[0].AddrByte[2],
cmdline.queip[0].AddrByte[3]);
unsigned char AddrB[4];
pDlg->m_IPEdit2.GetAddress(AddrB[0],AddrB[1],AddrB[2],AddrB[3]);
if(AddrB[2]<cmdline.queip[0].AddrByte[2]){AfxMessageBox("终止地址应大于起始地址!"); return 0;}
else if(AddrB[2]==cmdline.queip[0].AddrByte[2]&&AddrB[3]<cmdline.queip[0].AddrByte[3]){AfxMessageBox("终止地址应大于起始地址!"); return 0;}
if(AddrB[0]!=cmdline.queip[0].AddrByte[0]||AddrB[1]!=cmdline.queip[0].AddrByte[1]){AfxMessageBox("不支持A类或B类网!"); return 0;}
do{
/* Do query ethernet address form IP */
if(exitthread)
{
//AfxMessageBox("中断ARP线程!");
exitthread=false;
pDlg->GetDlgItem(IDC_BUTTON1)->EnableWindow(true);
pDlg->GetDlgItem(IDC_BUTTON2)->EnableWindow(false);
pDlg->GetDlgItem(IDC_BUTTON3)->EnableWindow(true);
pDlg->GetDlgItem(IDOK)->EnableWindow(true);
pDlg->m_bStart=false;
return 1;
}
CString strIP,strMAC;
strIP.Format("%d.%d.%d.%d",cmdline.queip[0].AddrByte[0],cmdline.queip[0].AddrByte[1],cmdline.queip[0].AddrByte[2],cmdline.queip[0].AddrByte[3]);
//pDlg->m_ctlList.AddString(strIP);
ListenStart(hVxD);
SendARPPacket(hVxD,
&m_EtherAddr,
ðerbroad,
&m_EtherAddr,
ðernull,
&m_IPAddr,
&cmdline.queip[0],
ARP_OPER_ARP_REQ);
////pDlg->m_ctlList.AddString("ARP包发送完毕。等待回应......");
Continue=TRUE;
//int n=0;
while(Continue) {
//pDlg->UpdateData(true);
int nWait=pDlg->m_SpinEdit;
//pDlg->UpdateData(false);
if((DataLen=RecvPacket(hVxD,Buffer,nWait,1))==SYSERR) {
AfxMessageBox("Can not recv ARP packet.");
goto ENDOFARP;
}
if(DataLen==65535)
{
////pDlg->m_ctlList.AddString("-----------end of ARP-----------");
strMAC="Time Out!";
goto ENDOFARP;//return 0;
}
pEtherHead=(struct EtherPacketHead *)Buffer;
if(swaps(pEtherHead->ServType)!=ETHER_PROTO_ARP) continue;
pARPHead=(struct ARPPacket *)(Buffer+ETHER_HEAD_LEN);
if(swaps(pARPHead->Oper)!=ARP_OPER_ARP_ANS) continue;
if(memcmp((void *)&pARPHead->SourIP,(void *)&cmdline.queip[0],4)!=0) continue;
/* Get ethernet address */
/////pDlg->m_ctlList.AddString("Ethernet Address:");
strMAC=StrEtherAddr(&pARPHead->SourEther);
Continue=FALSE;
}
ENDOFARP:
//pDlg->m_ctlList.AddString(strIP+":"+strMAC);
str=strIP+" : "+strMAC+"\r\n";
//pDlg->UpdateData(true);
pDlg->m_MacList.InsertString(0,str);
if(strMAC!="Time Out!")pDlg->m_ARPList.InsertString(0,str);
//pDlg->UpdateData(false);
//::SendMessage(pDlg->m_ctEdit.GetSafeHwnd(),WM_VSCROLL,SB_PAGEDOWN,1);
//line+=1;
//::SetScrollPos(pDlg->m_ctEdit.GetSafeHwnd(),SB_VERT,line,true);
if(cmdline.queip[0].AddrByte[2]<=AddrB[2])
{
//if(cmdline.queip[0].AddrByte[3]==255)AfxMessageBox("here0");
if(cmdline.queip[0].AddrByte[3]<AddrB[3])cmdline.queip[0].AddrByte[3]++;
else if(cmdline.queip[0].AddrByte[2]<AddrB[2]&&cmdline.queip[0].AddrByte[3]<255)cmdline.queip[0].AddrByte[3]++;
else if(cmdline.queip[0].AddrByte[2]<AddrB[2]&&cmdline.queip[0].AddrByte[3]==255)
{
//AfxMessageBox("here");
cmdline.queip[0].AddrByte[3]=0;
cmdline.queip[0].AddrByte[2]++;
}
}
else break;
if(cmdline.queip[0].AddrByte[3]>=AddrB[3]&&cmdline.queip[0].AddrByte[2]>=AddrB[2])break;
}while(cmdline.queip[0].AddrByte[2]<=255&&cmdline.queip[0].AddrByte[3]<=255);
//pDlg->m_ctlList.AddString("---------end of all arp---------");
//pDlg->UpdateData(true);
pDlg->m_MacList.InsertString(0,"---------end of all arp---------\r\n");
//pDlg->UpdateData(false);
//========================
/* Set Filter */
filter=NDIS_PACKET_TYPE_PROMISCUOUS;
SetOid(hVxD, OID_GEN_CURRENT_PACKET_FILTER, 4, filter);
//========================
pDlg->GetDlgItem(IDC_BUTTON1)->EnableWindow(true);
pDlg->GetDlgItem(IDC_BUTTON2)->EnableWindow(false);
pDlg->GetDlgItem(IDC_BUTTON3)->EnableWindow(true);
pDlg->GetDlgItem(IDOK)->EnableWindow(true);
pDlg->m_bStart=false;
AfxMessageBox("ARP解析完毕!");
return 0;
}
//-----------------------------------------------------------
void CIPManDoc::OnButtonBeginSniffer()
{
// TODO: Add your command handler code here
//---------------------statusbar ---------------
int st1=pMainFrame->m_wndStatusBar.CommandToIndex(ID_INDICATOR_HINT);
pMainFrame->m_wndStatusBar.SetPaneStyle(st1,SBPS_NORMAL);
pMainFrame->m_wndStatusBar.SetPaneText(st1,"开始监听",true);
//----------------------------------------------
pMainFrame->m_bBegin = false;
pMainFrame->m_bStop = true;
pMainFrame->m_bClear = false;
pMainFrame->m_bARP = false;
exitthread=false;
AfxBeginThread(ListenAllThread,this,THREAD_PRIORITY_NORMAL);
}
void CIPManDoc::OnButtonExitSniffer()
{
// TODO: Add your command handler code here
exitthread=true;
pMainFrame->m_bBegin = true;
pMainFrame->m_bStop = false;
pMainFrame->m_bClear = true;
pMainFrame->m_bARP = true;
}
void CIPManDoc::OnButtonClear()
{
// TODO: Add your command handler code here
pIPListView->GetListCtrl().DeleteAllItems();
pFilterListView->GetListCtrl().DeleteAllItems();
pMACListView->GetListCtrl().DeleteAllItems();
}
void CIPManDoc::OnRadio1()
{
// TODO: Add your control notification handler code here
m_display=0;
}
void CIPManDoc::OnRadio2()
{
// TODO: Add your control notification handler code here
m_display=1;
}
void CIPManDoc::BeginArp(int nWait)
{
AfxBeginThread(ArpThread,this,THREAD_PRIORITY_NORMAL);
}
void CIPManDoc::ExitArp()
{
exitthread=true;
}
void CIPManDoc::OnCloseDocument()
{
// TODO: Add your specialized code here and/or call the base class
CloseHandle(hVxD);
//if(pfout!=NULL) fclose(pfout);
//if(pfcmd!=NULL) fclose(pfcmd);
CDocument::OnCloseDocument();
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -