mysimpsnifferdlg.cpp
来自「一个关于局域网简单抓包工具」· C++ 代码 · 共 1,943 行 · 第 1/5 页
CPP
1,943 行
default :
break;
}
return true;
}
// TCP解包程序
int CMySimpSnifferDlg::DecodeTCPPack(char *TcpBuf, int iBufSize)
{
TCP_HEADER *pTcpHeader;
int iSrcPort,iDstPort;
RECEIVEINFO *ReceiveInfo = new RECEIVEINFO;
pTcpHeader = (TCP_HEADER * )TcpBuf;
//计算TCP首部长度
int TcpHeaderLen = pTcpHeader->tcp_lenres>>4; //pTcpHeader->doff;
TcpHeaderLen *= sizeof(unsigned long);
char * TcpData = TcpBuf+TcpHeaderLen; // 剩下数据
//对指定端口读数据包
iSrcPort = ntohs(pTcpHeader->tcp_SrcPort);
iDstPort = ntohs(pTcpHeader->tcp_DstPort);
if((m_iPortFilter) && (iSrcPort!=m_iPortFilter) && (iDstPort!=m_iPortFilter))
return true;
//输出
ReceiveInfo->szProtocol = m_szProtocol;
ReceiveInfo->szSrcIP = m_szSrcIP;
ReceiveInfo->szDstIP = m_szDstIP;
ReceiveInfo->iSrcPort = iSrcPort;
ReceiveInfo->iDstPort = iDstPort;
ReceiveInfo->iTTL = m_iTTL;
//判断TCP标志位
unsigned char FlagMask = 1;
for( int i=0; i<6; i++ )
{
if((pTcpHeader->tcp_flags) & FlagMask)
{
ReceiveInfo->TCPFlag[i] = TCPFlag[i];
}else{
ReceiveInfo->TCPFlag[i] = '-'; // 表示空
}
FlagMask = FlagMask<<1;
}
ReceiveInfo->iBufSize = iBufSize;
//对于长度大于40字节的包进行数据分析(IP_HEADER+TCP_HEADER=40)
if((m_ParamDecode) && (iBufSize>40))
{
//分析TCP数据段
//sprintf(OtherInfo, "[DATA]\n");
//sprintf(OtherInfo, "%s%s", OtherInfo, TcpData);
//sprintf(OtherInfo, "%s\n [DATA END]\n\n\n", OtherInfo);
ReceiveInfo->ReceiveData = TcpData;
}
AddReceiveData(ReceiveInfo);
delete ReceiveInfo;
return true;
}
// UDP解包程序
int CMySimpSnifferDlg::DecodeUDPPack(char *UdpBuf, int iBufSize)
{
UDP_HEADER *pUdpHeader;
pUdpHeader = (UDP_HEADER * )UdpBuf;
int iSrcPort = ntohs(pUdpHeader->udp_Srcport);
int iDstPort = ntohs(pUdpHeader->udp_Dstport);
RECEIVEINFO *ReceiveInfo = new RECEIVEINFO;
//对指定端口读数据包
if(m_iPortFilter)
if((iSrcPort!=m_iPortFilter) && (iDstPort!=m_iPortFilter))
return true;
//printf("%15s:%5d ->%15s:%5d ", szSourceIP, iSourcePort, szDestIP, iDestPort);
ReceiveInfo->szProtocol = m_szProtocol;
ReceiveInfo->szSrcIP = m_szSrcIP;
ReceiveInfo->iSrcPort = iSrcPort;
ReceiveInfo->szDstIP = m_szDstIP;
ReceiveInfo->iDstPort = iDstPort;
ReceiveInfo->iTTL = m_iTTL;
ReceiveInfo->Length = ntohs(pUdpHeader->udp_Len); // 包括UDP头部和数据区的总长度
ReceiveInfo->iBufSize = iBufSize;
//对于长度大于28字节的包进行数据分析(IP_HEADER+UDP_HEADER>28)
if((m_ParamDecode) && (iBufSize>28))
{
//UDP首部长度为8
char * UdpData=UdpBuf+8;
//分析UDP数据段
ReceiveInfo->ReceiveData = UdpData;
/*TStringStream *DataStringStream = new TStringStream(NULL);
try{
DataStringStream->Write(UdpData, sizeof(UdpData));
//DataStringStream->CopyFrom(UdpData, sizeof(UdpData))}
ReceiveInfo->ReceiveUdpData = DataStringStream->DataString;}
__finally{
delete DataStringStream;
}
for(unsigned int i=0;i<(iBufSize-sizeof(UDP_HEADER));i++)
{
//if (!(i%8)) sprintf(OtherInfo, "%s\n", OtherInfo);
//memset(OtherInfo, 0, strlen(OtherInfo));
if( (UdpData[i]>33) && (UdpData[i]<122) )
//sprintf(OtherInfo, "%c", UdpData[i]);
;
else
//sprintf(UdpData, "[%3x]", abs(UdpData[i]));
UdpData[i] = '_';
} */
}
AddReceiveData(ReceiveInfo);
delete ReceiveInfo;
return true;
}
int CMySimpSnifferDlg::DecodeICMPPack(char *IcmpBuf, int iBufSize)
{
ICMP_HEADER * pIcmpHeader;
pIcmpHeader = (ICMP_HEADER * )IcmpBuf;
int iIcmpType = pIcmpHeader->ic_type;
int iIcmpCode = pIcmpHeader->ic_code;
RECEIVEINFO *ReceiveInfo = new RECEIVEINFO;
//对类型进行过滤
if ((m_iPortFilter) && (iIcmpType!=m_iPortFilter)) return true;
ReceiveInfo->szProtocol = m_szProtocol;
ReceiveInfo->szSrcIP = m_szSrcIP;
ReceiveInfo->iICMPType = iIcmpType;
ReceiveInfo->szDstIP = m_szDstIP;
ReceiveInfo->iICMPCode = iIcmpCode;
ReceiveInfo->iTTL = m_iTTL;
ReceiveInfo->iBufSize = iBufSize;
//对于包含数据段的包进行数据分析
if((m_ParamDecode) && (iBufSize>24))
{
char * IcmpData=IcmpBuf+4;
//分析ICMP数据段
//for(unsigned int i=0;i<(iBufSize-sizeof(ICMP_HEADER));i++)
//{
// if (!(i%8)) printf("\n");
// if ( (IcmpData[i]>33) && (IcmpData[i]<122) )
// printf("%3c [%3x]", IcmpData[i], IcmpData[i]);
// else printf(" [%3x]", abs(IcmpData[i]));
//}
ReceiveInfo->ReceiveData = IcmpData;
}
AddReceiveData(ReceiveInfo);
delete ReceiveInfo;
return true;
}
void CMySimpSnifferDlg::AddReceiveData(RECEIVEINFO *ReceiveInfo)
{
int index;
CString szSrcPort, szDstPort, szSize, szData;
szSrcPort.Format("%d",ReceiveInfo->iSrcPort);
szDstPort.Format("%d",ReceiveInfo->iDstPort);
szSize.Format("%d",ReceiveInfo->Length);
if(ReceiveInfo->szProtocol == "ICMP")
szData.Format("type:%d code:%d data:%s",ReceiveInfo->iICMPType,ReceiveInfo->iICMPCode,ReceiveInfo->ReceiveData);
else
szData.Format(" %s",ReceiveInfo->ReceiveData);
index = m_listdata.InsertItem(0,ReceiveInfo->szProtocol);
m_listdata.SetItem(index,1,LVIF_TEXT,ReceiveInfo->szSrcIP, 0, 0, 0,0);
m_listdata.SetItem(index,2,LVIF_TEXT,szSrcPort, 0, 0, 0,0);
m_listdata.SetItem(index,3,LVIF_TEXT,ReceiveInfo->szDstIP, 0, 0, 0,0);
m_listdata.SetItem(index,4,LVIF_TEXT,szDstPort, 0, 0, 0,0);
m_listdata.SetItem(index,5,LVIF_TEXT,szSize, 0, 0, 0,0);
m_listdata.SetItem(index,6,LVIF_TEXT,szData, 0, 0, 0,0);
}
void CMySimpSnifferDlg::Close_Thread()
{
DWORD dwValue;
if( NULL != m_threadID )
PostThreadMessage(m_threadID,WM_CLOSE,0,0);
if(SockRaw != NULL)
{
//设置SOCK_RAW为SIO_RCVALL,停止接收
dwValue = 0;
if( ioctlsocket(SockRaw, SIO_RCVALL, &dwValue) != 0 )
{
closesocket( SockRaw ) ;
AfxMessageBox( "Stop! ioctlsocket SIO_RCVALL error!" ) ;
exit(1);
}
}
WSACleanup();
}
// 初始化列表框
void CMySimpSnifferDlg::InitList()
{
DWORD dwStyle=GetWindowLong(m_listdata.GetSafeHwnd(),GWL_STYLE);
dwStyle&=~LVS_TYPEMASK;
dwStyle|=LVS_REPORT;
SetWindowLong(m_listdata.GetSafeHwnd(),GWL_STYLE,dwStyle);
//设置30列的列表框
m_listdata.InsertColumn(0,"协议",LVCFMT_LEFT,38); //IP头中的数据
m_listdata.InsertColumn(1,"源地址",LVCFMT_LEFT,102); //IP头中的数据
m_listdata.InsertColumn(2,"端口",LVCFMT_LEFT,45); //TCP,UDP头中的数据
m_listdata.InsertColumn(3,"目的地址",LVCFMT_LEFT,102); //IP头中的数据
m_listdata.InsertColumn(4,"端口",LVCFMT_LEFT,45); //TCP,UDP头中的数据
m_listdata.InsertColumn(5,"数据大小",LVCFMT_CENTER,60);
m_listdata.InsertColumn(6,"数据",LVCFMT_LEFT,371); //0); 表示不显示,但该列存在
//IP头不显示的字段信息
m_listdata.InsertColumn(7,"IP_version",LVCFMT_LEFT,0); //IP版本号
m_listdata.InsertColumn(8,"IP_HLen",LVCFMT_LEFT,0); //IP头长度
m_listdata.InsertColumn(9,"ToS",LVCFMT_LEFT,0); //Type of Service
m_listdata.InsertColumn(10,"Item10",LVCFMT_LEFT,0); //Total Length
m_listdata.InsertColumn(11,"Item11",LVCFMT_LEFT,0); //Identification
m_listdata.InsertColumn(12,"Item12",LVCFMT_LEFT,0); //Flags
m_listdata.InsertColumn(13,"Item13",LVCFMT_LEFT,0); //Fragment Offset
m_listdata.InsertColumn(14,"Item14",LVCFMT_LEFT,0); //Time to Live
m_listdata.InsertColumn(15,"Item15",LVCFMT_LEFT,0); //Header Checksum
//TCP/UDP等不显示的字段信息
m_listdata.InsertColumn(16,"Item16",LVCFMT_LEFT,0); //TCP: Sequence Number
m_listdata.InsertColumn(17,"Item17",LVCFMT_LEFT,0); //TCP: Ack Number
m_listdata.InsertColumn(18,"Item18",LVCFMT_LEFT,0); //TCP: Data Offset(HLen) //UDP: udp_Len 长度
m_listdata.InsertColumn(19,"Item19",LVCFMT_LEFT,0); //TCP: Reserved Bits
m_listdata.InsertColumn(20,"Item20",LVCFMT_LEFT,0); //TCP: Flags
m_listdata.InsertColumn(21,"Item21",LVCFMT_LEFT,0); //TCP: URG
m_listdata.InsertColumn(22,"Item22",LVCFMT_LEFT,0); //TCP: ACK
m_listdata.InsertColumn(23,"Item23",LVCFMT_LEFT,0); //TCP: PSH
m_listdata.InsertColumn(24,"Item24",LVCFMT_LEFT,0); //TCP: RST
m_listdata.InsertColumn(25,"Item25",LVCFMT_LEFT,0); //TCP: SYN
m_listdata.InsertColumn(26,"Item26",LVCFMT_LEFT,0); //TCP: FIN
m_listdata.InsertColumn(27,"Item27",LVCFMT_LEFT,0); //TCP: Window Size
m_listdata.InsertColumn(28,"Item28",LVCFMT_LEFT,0); //TCP: Checksum //UDP: udp_ChkSum
m_listdata.InsertColumn(29,"Item29",LVCFMT_LEFT,0); //TCP: Urgent Pointer
::SendMessage(m_listdata.m_hWnd, LVM_SETEXTENDEDLISTVIEWSTYLE,
LVS_EX_FULLROWSELECT, LVS_EX_FULLROWSELECT);
//AddData("a","","","","","","ABCDEFGHIJKsadfasdfasd");
}
void CMySimpSnifferDlg::OnCHKSrcIP()
{
// TODO: Add your control notification handler code here
CButton* pChkflag = (CButton*)GetDlgItem(IDC_CHK_SrcIP);
CEdit* pIpaddr = (CEdit*)GetDlgItem(IDC_IPAddr_Src);
BOOL bChkflag = pChkflag->GetCheck();
//if(pChkflag->GetCheck())
{
pIpaddr->EnableWindow(bChkflag);
if(bChkflag)
{
pIpaddr->SetWindowText("192.168.0.1");
pIpaddr->SetFocus();
}else
pIpaddr->SetWindowText("");
}
}
void CMySimpSnifferDlg::OnCHKDstIP()
{
// TODO: Add your control notification handler code here
CButton* pChkflag = (CButton*)GetDlgItem(IDC_CHK_DstIP);
CEdit* pIpaddr = (CEdit*)GetDlgItem(IDC_IPAddr_Dst);
BOOL bChkflag = pChkflag->GetCheck();
//if(pChkflag->GetCheck())
{
pIpaddr->EnableWindow(bChkflag);
if(bChkflag)
{
pIpaddr->SetWindowText("192.168.0.1");
pIpaddr->SetFocus();
}else
pIpaddr->SetWindowText("");
}
}
// 获得参数设置 -- 控制操作
void CMySimpSnifferDlg::GetParamSet()
{
// 需要监测的源/目的IP地址 变量赋值
CString szStr;
CButton* pChkflag1 = (CButton*)GetDlgItem(IDC_CHK_SrcIP);
if(pChkflag1->GetCheck())
{
CEdit* pIpaddr1 = (CEdit*)GetDlgItem(IDC_IPAddr_Src);
pIpaddr1->GetWindowText(szStr);
m_strFromIpFilter = szStr.GetBuffer(szStr.GetLength());
//AfxMessageBox(m_strFromIpFilter);
}else
m_strFromIpFilter = NULL;
CButton* pChkflag2 = (CButton*)GetDlgItem(IDC_CHK_DstIP);
if(pChkflag2->GetCheck())
{
CEdit* pIpaddr2 = (CEdit*)GetDlgItem(IDC_IPAddr_Dst);
pIpaddr2->GetWindowText(szStr);
m_strDestIpFilter = szStr.GetBuffer(szStr.GetLength());
//AfxMessageBox(m_strDestIpFilter);
}else
m_strDestIpFilter = NULL;
}
void CMySimpSnifferDlg::AddData(CString s0, CString s1, CString s2, CString s3, CString s4, CString s5, CString s6)
{
int index;
index = m_listdata.InsertItem(0,s0);
m_listdata.SetItem(index,1,LVIF_TEXT,s1, 0, 0, 0,0); //m_listdata.SetItemText(index,1,s1);
m_listdata.SetItem(index,2,LVIF_TEXT,s2, 0, 0, 0,0);
m_listdata.SetItem(index,3,LVIF_TEXT,s3, 0, 0, 0,0);
m_listdata.SetItem(index,4,LVIF_TEXT,s4, 0, 0, 0,0);
m_listdata.SetItem(index,5,LVIF_TEXT,s5, 0, 0, 0,0);
m_listdata.SetItem(index,6,LVIF_TEXT,s6, 0, 0, 0,0);
m_listdata.SetItemData(index,100);
}
/*UINT threadFunc( LPVOID p )
{
CMySimpSnifferDlg *pDlg = static_cast<CMySimpSnifferDlg *>(p) ;
char buf[MAX_PACK_LEN] , *bufwork ;
MSG msg ;
int iRet ;
DWORD dwErr ;
char *pSource , *pDest ;
in_addr ina ;
char szSource [16] , szDest[16] , szErr [ 50 ];
char *pLastBuf = NULL ;
int HdrLen, totallen;
WORD sourport, destport;
IP_HEADER *pIpHead;
TCP_HEADER *pTCPHead;
ICMP_HEADER *pICMPHead;
UDP_HEADER *pUDPHead;
BYTE *pdata = NULL;
pDlg->GetParamSet();
//AfxMessageBox(pDlg->m_strFromIpFilter);
PeekMessage(&msg, NULL, WM_USER, WM_USER, PM_NOREMOVE) ; // Force to make the queue
pDlg->m_threadID = GetCurrentThreadId();
while( TRUE )
{
if( PeekMessage( &msg , 0 , WM_CLOSE,WM_CLOSE,PM_NOREMOVE ) )
{
closesocket( pDlg->SockRaw ) ;
pDlg->m_threadID = 0 ;
// Only after you see Next message you can press on Start button
pDlg->m_start.EnableWindow(TRUE) ;
break ;
}
// 接收数据
memset( buf , 0 , sizeof(buf) ) ;
iRet = recv( pDlg->SockRaw , buf , sizeof( buf ) , 0 ) ;
if( iRet == SOCKET_ERROR )
{
dwErr = WSAGetLastError() ;
sprintf( szErr , "Error recv() = %ld " , dwErr ) ;
continue ;
}else{
if( *buf )
{
// check IP here
bufwork = buf ;
pIpHead = (IP_HEADER *)bufwork ;
WORD iLen = ntohs(pIpHead->ip_len) ;
while( TRUE )
{
if( iLen <= iRet )
{
ina.S_un.S_addr = pIpHead->ip_srcIP ;
pSource = inet_ntoa( ina ) ;
strcpy( szSource , pSource ) ;
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?