mysimpsnifferdlg.cpp
来自「一个关于局域网简单抓包工具」· C++ 代码 · 共 1,943 行 · 第 1/5 页
CPP
1,943 行
GETSETPARAM *pParam = (GETSETPARAM *)pthreadArg;
CMySimpSnifferDlg *pDlg = (CMySimpSnifferDlg *)(pParam->pDialog);
MSG msg ;
IP_HEADER *pIpHead; // IP头结构指针
TCP_HEADER *pTCPHead;
UDP_HEADER *pUDPHead;
ICMP_HEADER *pICMPHead;
IGMP_HEADER *pIGMPHead;
char buf[MAX_PACK_LEN] ;//, *bufwork;
int iRet;
in_addr inSrc,inDst; // 在winsock2.h文件中定义的结构体
// 也可以用SOCKADDR_IN定义: SOCKADDR_IN saSource, saDest;
char *pSrcIP, *pDstIP; //源、目的IP地址指针
char szSrcIP[MAX_ADDR_LEN], szDstIP[MAX_ADDR_LEN]; //szSrcIP[16], szDstIP[16];
char *pSrcIpFilter=NULL, *pDstIpFilter=NULL; //监测的源、目的IP地址指针
int iIphLen, iData_len; //IP头长度,数据长度
int SrcPort, DstPort; //源、目的端口号
int iSrcPFilter=0, iDstPFilter=0; //监测的源、目的端口号
BYTE *pdata = NULL;
bool bUDP; // 是否关注UDP报文
bool bTCP; // 是否关注TCPP报文
bool bICMP; // 是否关注ICMP报文
//pSrcIpFilter = "192.168.10.35";
//pDstIpFilter = "192.168.10.103";
pSrcIpFilter = pParam->SrcIP;
pDstIpFilter = pParam->DstIP;
iSrcPFilter = pParam->iSrcPort;
iDstPFilter = pParam->iDstPort;
bTCP = pParam->bTCP;
bUDP = pParam->bUDP;
bICMP = pParam->bICMP;
PeekMessage(&msg, NULL, WM_USER, WM_USER, PM_NOREMOVE) ; // Force to make the queue
pDlg->m_threadID = GetCurrentThreadId();
while( !pDlg->bStop )
{
if( PeekMessage( &msg , 0 , WM_CLOSE,WM_CLOSE,PM_NOREMOVE ) )
{
closesocket( pDlg->SockRaw ) ;
pDlg->m_threadID = 0 ;
// Only after you see Next message you can press on Start button
pDlg->m_start.EnableWindow(TRUE) ;
break ;
}
//接收数据
ZeroMemory(buf,sizeof(buf));
memset( buf , 0 , sizeof(buf) ) ;
iRet = recv( pDlg->SockRaw , buf , sizeof(buf) , 0 ); //iRet为接收的数据包的长度(一定小于MAX_PACK_LEN即65535)
if( iRet == SOCKET_ERROR ) //出错等待而不是退出
continue ;
else{
if( *buf ) //如果buf中有数据
{ //Check IP here
//bufwork = buf ;
pIpHead = (IP_HEADER *)buf;//work;
WORD iLen = ntohs(pIpHead->ip_len) ;
int iSrcFilter = 0, iDstFilter = 0;
*//* inSrc.S_un.S_addr = pIpHead->ip_srcIP;
pSrcIP = inet_ntoa( inSrc );
strcpy( szSrcIP , pSrcIP ); //源IP地址
inDst.S_un.S_addr = pIpHead->ip_dstIP;
pDstIP = inet_ntoa( inDst );
strcpy( szDstIP , pDstIP ); //目的IP地址
*//*
if((strcmp(pSrcIpFilter,"0.0.0.0")!=0) && (strcmp(pDstIpFilter,"0.0.0.0")!=0)) //源、目的都给定IP
{
inSrc.S_un.S_addr = pIpHead->ip_srcIP;
pSrcIP = inet_ntoa( inSrc );
strcpy( szSrcIP , pSrcIP ); //源IP地址
inDst.S_un.S_addr = pIpHead->ip_dstIP;
pDstIP = inet_ntoa( inDst );
strcpy( szDstIP , pDstIP ); //目的IP地址
if(strcmp(pSrcIpFilter,pSrcIP)!=0) //否
iSrcFilter = 1;
else
iSrcFilter = 0;
if(strcmp(pDstIpFilter,pDstIP)!=0) //否
iDstFilter = 1;
else
iDstFilter = 0;
if(iSrcFilter + iDstFilter == 2) continue; //点到点if(iSrcFilter + iDstFilter != 0) continue;
}else if((strcmp(pSrcIpFilter,"0.0.0.0")!=0) && (strcmp(pDstIpFilter,"0.0.0.0")==0))
{ //源给定、目的不定
inDst.S_un.S_addr = pIpHead->ip_dstIP;
pDstIP = inet_ntoa( inDst );
strcpy( szDstIP , pDstIP ); //目的IP地址
inSrc.S_un.S_addr = pIpHead->ip_srcIP;
pSrcIP = inet_ntoa( inSrc );
strcpy( szSrcIP , pSrcIP ); //源IP地址
if(strcmp(pSrcIpFilter,pSrcIP)!=0) continue;
}else if((strcmp(pSrcIpFilter,"0.0.0.0")==0) && (strcmp(pDstIpFilter,"0.0.0.0")!=0))
{ //源不定、目的给定
inSrc.S_un.S_addr = pIpHead->ip_srcIP;
pSrcIP = inet_ntoa( inSrc );
strcpy( szSrcIP , pSrcIP ); //源IP地址
inDst.S_un.S_addr = pIpHead->ip_dstIP;
pDstIP = inet_ntoa( inDst );
strcpy( szDstIP , pDstIP ); //目的IP地址
if(strcmp(pDstIpFilter,pDstIP)!=0) continue;
}else{
inSrc.S_un.S_addr = pIpHead->ip_srcIP;
pSrcIP = inet_ntoa( inSrc );
strcpy( szSrcIP , pSrcIP ); //源IP地址
inDst.S_un.S_addr = pIpHead->ip_dstIP;
pDstIP = inet_ntoa( inDst );
strcpy( szDstIP , pDstIP ); //目的IP地址
}
CString str, strProto, strSourPort, strDestPort, strData, strSize;
strProto = pDlg->CheckProtocol( pIpHead->ip_proto );
iIphLen = pIpHead->ip_verlen & 0xf;
iIphLen *= 4; //计算IP头长度
iData_len = ntohs(pIpHead->ip_len); //总长
iData_len -= iIphLen; //用户数据长度(仅去掉了IP头)
switch(pIpHead->ip_proto)
{
case IPPROTO_TCP:
{
if(!bTCP) continue;
pTCPHead=(TCP_HEADER *)(buf+iIphLen);
SrcPort = ntohs(pTCPHead->tcp_SrcPort);
DstPort = ntohs(pTCPHead->tcp_DstPort);
//if((iSrcPFilter>0) && (iSrcPFilter!=SrcPort)) continue;
//if((iDstPFilter>0) && (iDstPFilter!=DstPort)) continue;
if( ((iSrcPFilter>0) && (iSrcPFilter!=SrcPort)) && ((iDstPFilter>0) && (iDstPFilter!=DstPort)) ) continue;
strSourPort.Format("%d",SrcPort);
strDestPort.Format("%d",DstPort);
iIphLen = (pTCPHead->tcp_lenres)>>4;
iIphLen *= 4;
pdata=((BYTE *)pTCPHead)+iIphLen;
iData_len -= iIphLen;
break;
}
case IPPROTO_UDP:
{
if(!bUDP) continue;
pUDPHead=(UDP_HEADER *)(buf+iIphLen);
SrcPort = ntohs(pUDPHead->udp_Srcport);
DstPort = ntohs(pUDPHead->udp_Dstport);
if( ((iSrcPFilter>0) && (iSrcPFilter!=SrcPort)) && ((iDstPFilter>0) && (iDstPFilter!=DstPort)) ) continue;
strSourPort.Format("%d",SrcPort);
strDestPort.Format("%d",DstPort);
pdata=((BYTE *)pUDPHead)+U_HLEN;
iData_len -= U_HLEN;
break;
}
case IPPROTO_ICMP:
{
if(!bICMP) continue;
pICMPHead=(ICMP_HEADER *)(buf+iIphLen);
strSourPort = "-";
strDestPort = "-";
pdata=((BYTE *)pICMPHead)+4;//ICMP_HEAD_LEN;
iData_len -= 4;//ICMP_HEAD_LEN;
break;
}
case IPPROTO_IGMP:
{
pIGMPHead=(IGMP_HEADER *)(buf+iIphLen);
strSourPort = "-";
strDestPort = "-";
pdata=((BYTE *)pICMPHead)+IG_HLEN;
iData_len -= IG_HLEN;
break;
}
}//end switch
if(pIpHead->ip_proto == IPPROTO_ICMP)
strData.Format("type:%d code:%d data:%s",pICMPHead->ic_type,pICMPHead->ic_code,pdata);
else
strData.Format(" %s",pdata);
strSize.Format("%d",iData_len);
pDlg->AddData(strProto,szSrcIP,strSourPort,szDstIP,strDestPort,strSize,strData);
//Sleep stabilize work of list,otherwise sometimes pressing on scroll cased close of program
//Sleep(50) ;
}else{
AfxMessageBox( "本局域网中没有传输的数据!" ) ;
continue ;
}
}
//Sleep( 100 ) ; // Polling each 100 millisecond
}
return true;
} */
void CMySimpSnifferDlg::SetListCtrlData(int ntype, char *pSetData)
{
ListCtrlStruct *pListCtrl = new ListCtrlStruct;
IP_HEADER *pIP;
TCP_HEADER *pTcp;
UDP_HEADER *pUdp;
ICMP_HEADER *pIcmp;
in_addr inaddr;
char *pIpAddr;
BYTE *pdata = NULL;
int nNumber, nIPHlen, iData_len;
CString szStr;
pIP = (IP_HEADER *)pSetData;
inaddr.S_un.S_addr = pIP->ip_srcIP;
pIpAddr = inet_ntoa( inaddr );
pListCtrl->item1 = pIpAddr; //源IP地址
inaddr.S_un.S_addr = pIP->ip_dstIP;
pIpAddr = inet_ntoa( inaddr );
pListCtrl->item3 = pIpAddr; //目的IP地址
//nNumber = (pIP->ip_verlen >> 4) & 0xf;
nNumber = (pIP->ip_verlen)>>4;
szStr.Format("%d",nNumber);
pListCtrl->item7 = szStr; //Version
nIPHlen = pIP->ip_verlen & 0xf;
nIPHlen *= 4;
szStr.Format("%d",nIPHlen);
pListCtrl->item8 = szStr; //IP头长度
iData_len = ntohs(pIP->ip_len);//总长
iData_len -= nIPHlen ; //用户数据长度(仅去掉了IP头)
nNumber = pIP->ip_tos;
szStr.Format("%d",nNumber);
pListCtrl->item9 = szStr;
nNumber = ntohs(pIP->ip_len);
szStr.Format("%d",nNumber);
pListCtrl->item10 = szStr;
nNumber = ntohs(pIP->ip_id);
szStr.Format("%d",nNumber);
pListCtrl->item11 = szStr;
nNumber = ntohs(pIP->ip_frags); //Flags + Fragment Offset
szStr.Format("%d",nNumber);
pListCtrl->item12 = szStr; //标志位应该用十六进制表示 ???
pListCtrl->item13 = szStr; //Fragment Offset
nNumber = pIP->ip_ttl;
szStr.Format("%d",nNumber);
pListCtrl->item14 = szStr;
nNumber = ntohs(pIP->ip_chksum);
szStr.Format("%d",nNumber);
pListCtrl->item15 = szStr;
switch (ntype)
{
case IPPROTO_TCP:
pListCtrl->item0 = "TCP";
pTcp = (TCP_HEADER *)(pSetData+nIPHlen);
nNumber = ntohs(pTcp->tcp_SrcPort);
szStr.Format("%d",nNumber);
pListCtrl->item2 = szStr; //源端口
nNumber = ntohs(pTcp->tcp_DstPort);
szStr.Format("%d",nNumber);
pListCtrl->item4 = szStr; //目的端口
nNumber = (pTcp->tcp_lenres)>>4;
nNumber *= 4;
szStr.Format("%d",nNumber);
pListCtrl->item18 = szStr; //TCP头长度
pdata=((BYTE *)pTcp)+nNumber;
szStr.Format("%s",pdata);
pListCtrl->item6 = szStr; //数据
iData_len -= nNumber; //总长度
nNumber = ntohs(pTcp->tcp_SeqNo);
szStr.Format("%d",nNumber);
pListCtrl->item16 = szStr;
nNumber = ntohs(pTcp->tcp_AckNo);
szStr.Format("%d",nNumber);
pListCtrl->item17 = szStr; //ACK
//pTcp->tcp_lenres; //后4位+(pTcp->tcp_flags前两位) = Reserved
//pListCtrl->item19 = szStr; //保留字
//pTcp->tcp_flags; //后6位标志(URG,ACK,PSH,RST,SYN,FIN)
nNumber = TCP_IF_URG(pTcp);
if(nNumber>0) szStr="1";
else szStr="0";
pListCtrl->item21 = szStr; //URG
nNumber = TCP_IF_ACK(pTcp);
//szStr.Format("%d",nNumber);
if(nNumber>0) szStr="1";
else szStr="0";
pListCtrl->item22 = szStr; //ACK
nNumber = TCP_IF_PSH(pTcp);
//szStr.Format("%d",nNumber);
if(nNumber>0) szStr="1";
else szStr="0";
pListCtrl->item23 = szStr; //PSH
nNumber = TCP_IF_RST(pTcp);
//szStr.Format("%d",nNumber);
if(nNumber>0) szStr="1";
else szStr="0";
pListCtrl->item24 = szStr; //RST
nNumber = TCP_IF_SYN(pTcp);
//szStr.Format("%d",nNumber);
if(nNumber>0) szStr="1";
else szStr="0";
pListCtrl->item25 = szStr; //SYN
nNumber = TCP_IF_FIN(pTcp);
//szStr.Format("%d",nNumber);
if(nNumber>0) szStr="1";
else szStr="0";
pListCtrl->item26 = szStr; //FIN
nNumber = ntohs(pTcp->tcp_WndSize);
szStr.Format("%d",nNumber);
pListCtrl->item27 = szStr;
nNumber = ntohs(pTcp->tcp_ChkSum);
szStr.Format("%d",nNumber);
pListCtrl->item28 = szStr;
nNumber = ntohs(pTcp->tcp_UrgPtr);
szStr.Format("%d",nNumber);
pListCtrl->item29 = szStr;
break;
case IPPROTO_UDP:
pListCtrl->item0 = "UDP";
pUdp = (UDP_HEADER *)(pSetData+nIPHlen);
nNumber = ntohs(pUdp->udp_Srcport);
szStr.Format("%d",nNumber);
pListCtrl->item2 = szStr; //源端口
nNumber = ntohs(pUdp->udp_Dstport);
szStr.Format("%d",nNumber);
pListCtrl->item4 = szStr; //目的端口
//nNumber = pUdp->udp_Len; //udp总长
//szStr.Format("%d",nNumber);
pListCtrl->item18 = "8"; //UDP头长度
nNumber = pUdp->udp_ChkSum;
szStr.Format("%d",nNumber);
pListCtrl->item28 = szStr; //CheckSum
pdata=((BYTE *)pUdp)+U_HLEN;
szStr.Format("%s",pdata);
pListCtrl->item6 = szStr; //数据
iData_len -= U_HLEN;
break;
case IPPROTO_ICMP:
pListCtrl->item0 = "ICMP";
pIcmp = (ICMP_HEADER *)(pSetData+nIPHlen);
pdata=((BYTE *)pIcmp)+4;//ICMP_HEAD_LEN;
iData_len -= 4;//ICMP_HEAD_LEN;
pListCtrl->item2 = "-"; //源端口
pListCtrl->item4 = "-"; //目的端口
nNumber = pIcmp->ic_type;
szStr.Format("%d",nNumber);
pListCtrl->item7 = szStr;
nNumber = pIcmp->ic_code;
szStr.Format("%d",nNumber);
pListCtrl->item8 = szStr;
nNumber = pIcmp->ic_cksum;
szStr.Format("%d",nNumber);
pListCtrl->item9 = szStr;
nNumber = pIcmp->ic_id;
szStr.Format("%d",nNumber);
pListCtrl->item10 = szStr;
nNumber = pIcmp->ic_seq;
szStr.Format("%d",nNumber);
pListCtrl->item11 = szStr;
pdata=((BYTE *)pIcmp)+U_HLEN;
szStr.Format("type:%d code:%d id:%d seq=%d cksum=%d data:%s",pIcmp->ic_type,pIcmp->ic_code,pIcmp->ic_id,pIcmp->ic_seq,pIcmp->ic_cksum,pdata);
pListCtrl->item6 = szStr; //数据
iData_len -= U_HLEN;
break;
case IPPROTO_IGMP:
break;
default:
return;
}
szStr.Format("%d",iData_len);
pListCtrl->item5 = szStr; //用户数据长度(除⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?