📄 431.htm
字号:
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>CTerm非常精华下载</title>
</head>
<body bgcolor="#FFFFFF">
<table border="0" width="100%" cellspacing="0" cellpadding="0" height="577">
<tr><td width="32%" rowspan="3" height="123"><img src="DDl_back.jpg" width="300" height="129" alt="DDl_back.jpg"></td><td width="30%" background="DDl_back2.jpg" height="35"><p align="center"><a href="http://apue.dhs.org"><font face="黑体"><big><big>apue</big></big></font></a></td></tr>
<tr>
<td width="68%" background="DDl_back2.jpg" height="44"><big><big><font face="黑体"><p align="center"> ● UNIX网络编程 (BM: clown) </font></big></big></td></tr>
<tr>
<td width="68%" height="44" bgcolor="#000000"><font face="黑体"><big><big><p align="center"></big></big><a href="http://cterm.163.net"><img src="banner.gif" width="400" height="60" alt="banner.gif"border="0"></a></font></td>
</tr>
<tr><td width="100%" colspan="2" height="100" align="center" valign="top"><br><p align="center">[<a href="index.htm">回到开始</a>][<a href="317.htm">上一层</a>][<a href="432.htm">下一篇</a>]
<hr><p align="left"><small>发信人: AngelFalls (Happiness Forever), 信区: Security <br>
标 题: anti_sniffer程序 <br>
发信站: 武汉白云黄鹤站 (Wed Mar 29 18:18:54 2000), 站内信件 <br>
#include <netdb.h> <br>
#include <stdio.h> <br>
#include <sys/types.h> <br>
#include <sys/socket.h> <br>
#include <net/if_packet.h> <br>
#include <sys/ioctl.h> <br>
#include <net/if.h> <br>
#include <netinet/in.h> <br>
#include <netinet/ip.h> <br>
#include <netinet/if_ether.h> <br>
#include <string.h> <br>
#include <arpa/inet.h> <br>
#include <net/if_arp.h> <br>
#include <netinet/tcp.h> <br>
#include <netinet/udp.h> <br>
#include <unistd.h> <br>
#include <fcntl.h> <br>
struct arp_hdr{ <br>
u_char dst_addr[6]; <br>
u_char src_addr[6]; <br>
u_short frame_type; <br>
u_short hw_type; <br>
u_short proto_type; <br>
u_char hw_addr_len; <br>
u_char proto_addr_len; <br>
u_short op; <br>
u_char snd_hw_addr[6]; <br>
u_char snd_ip_addr[4]; <br>
u_char rcv_hw_addr[6]; <br>
u_char rcv_ip_addr[4]; <br>
}; <br>
void dealARP(struct arp_hdr *ahdr) <br>
{ <br>
struct in_addr daddr, saddr; <br>
char str_s[32], str_d[32]; <br>
printf("\nARP datagram from %.2x:%.2x:%.2x:%.2x:%.2x:%.2x to %.2x:%. <br>
2x:% <br>
.2x:%.2x:%.2x:%.2x\n", <br>
ahdr->src_addr[0], ahdr->src_addr[1], ahdr->src_addr[2], ahd <br>
r->s <br>
rc_addr[3], <br>
ahdr->src_addr[4], ahdr->src_addr[5], ahdr->dst_addr[0], ahd <br>
r->d <br>
st_addr[1], <br>
ahdr->dst_addr[2], ahdr->dst_addr[3], ahdr->dst_addr[4], ahd <br>
r->d <br>
st_addr[5]); <br>
switch( ntohs(ahdr->op) ) <br>
{ <br>
case 1: <br>
printf("Operation : ARP Request\n"); <br>
break; <br>
case 2: <br>
printf("Operation : ARP Reply\n"); <br>
break; <br>
case 3: <br>
printf("Operation : RARP Request\n"); <br>
break; <br>
case 4: <br>
printf("Operation : RARP Reply\n"); <br>
break; <br>
default: <br>
printf("Operation : %d\n", ntohs(ahdr->op)); <br>
break; <br>
} <br>
memcpy(&daddr, ahdr->rcv_ip_addr, 4); <br>
memcpy(&saddr, ahdr->snd_ip_addr, 4); <br>
strcpy(str_s, inet_ntoa(saddr)); <br>
strcpy(str_d, inet_ntop(AF_INET, &daddr, str_d, sizeof(str_d))); <br>
printf("Source IP : %s, Dest IP : %s\n", str_s, str_d); <br>
} <br>
int main(int argc, char *argv[]) <br>
{ <br>
int sock_pak, i, flag, verbose = 0; <br>
struct ifreq ifr; <br>
struct sockaddr_in *sa, sa_in; <br>
struct sockaddr sa_local; <br>
u_int32_t nmask, uni_ip, brd_ip, t_ip, t_ip2, dst; <br>
u_char ucMac[6], recvbuf[1024]; <br>
struct arp_hdr *ahdr = (struct arp_hdr*)recvbuf; <br>
if( argc != 1 && argc != 2) <br>
{ <br>
printf("Usage : %s [-v]\n", argv[0]); <br>
exit(-1); <br>
} <br>
if( argc == 2 ) <br>
if( strcmp(argv[1], "-v")==0 ) <br>
verbose = 1; <br>
else <br>
{ <br>
printf("Usage : %s [-v]\n", argv[0]); <br>
exit(-1); <br>
} <br>
if( (sock_pak = socket(PF_INET, SOCK_PACKET, htons(ETH_P_ARP))) < 0 <br>
) <br>
{ <br>
perror("Socket"); <br>
exit(-1); <br>
} <br>
setuid(getuid()); <br>
strcpy(ifr.ifr_name, "eth0"); <br>
if( ioctl(sock_pak, SIOCGIFHWADDR, &ifr) < 0 ) <br>
{ <br>
perror("Ioctl SIOGIFHWADDR"); <br>
exit(-1); <br>
} <br>
memcpy(ucMac, &ifr.ifr_hwaddr.sa_data, 6); <br>
printf("Eth0 MAC : %.2x:%.2x:%.2x:%.2x:%.2x:%.2x\n", ucMac[0], ucMac <br>
[1], <br>
ucMac[2], ucMac[3], ucMac[4], ucMac[5]); <br>
if( ioctl(sock_pak, SIOCGIFADDR, &ifr) < 0 ) <br>
{ <br>
perror("Ioctl SIOGIFADDR"); <br>
exit(-1); <br>
} <br>
sa = (struct sockaddr_in*)&ifr.ifr_addr; <br>
uni_ip = ntohl(sa->sin_addr.s_addr); <br>
printf("Eth0 IP : %s\n", inet_ntoa(sa->sin_addr)); <br>
if( ioctl(sock_pak, SIOCGIFBRDADDR, &ifr) < 0 ) <br>
{ <br>
perror("Ioctl SIOCGIFBRDADDR"); <br>
exit(-1); <br>
} <br>
sa = (struct sockaddr_in*)&ifr.ifr_broadaddr; <br>
brd_ip = ntohl(sa->sin_addr.s_addr); <br>
printf("Eth0 BCast IP : %s\n", inet_ntoa(sa->sin_addr)); <br>
if( ioctl(sock_pak, SIOCGIFNETMASK, &ifr) < 0 ) <br>
{ <br>
perror("Ioctl SIOGGIFNETMASK"); <br>
exit(-1); <br>
} <br>
sa = (struct sockaddr_in*)&ifr.ifr_netmask; <br>
nmask = ntohl(sa->sin_addr.s_addr); <br>
sa = (struct sockaddr_in*)&ifr.ifr_netmask; <br>
printf("Eth0 Netmask : %s\n", inet_ntoa(sa->sin_addr)); <br>
if( ( flag = fcntl(sock_pak, F_GETFL, 0)) < 0 ) <br>
{ <br>
perror("Fcntl F_GETFL"); <br>
exit(-1); <br>
} <br>
if( fcntl(sock_pak, F_SETFL, flag | O_NONBLOCK) < 0 ) <br>
{ <br>
perror("Fcntl F_SETFL"); <br>
exit(-1); <br>
} <br>
for(i=0; i<80; i++) <br>
printf("+"); <br>
printf("\n> Scanning...\n"); <br>
for(dst = (nmask & uni_ip)+1; dst < brd_ip; dst++) <br>
{ <br>
bzero(recvbuf, 1024); <br>
memset(ahdr->dst_addr, 0, 6); <br>
memset(ahdr->dst_addr, 0xff, 1); <br>
memcpy(ahdr->src_addr, ucMac, 6); <br>
ahdr->frame_type = htons(0x0806); //ethernet frame <br>
ahdr->hw_type = htons(1); //ethernet hw <br>
ahdr->proto_type = htons(0x0800); <br>
ahdr->hw_addr_len = 6; <br>
ahdr->proto_addr_len = 4; <br>
ahdr->op = htons(0x0001); <br>
memcpy(ahdr->snd_hw_addr, ucMac, 6); <br>
t_ip = htonl(uni_ip); <br>
memcpy(ahdr->snd_ip_addr, &t_ip, 4); <br>
memset(ahdr->rcv_hw_addr, 0, 6); <br>
t_ip = htonl(dst); <br>
memcpy(ahdr->rcv_ip_addr, &t_ip, 4); <br>
sa_local.sa_family = AF_LOCAL; <br>
strcpy(sa_local.sa_data, "eth0"); <br>
if( sendto(sock_pak, recvbuf, sizeof(struct arp_hdr), 0, &sa <br>
_loc <br>
al, sizeof(sa_local)) < 0 ) <br>
perror("Sendto"); <br>
usleep(10); <br>
i = recvfrom(sock_pak, recvbuf, 1024, 0, &sa_local, &flag); <br>
if( i < sizeof(struct arp_hdr) ) <br>
continue; <br>
memcpy(&t_ip, ahdr->rcv_ip_addr, 4); <br>
memcpy(&t_ip2, ahdr->snd_ip_addr, 4); <br>
if( ntohs(ahdr->op) == 0x0002 && ntohl(t_ip) == uni_ip <br>
&& dst - ntohl(t_ip2) >= 0 && dst - ntohl(t_ip2) <= <br>
2 ) <br>
{ <br>
bzero(&sa_in, sizeof(struct sockaddr_in)); <br>
sa_in.sin_family = AF_INET; <br>
sa_in.sin_addr.s_addr = t_ip2; <br>
printf("> Host %s Promisc Mode detected\n", inet_nto <br>
a(sa <br>
_in.sin_addr)); <br>
} <br>
else if(verbose) <br>
dealARP(ahdr); <br>
} <br>
printf("> Scanning End.\n"); <br>
} <br>
-- <br>
Wish your sky be sunny, <br>
Wish your heart be happy, <br>
Wish your body be healthy, <br>
Wish U never be lazy. <br>
:) :> ;) ;> :-) :-> ;-) ;-> <br>
</small><hr>
<p align="center">[<a href="index.htm">回到开始</a>][<a href="317.htm">上一层</a>][<a href="432.htm">下一篇</a>]
<p align="center"><a href="http://cterm.163.net">欢迎访问Cterm主页</a></p>
</table>
</body>
</html>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -