418.htm

unix高级编程原吗

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>CTerm非常精华下载</title>
</head>
<body bgcolor="#FFFFFF">
<table border="0" width="100%" cellspacing="0" cellpadding="0" height="577">
<tr><td width="32%" rowspan="3" height="123"><img src="DDl_back.jpg" width="300" height="129" alt="DDl_back.jpg"></td><td width="30%" background="DDl_back2.jpg" height="35"><p align="center"><a href="http://apue.dhs.org"><font face="黑体"><big><big>apue</big></big></font></a></td></tr>
<tr>
<td width="68%" background="DDl_back2.jpg" height="44"><big><big><font face="黑体"><p align="center">               ● UNIX网络编程                       (BM: clown)                </font></big></big></td></tr>
<tr>
<td width="68%" height="44" bgcolor="#000000"><font face="黑体"><big><big><p   align="center"></big></big><a href="http://cterm.163.net"><img src="banner.gif" width="400" height="60" alt="banner.gif"border="0"></a></font></td>
</tr>
<tr><td width="100%" colspan="2" height="100" align="center" valign="top"><br><p align="center">[<a href="index.htm">回到开始</a>][<a href="316.htm">上一层</a>][<a href="419.htm">下一篇</a>]
<hr><p align="left"><small>              一小段半开扫描代码导读 <br>
发布者 <br>
l634you <br>
#define MY_IP "193.62.1.250" <br>
//今义你自已的ip <br>
#include * <br>
//include 代码就不累述了 <br>
int syn_timeout = 0; <br>
//syn flag的时延 <br>
unsigned short in_cksum(unsigned short *, int); <br>
//检验和 <br>
int scan_port(unsigned short, unsigned int, unsigned int); <br>
void alarm_handler(int); <br>
void alarm_handler(int s) <br>
{ <br>
alarm(0); <br>
syn_timeout = 1; <br>
} <br>
//信号时延促发 <br>
int scan_port(unsigned short port, unsigned int src_addr, unsigned int dst_a <br>
ddr) <br>
{ <br>
struct tcphdr send_tcp; <br>

struct recv_tcp <br>
{ <br>
struct iphdr ip; <br>
struct tcphdr tcp; <br>
unsigned char blah[65535]; <br>
}recv_tcp; <br>
//收到的tcp <br>
struct pseudo_header <br>
{ <br>
unsigned int source_address; <br>
unsigned int dest_address; <br>
unsigned char placeholder; <br>
unsigned char protocol; <br>
unsigned short tcp_length; <br>
struct tcphdr tcp; <br>
}pseudo_header; <br>
//定义假造的头结构 <br>
int tcp_socket; <br>
struct sockaddr_in sin; <br>
int sinlen; <br>
static int blah = 0; <br>
//开始初始化头 <br>
//开始初始化头 <br>
blah++; <br>
send_tcp.source = getpid() + blah; <br>
send_tcp.dest = htons(port); <br>
send_tcp.seq = getpid() + blah; <br>
send_tcp.ack_seq = 0; <br>
//对于res1,doff,res2我不是太明白手头没书不好查格式哪位增注一下 <br>
send_tcp.res1 = 0; <br>
send_tcp.doff = 5; <br>
send_tcp.res2 = 0; <br>
// flag初始化分别为fin,syn,rst,ack为重点 <br>
send_tcp.fin = 0; <br>
send_tcp.syn = 1; <br>
send_tcp.rst = 0; <br>
send_tcp.psh = 0; <br>
send_tcp.ack = 0; <br>
send_tcp.urg = 0; <br>
send_tcp.window = htons(512); <br>
send_tcp.check = 0; <br>
send_tcp.urg_ptr = 0; <br>
//header信息初始 <br>
pseudo_header.source_address = src_addr; <br>
pseudo_header.dest_address = dst_addr; <br>

pseudo_header.placeholder = 0; <br>
pseudo_header.protocol = IPPROTO_TCP; <br>
pseudo_header.tcp_length = htons(20); <br>
//填充 bcopy(&send_tcp, &pseudo_header.tcp, 20); <br>
send_tcp.check = in_cksum((unsigned short *)&pseudo_header, 32); <br>
sin.sin_family = AF_INET; <br>
sin.sin_port = htons(port); <br>
sin.sin_addr.s_addr = dst_addr; <br>
sinlen=sizeof(sin); <br>
//设置信号量 signal(SIGALRM, alarm_handler); <br>
//设置为原始套接字 tcp_socket = socket(AF_INET, SOCK_RAW, IPPROTO_TCP); <br>
if(tcp_socket < 0) <br>
{ <br>
fprintf(stderr, "couldnt open raw socket\n"; <br>
exit(1); <br>
} <br>
sendto(tcp_socket, &send_tcp, 20, 0, (struct sockaddr *)&sin, sinlen); <br>
syn_timeout = 0; <br>
//时间促发 alarm(10); <br>
while(1) <br>
{ <br>
read(tcp_socket, (struct recv_tcp *)&recv_tcp, 65535); <br>

if(syn_timeout == 1) {close(tcp_socket);syn_timeout=0;return -1;} <br>
if(recv_tcp.tcp.dest == (getpid() + blah)) <br>
{ <br>
alarm(0); <br>
close(tcp_socket); <br>
//判断如果flag rst为一的话结束 <br>
if(recv_tcp.tcp.rst == 1) return 0; <br>
else return 1; <br>
} <br>
} <br>
} <br>
//以下没有什么好讲的了 <br>
unsigned short in_cksum(unsigned short *ptr, int nbytes) <br>
{ <br>
register long sum; /* assumes long == 32 bits */ <br>
u_short oddbyte; <br>
register u_short answer; /* assumes u_short == 16 bits */ <br>
/* <br>
* Our algorithm is simple, using a 32-bit accumulator (sum), <br>
* we add sequential 16-bit words to it, and at the end, fold back <br>
* all the carry bits from the top 16 bits into the lower 16 bits. <br>
*/ <br>
*/ <br>
sum = 0; <br>
while (nbytes > 1) { <br>
sum += *ptr++; <br>
nbytes -= 2; <br>
} <br>
/* mop up an odd byte, if necessary */ <br>
if (nbytes == 1) { <br>
oddbyte = 0; /* make sure top half is zero */ <br>
*((u_char *) &oddbyte) = *(u_char *)ptr; /* one byte only */ <br>
sum += oddbyte; <br>
} <br>
/* <br>
* Add back carry outs from top 16 bits to low 16 bits. <br>
*/ <br>
sum = (sum >> 16) + (sum & 0xffff); /* add high-16 to low-16 */ <br>
sum += (sum >> 16); /* add carry */ <br>
answer = ~sum; /* ones-complement, then truncate to 16 bits */ <br>
return(answer); <br>
} <br>
main(int argc, char **argv) <br>
{ <br>
unsigned short i; <br>

if(argc < 2) <br>
{ <br>
fprintf(stderr, "%s target_ip\n", argv[0]); <br>
exit(0); <br>
} <br>
if(geteuid() != 0) <br>
{ <br>
fprintf(stderr, "this program requires root\n"; <br>
exit(0); <br>
} <br>
printf("Scanning %s\n", argv[1]); <br>
for(i=0;i < 1025;i++) <br>
{ <br>
if(scan_port(i, inet_addr(MY_IP), inet_addr(argv[1]))==1) <br>
printf("Port %d active\n", i); <br>
} <br>
} <br>
结束随着win2k,winxp支持原始套接字以后这种方法在 <br>
在win平台越来越普通用,它可以写出好的安全程序来. <br>
上例便是半开扫描的实现. <br>
----------------- <br>
</small><hr>
<p align="center">[<a href="index.htm">回到开始</a>][<a href="316.htm">上一层</a>][<a href="419.htm">下一篇</a>]
<p align="center"><a href="http://cterm.163.net">欢迎访问Cterm主页</a></p>
</table>
</body>
</html>