菜鸟程序，欢迎赐教。yelangcap.cpp

LINUX中截取密码的程序源码

//提倡共享精神和学习交流！。。。




#include <winsock2.h>
#include<string.h>
#include <stdio.h>
#include <stdlib.h>
#pragma comment(lib, "ws2_32.lib")

#define SIO_RCVALL            _WSAIOW(IOC_VENDOR,1)
#define SIO_RCVALL_MCAST      _WSAIOW(IOC_VENDOR,2)
#define SIO_RCVALL_IGMPMCAST  _WSAIOW(IOC_VENDOR,3)
#define SIO_KEEPALIVE_VALS    _WSAIOW(IOC_VENDOR,4)
#define SIO_ABSORB_RTRALERT   _WSAIOW(IOC_VENDOR,5)
#define SIO_UCAST_IF          _WSAIOW(IOC_VENDOR,6)
#define SIO_LIMIT_BROADCASTS  _WSAIOW(IOC_VENDOR,7)
#define SIO_INDEX_BIND        _WSAIOW(IOC_VENDOR,8)
#define SIO_INDEX_MCASTIF     _WSAIOW(IOC_VENDOR,9)
#define SIO_INDEX_ADD_MCAST   _WSAIOW(IOC_VENDOR,10)
#define SIO_INDEX_DEL_MCAST   _WSAIOW(IOC_VENDOR,11)

#define HI_WORD(byte)    (((byte) >> 4) & 0x0F)//get four high bits  from one byte
#define LO_WORD(byte)    ((byte) & 0x0F)////get four low bits  from one byte

#define DHCP_PORT 68
#define SIP_PORT 5056
#define RIP_PORT 520
#define ICMP_NEXT_HEADER 1
#define IP_NEXT_HEADER   4 
#define TCP_NEXT_HEADER   6
#define UDP_NEXT_HEADER   17


bool analysis_icmp(WSABUF *wsabuf ,DWORD iphdrlen);
bool analysis_udp(WSABUF *wsabuf, DWORD iphdrlen);
bool analysis_tcp(WSABUF *wsabuf, DWORD iphdrlen);
bool analysis_ip(WSABUF *wsabuf);

void main()
{   
	DWORD		dwFlags;
	DWORD         dwBytesRet;
	DWORD dwBytes;
    WSABUF wbuf;
    char buf[2048];
    SOCKET socRaw;
	int ret;
    WSADATA       wsd;
	if (WSAStartup(MAKEWORD(2,2), &wsd) != 0)
    {
        printf("WSAStartup() failed: %d\n", GetLastError());
        return ;
    }
	socRaw=WSASocket(AF_INET,SOCK_RAW,IPPROTO_IP,NULL,0,WSA_FLAG_OVERLAPPED);
	if(socRaw==INVALID_SOCKET){
		printf("WSAStartup() failed: %d\n", GetLastError());
        return ;
	}
	if(SOCKET_ERROR==WSAIoctl(socRaw,SIO_ADDRESS_LIST_QUERY,NULL,0,buf,2048,&dwBytes,NULL,NULL)){  
		printf("WSAStartup() failed: %d\n", GetLastError());
        return ;
	}
  	SOCKET_ADDRESS_LIST * slist=NULL;
	slist=(SOCKET_ADDRESS_LIST*)buf;
	if(slist->iAddressCount<=0){
			printf("seek2 failed!");
			return;
		}
    sockaddr_in server;
	server.sin_addr.s_addr=((SOCKADDR_IN*)slist->Address[0].lpSockaddr)->sin_addr.s_addr;
	//the IpSockaddr point to the host computer
	server.sin_family=AF_INET;
	server.sin_port=htons(0);
	if(bind(socRaw,(SOCKADDR*)&server,sizeof(server))==SOCKET_ERROR){
		printf("bind failed: %d\n", GetLastError());
	}
    BOOL	bRecvAll;
	bRecvAll=TRUE;
    if(WSAIoctl(socRaw,SIO_RCVALL,&bRecvAll,sizeof(bRecvAll),NULL,0,&dwBytes,NULL,NULL)==SOCKET_ERROR){
	      printf("WSAIoctl failed: %d\n", GetLastError());
		  }
	 int i=0;
	 int k;
	 printf("Please input the packets wo you will to capture: ");
	 scanf("%d",&k);
    while (1)
    {   
		Sleep(1000);
        wbuf.len = 2048;
        wbuf.buf = buf;
        dwFlags  = 0;

        ret = WSARecv(socRaw, &wbuf, 1, &dwBytesRet, &dwFlags, NULL, NULL);
        if (ret == SOCKET_ERROR){
            printf("WSARecv() failed: %d\n", WSAGetLastError());
            return ;
		}
        i++;
	    printf("\n\nYou have  captured %d  packets.Now Analysis the packet:\n",i);
	    analysis_ip(&wbuf);
	    if(i==k)break;
    }
    closesocket(socRaw);
    WSACleanup();
}

bool analysis_icmp(WSABUF *wsabuf, DWORD iphdrlen){
	BYTE  *hdr=(BYTE *)(wsabuf->buf + iphdrlen);
	unsigned short ih_type,ih_code,ih_csum;
    unsigned int  ih_id,ih_seqno;
    printf(".............ICMP HEADER............\n");
    ih_type=*hdr;
	printf("Type:  %d :",ih_type);
	hdr++;
	ih_code=*hdr;
	hdr++;
	memcpy(&ih_csum,hdr,2);
	switch(ih_type){
	case 0:
			printf("echo reply\n");
			printf("Code %d\n",ih_code);
            hdr+=2;
			memcpy(&ih_id,hdr,2);
			ih_id=ntohs(ih_id);
			printf("Idenfination#: 0x%X\n",ih_id);
			hdr+=2;
			memcpy(&ih_seqno,hdr,2);
			ih_seqno=ntohs(ih_seqno);
			printf("Sequence number: %d\n",ih_seqno);
			break;
	case 5:
		printf("source quench\n");
		printf("Code %d\n",ih_code);
		break;
	case 3:
		printf("dest unreachable\n");
		printf("Code %d\n",ih_code);
	case 8:
		printf("echo request\n");
		printf("Code %d\n",ih_code);
		hdr+=2;
		memcpy(&ih_id,hdr,2);
		ih_id=ntohs(ih_id);
		printf("Idenfination#: 0x%X\n",ih_id);
		hdr+=2;
		memcpy(&ih_seqno,hdr,2);
		ih_seqno=ntohs(ih_seqno);
		printf("Sequence number: %d\n",ih_seqno);
		break;
	case 9:
		printf("router advertisement\n");
		printf("Code %d\n",ih_code);
		break;
	case 11:
		printf("time exceeded\n");
		printf("Code %d\n",ih_code);
		break;
	case 12:
		printf("paramenter error\n");
		printf("Code %d\n",ih_code);
		break;
	default:
		printf("unknown type\n");
		printf("Code %d\n",ih_code);
		break;
	}
	printf("Checksum:  %d\n",ntohs(ih_csum));
	return true;
}

bool analysis_udp(WSABUF *wsabuf, DWORD iphdrlen){   
    BYTE   *hdr = (BYTE *)(wsabuf->buf + iphdrlen);
    unsigned short    udp_src_port,
                      udp_dest_port,
                      udp_len,
                      udp_chksum;
    memcpy(&udp_src_port, hdr, 2);
    udp_src_port = ntohs(udp_src_port);
    hdr += 2;
    memcpy(&udp_dest_port, hdr, 2);
    udp_dest_port = ntohs(udp_dest_port);
    hdr += 2;
	memcpy(&udp_len, hdr, 2);
    udp_len = ntohs(udp_len);
    hdr += 2;
    memcpy(&udp_chksum, hdr, 2);
    udp_chksum = ntohs(udp_chksum);
	printf(".............UDP  Header.............\n");
     printf("Source Port:%d\n",udp_src_port);
	printf("Destinaton port:  %d\n",udp_dest_port);
	printf("Length:  %d\n",udp_len);
	printf("Checksum:  0x%X\n",ntohs(udp_chksum));
    servent *se;
	se=getservbyname("domain","udp");
	if(se==NULL){
		printf("can't get services entries\n");
	}
	if(udp_src_port==ntohs(se->s_port)||udp_dest_port==ntohs(se->s_port))
		printf("It is a DNS packet.\n");
	if(udp_src_port==DHCP_PORT||udp_dest_port==DHCP_PORT)
		printf("It is a DHCP packet.\n");
	if(udp_src_port==RIP_PORT||udp_dest_port==RIP_PORT)
		printf("It is a RIP packet.\n");
	if(udp_src_port==SIP_PORT||udp_dest_port==SIP_PORT)
		printf("It is a SIP packet.\n");
    return  true;
}

bool analysis_tcp(WSABUF *wsabuf, DWORD iphdrlen)
{
    BYTE           *hdr = (BYTE *)(wsabuf->buf + iphdrlen);
    unsigned int th_sport;
	unsigned int th_dport;
	unsigned long int th_seq;
	unsigned long int th_ack;
	unsigned short   th_flag;
	unsigned short th_reb;
	unsigned int th_win;
	unsigned int th_csum;
	unsigned int th_urp;
    printf(".............TCP HEADER.............\n");
    memcpy(&th_sport, hdr, 2);
    th_sport = ntohs(th_sport);
    printf("Source Port   : %d\n", th_sport);
    hdr += 2;
    memcpy(&th_dport, hdr, 2);
    th_dport = ntohs(th_dport);
    printf("Destination Port  : %d\n", th_dport);
    hdr += 2;
    memcpy(&th_seq, hdr, 4);
    th_seq = ntohl(th_seq);
    printf("Sequence Number    : %d\n", th_seq);
    hdr += 4;
	memcpy(&th_ack, hdr, 4);
    th_ack = ntohl(th_ack);
    printf("Acknowledgement number: %d\n", th_ack);
    hdr += 4;
    printf("Header Length : %d \n", HI_WORD(*hdr));
	memcpy(&th_reb,hdr,2);
	th_reb=th_reb & 0x0FC0;
	printf("Reserved bits:   %d\n",th_reb);
    memcpy(&th_flag, hdr, 2);
    th_flag = ntohs(th_flag) & 0x3F;
    printf("Flags      : ");
    if (th_flag & 0x20)
        printf("URG ");
    if (th_flag & 0x10)
        printf("ACK ");
    if (th_flag & 0x08)
        printf("PSH ");
    if (th_flag & 0x04)
        printf("RST ");
    if (th_flag & 0x02)
        printf("SYN ");
    if (th_flag & 0x01)
        printf("FIN ");
    printf("\n");
    hdr += 2;
	memcpy(&th_win, hdr, 2);
    th_win = ntohs(th_win);
    printf("Window size: %d\n", th_win);
    hdr += 2;
	memcpy(&th_csum, hdr, 2);
    th_csum = ntohs(th_csum);
    printf("TCP Checksum: : %d\n", th_csum);
    hdr += 2;
    memcpy(&th_urp, hdr, 2);
    th_urp = ntohs(th_urp);
    printf("Urgent pointer : %d\n", th_urp);
    return true;
}

bool analysis_ip(WSABUF *wsabuf){
	BYTE  *hdr = (BYTE *)wsabuf->buf,*nexthdr = NULL;
	unsigned short ip_version,
                   ip_hlen,
                   ip_tos,
                   ip_tlen,
                   ip_id,
                   ip_flags,
                   ip_ttl,
                   ip_frag_offset,
                   ip_proto,
                   ip_cksum;
    SOCKADDR_IN    srcaddr, destaddr;               
   
    ip_version = HI_WORD(*hdr);
    ip_hlen = LO_WORD(*hdr) * 4;
		if(ip_hlen<20){
	  printf("IP header too short! (%d bytes)\n",ip_hlen);
	  return false;
	}
    nexthdr = (BYTE *)(wsabuf->buf + ip_hlen);
    hdr++;
    ip_tos = *hdr;
    hdr++;
	memcpy(&ip_tlen, hdr, 2);//memcpy( void *dest, const void *src, size_t count )???????src???????count???????dest????????????
    ip_tlen = ntohs(ip_tlen);
    hdr += 2;
	memcpy(&ip_id, hdr, 2);
    ip_id = ntohs(ip_id);
    hdr += 2;
	ip_flags = ((*hdr) >> 5);
	memcpy(&ip_frag_offset, hdr, 2);
    ip_frag_offset = ((ntohs(ip_frag_offset)) & 0x1FFF);
    hdr+=2;
	ip_ttl = *hdr;
    hdr++;
	ip_proto = *hdr;
    hdr++;
	memcpy(&ip_cksum, hdr, 2);
    ip_cksum = ntohs(ip_cksum);
    hdr += 2;
	memcpy(&srcaddr.sin_addr.s_addr, hdr, 4);
    hdr += 4;
	memcpy(&destaddr.sin_addr.s_addr, hdr, 4);
    hdr += 4;
    printf(".............IP HEADER.............\n");
    printf("Header length  %d\n",ip_hlen);
	printf("Version  %d\n",ip_version);
    printf("Type of service:   0x%X\n",ip_tos);
    printf("IP Total Len: %d bytes\n",ip_tlen);
    printf("Idenfination#: 0x%X\n",ip_id);
    printf("IP Flags: 0x%X\n",ip_flags);
    printf("Fragamentation Offset: 0x%X\n", ip_frag_offset);
	printf("Time to live:%d\n",ip_ttl);
	printf("Protocol: %d\n",ip_proto);
	printf("Header checksum: 0x%08\n",ip_cksum);//0x前导符
    printf("Sourse address  %s\n", inet_ntoa(srcaddr.sin_addr));
    printf("Destination address  %s\n", inet_ntoa(destaddr.sin_addr));
    switch(ip_proto){
		case TCP_NEXT_HEADER:
			analysis_tcp(wsabuf, ip_hlen);
			break;
		case UDP_NEXT_HEADER:
			analysis_udp(wsabuf, ip_hlen);
			break;
		case ICMP_NEXT_HEADER:
			 analysis_icmp(wsabuf, ip_hlen);
			 break;
		default:
			printf("   No decoder installed for protocol\n");
			break;
		}
    return true;
}