📄 335.htm
字号:
void sig_end ( int signo ) <br>
{ <br>
fprintf( stderr, "\n\nsig_end = %d\n", signo ); <br>
exit( SUCCESS ); <br>
} /* end of sig_end */ <br>
Sigfunc * signal ( int signo, Sigfunc * func ) <br>
{ <br>
struct sigaction act, oact; <br>
act.sa_handler = func; <br>
sigemptyset( &act.sa_mask ); <br>
act.sa_flags = 0; <br>
if ( signo == SIGALRM ) <br>
{ <br>
#ifdef SA_INTERRUPT <br>
act.sa_flags |= SA_INTERRUPT; /* SunOS 4.x */ <br>
#endif <br>
} <br>
else <br>
{ <br>
#ifdef SA_RESTART <br>
act.sa_flags |= SA_RESTART; /* SVR4, 44BSD */ <br>
#endif <br>
} <br>
if ( sigaction( signo, &act, &oact ) < 0 ) <br>
{ <br>
return( SIG_ERR ); <br>
} <br>
return( oact.sa_handler ); <br>
} /* end of signal */ <br>
Sigfunc * Signal ( int signo, Sigfunc * func ) /* for our signal() function <br>
*/ <br>
{ <br>
Sigfunc * sigfunc; <br>
if ( ( sigfunc = signal( signo, func ) ) == SIG_ERR ) <br>
{ <br>
perror( "signal" ); <br>
exit( FAILURE ); <br>
} <br>
return( sigfunc ); <br>
} /* end of Signal */ <br>
int Socket ( int family, int type, int protocol ) <br>
{ <br>
int n; <br>
if ( ( n = socket( family, type, protocol ) ) < 0 ) <br>
{ <br>
perror( "socket" ); <br>
exit( FAILURE ); <br>
} <br>
} <br>
return( n ); <br>
} /* end of Socket */ <br>
int synScan ( u_long sourceIp, u_short sourcePort, u_short lowPort, u_short <br>
high <br>
Port, struct sockaddr_in * dest ) <br>
{ <br>
u_char packet[ SYNSIZE ]; <br>
struct iphdr * ip; <br>
struct tcphdr * tcp; <br>
int j; <br>
ip = ( struct iphdr * )packet; <br>
tcp = ( struct tcphdr * )( packet + sizeof( struct iphdr ) ); <br>
for ( portIndex = lowPort, j = 0 ; portIndex <= highPort; portIndex++ ) <br>
{ <br>
dest->sin_port = htons( portIndex ); <br>
if ( sendSyn( sourceIp, sourcePort, 197704, 0, dest ) < 0 ) <br>
{ <br>
perror( "sendSyn" ); <br>
exit( FAILURE ); <br>
} <br>
while ( 1 ) <br>
{ <br>
{ <br>
memset( &packet, 0, SYNSIZE ); <br>
read( recvSocket, &packet, SYNSIZE ); <br>
if ( ip->saddr != dest->sin_addr.s_addr ) <br>
{ <br>
continue; <br>
} <br>
if ( ( ntohl( tcp->ack_seq ) != 197705 ) && ( ntohl( tcp->ack_se <br>
q ) <br>
!= 197704 ) ) <br>
{ <br>
continue; <br>
} <br>
/* RST/ACK - No service listening on port. */ <br>
if ( tcp->rst && tcp->ack ) <br>
{ <br>
break; <br>
} <br>
/* SYN/ACK - Service listening on port. */ <br>
if ( tcp->ack && tcp->syn ) <br>
{ <br>
ports[ j ] = ntohs( tcp->source ); <br>
fprintf( stderr, "portIndex = %d, ports[ %d ] = %d\n", portI <br>
ndex <br>
, j, ports[ j ] ); <br>
j++; <br>
break; <br>
} <br>
} /* end of while */ <br>
} /* end of for */ <br>
return( j ); <br>
} /* end of synScan */ <br>
void terminate ( void ) <br>
{ <br>
if ( sendSocket != -1 ) <br>
{ <br>
Close( sendSocket ); <br>
sendSocket = -1; <br>
} <br>
if ( recvSocket != -1 ) <br>
{ <br>
Close( recvSocket ); <br>
recvSocket = -1; <br>
} <br>
fprintf( stderr, "portIndex = %d\n", portIndex ); <br>
return; <br>
} /* end of terminate */ <br>
void usage ( char * arg ) <br>
{ <br>
fprintf( stderr, " Usage: %s [-c localPort] [-l lowPort] [-h highPort] [ <br>
-s s <br>
erverHost]\n", arg ); <br>
exit( FAILURE ); <br>
} /* end of usage */ <br>
int main ( int argc, char * argv[] ) <br>
{ <br>
int c, i; <br>
u_char hostName[257]; <br>
opterr = 0; /* don't want getopt() writing to stderr */ <br>
while ( ( c = getopt( argc, argv, "c:h:l:s:" ) ) != EOF ) <br>
{ <br>
switch ( c ) <br>
{ <br>
case 'c': <br>
clientPort = ( u_short )strtoul( optarg, NULL, 10 ); <br>
break; <br>
case 'h': <br>
highPort = ( u_short )strtoul( optarg, NULL, 10 ); <br>
break; <br>
case 'l': <br>
lowPort = ( u_short )strtoul( optarg, NULL, 10 ); <br>
break; <br>
case 's': <br>
serverIp.s_addr = resolveHost( optarg ); <br>
break; <br>
case '?': <br>
usage( argv[0] ); <br>
break; <br>
} /* end of switch */ <br>
} /* end of while */ <br>
if ( ( ( lowPort < LOWPORT ) || ( lowPort > HIGHPORT ) ) <br>
|| <br>
( ( highPort < LOWPORT ) || ( highPort > HIGHPORT ) ) <br>
|| <br>
( lowPort > highPort ) ) <br>
{ <br>
fprintf( stderr, "error: lowPort = %d, highPort = %d\n", lowPort, hi <br>
ghPo <br>
rt ); <br>
rt ); <br>
exit( FAILURE ); <br>
} <br>
if ( serverIp.s_addr == 0 ) <br>
{ <br>
usage( argv[0] ); <br>
} <br>
else <br>
{ <br>
fprintf( stderr, "The server is [ %s ]\n", inet_ntoa( serverIp ) ); <br>
} <br>
if ( gethostname( hostName, 256 ) < 0 ) <br>
{ <br>
perror( "gethostname" ); <br>
exit( FAILURE ); <br>
} <br>
clientIp.s_addr = resolveHost( hostName ); <br>
fprintf( stderr, "The client is [ %s ]\n", inet_ntoa( clientIp ) ); <br>
/* Fill in dest sockaddr_in structure. */ <br>
memset( ( char * )&server, 0, sizeof( struct sockaddr_in ) ); <br>
server.sin_family = AF_INET; <br>
server.sin_addr = serverIp; <br>
for ( i = 1; i < 9; i++ ) <br>
{ <br>
Signal( i, sig_end ); <br>
} <br>
Signal( SIGTERM, sig_end ); <br>
Atexit( terminate ); <br>
sendSocket = Socket( PF_INET, SOCK_RAW, IPPROTO_RAW ); <br>
recvSocket = Socket( PF_INET, SOCK_RAW, IPPROTO_TCP ); <br>
synScan( clientIp.s_addr, clientPort, lowPort, highPort, &server ); <br>
return( SUCCESS ); <br>
} /* end of main */ <br>
/*----------------------------------------------------------------------*/ <br>
-- <br>
:发信人: scz (小四), 信区: Security WWW-POST <br>
:标 题: Re: linuxtcp.c(修改) <br>
:发信站: 武汉白云黄鹤站 (Thu Oct 26 11:25:41 2000) , 站内信件 <br>
【 在 scz (小四) 的大作中提到: 】 <br>
: /* <br>
: * File : linuxtcp.c: <br>
昨天想看个tcp hijacking的事情,才发现去年在这里贴的那个syn扫描 <br>
不是单独编译版本,实在是不好意思,修改修改,下面这个可以单独编译 <br>
了。完全是演示atexit()、signal()和raw socket,没有太多实际意义了, <br>
等会我转回木棉socket版去。 <br>
</small><hr>
<p align="center">[<a href="index.htm">回到开始</a>][<a href="184.htm">上一层</a>][<a href="336.htm">下一篇</a>]
<p align="center"><a href="http://cterm.163.net">欢迎访问Cterm主页</a></p>
</table>
</body>
</html>⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -