scanhost.cpp

关键字: socket, 校验和算法, ICMP, connect, 端口,扫描, 这是我课程设计时,用VC.NET写的一个程序,功能是在利用socket提供的API函数, 填充并发送ICMP包,测

// scanhost.cpp : 定义控制台应用程序的入口点。
//

#include "stdafx.h"
#include "scanhost_head.h"

WSADATA		wsaData;
SOCKET		sockRaw;
struct		sockaddr_in		dest, from, end;

int fromlen				= sizeof(from);
char * recvbuf			= new char[MAX_PING_PACKET_SIZE];
unsigned int  addr		= 0;
long	ThreadNumCounter= 0,ThreadNumLimit = 20;
long *  aa				= &ThreadNumCounter;

_TCHAR*  argv[] =
{
	"scanhost\0",
	"169.254.100.1\0",
	"169.254.196.255\0"
};


int _tmain()
{
	// init network
	if( WSAStartup(MAKEWORD(2,1), &wsaData) != 0 )
	{
		FatalError("WSAStartup failed! \n");
		ExitProcess(STATUS_FAILED);
	}

	//create socket
	sockRaw	=	WSASocket(AF_INET, SOCK_RAW, IPPROTO_ICMP,NULL,0,WSA_FLAG_OVERLAPPED);
	if( sockRaw == INVALID_SOCKET )
	{
		FatalError(" WSASocket() failed: \n");
		ExitProcess(STATUS_FAILED);
	}

	// set 
	int		timeout = 1000;
	int		bread = setsockopt( sockRaw, SOL_SOCKET, SO_SNDTIMEO, (char *)&timeout, sizeof(timeout));
	if( SOCKET_ERROR == bread )
	{
		FatalError(" failed to setsockopt: set option error!\n");
		int error = WSAGetLastError();
		ExitProcess(STATUS_FAILED);
	}
	
	timeout = 1000;
	bread = setsockopt(sockRaw, SOL_SOCKET, SO_SNDTIMEO, (char *)&timeout, sizeof(timeout));
	if( SOCKET_ERROR == bread )
	{
		FatalError("failed to set send timeout!\n");
		ExitProcess(STATUS_FAILED);
	}

	memset(&dest, 0,sizeof(dest) );

	unsigned long  startIP, endIP;
	dest.sin_family      =  AF_INET;
	dest.sin_addr.s_addr = inet_addr(argv[1]);							//填入开始搜索IP地址
	startIP              = inet_addr(argv[1]);

	end.sin_family       =  AF_INET;
	end.sin_addr.s_addr  =  inet_addr(argv[2]);
	endIP                =  inet_addr(argv[2]);

	HANDLE		hThread;
//	while( htonl( startIP) < htonl(endIP) )
	while( startIP < endIP )	{
		if( ThreadNumCounter > ThreadNumLimit )
		{
			Sleep(5000);
			continue;
		}
		DWORD		ThreadID;
		sockaddr_in *  pIPAddrTemp  = new( sockaddr_in );
		if( !pIPAddrTemp )
		{
			FatalError( "memory  alloc  failed!\n");
			return -1;
		}

		*pIPAddrTemp	=	dest;

		//create new thread
		clock_t	start;
		start	=	clock();
		hThread	= CreateThread(NULL,NULL,&FindIP, (LPVOID)pIPAddrTemp, NULL, &ThreadID);

		long	i=60000000L;
		while( i--);
		TerminateThread( hThread, 0);
		InterlockedDecrement( aa );
		memset( &from, 0, sizeof(from) );			
		startIP		=   htonl(htonl( startIP + 1 ) );					// get next ip address
		dest.sin_addr.s_addr  =  startIP;
	}
	while( ThreadNumCounter  != 0 )
	{
		Sleep(2000);
		return -2;
	}
	return 0;
}


DWORD	WINAPI	FindIP( LPVOID pIPAddrTemp )
{
	int error = 0;
	InterlockedIncrement( aa );

	char	icmp_data[MAX_PACKET];
	memset(icmp_data, 0, MAX_PACKET);

	int	datasize  =  DEF_PACKET_SIZE;
	datasize	  += sizeof(IcmpHeader);
	fill_icmp_data( icmp_data, datasize );
	((IcmpHeader *) icmp_data) ->checksum   =  0;
	((IcmpHeader *) icmp_data) ->seq		=  0;

	((IcmpHeader *) icmp_data) ->checksum   =  checksum( (USHORT*) icmp_data, datasize);

	int bwrote  = sendto( sockRaw, icmp_data, datasize, 0, (struct sockaddr* )pIPAddrTemp, sizeof(dest));
	int n=0;
	if( SOCKET_ERROR == bwrote )
	{
		if( bwrote == SOCKET_ERROR )
		{
			FatalError( "time out!\n");
			error = WSAGetLastError();
		}
		FatalError( " sendto failed! \n");
		ExitProcess(STATUS_FAILED);
		n = 1;
	}
	if ( bwrote < datasize )
	{
		FatalError( "write some bytes!\n" );
		ExitProcess(STATUS_FAILED);
		n = 1;
	}

	// accept data packet
	int  bread = recvfrom( sockRaw, recvbuf, MAX_PING_PACKET_SIZE, 0, (struct sockaddr*)&from, &fromlen);
	if ( bread == SOCKET_ERROR )
	{
		if ( WSAGetLastError( ) == WSAETIMEDOUT )
		{
			FatalError("time out!\n");
		}
		FatalError( " recvfrom failed!\n");
		ExitProcess( STATUS_FAILED);
		n = 1;
	}

	if( n==0 )
		decode_resp( recvbuf, bread, &from);
	InterlockedDecrement(aa);				//线程数目-1
    
	return 0;
}


USHORT	 checksum( USHORT * buffer, int size )
{
	unsigned	long	cksum = 0;
	while ( size > 1)
	{
		cksum += *buffer++;
		size -= sizeof(USHORT);
	}
	if (size)
	{
		cksum += *(UCHAR *) buffer;
	}
	
	cksum = (cksum>>16) + (cksum & 0xffff);
	cksum  += (cksum >>16);

	return  (USHORT) (~cksum);
}

void	fill_icmp_data( char * icmp_data, int datasize)
{
	IcmpHeader   *icmp_hdr;
	char * datapart;
	icmp_hdr  =  (IcmpHeader*) icmp_data;
	icmp_hdr ->type	= ICMP_ECHO;
	icmp_hdr ->id	= (USHORT)GetCurrentThreadId();
	datapart        = icmp_data + sizeof(IcmpHeader);
	memset(datapart, 'A', datasize - sizeof(IcmpHeader));

}


void	decode_resp( char *buf, int bytes,  struct sockaddr_in * from)
{
	IpHeader*		iphdr;
	IcmpHeader*		icmphdr;
	unsigned short  iphdrlen;
	iphdr			= (IpHeader *)buf;
	iphdrlen        = iphdr ->headlen * 4;
	icmphdr			= (IcmpHeader * ) (buf + iphdrlen);

	// if the packet is to short , then throw it
	if( bytes < iphdrlen + ICMP_MIN ) 
	{ 
		FatalError("数据包太短");
		return;
	}
	
	if ( icmphdr ->type != ICMP_ECHO_REPLY )	{ 
		FatalError("不是回送响应!\n");
		return;
	};

	if( icmphdr ->id != (USHORT)GetCurrentThreadId()) 	{ 
		FatalError("ID号不相符,丢弃!\n");
		return;
	};

	cout<< "活动主机:" <<inet_ntoa( from->sin_addr) <<endl;

}