📄 thread.cpp
字号:
#include "stdafx.h"
#include "PortScaner.h"
#include "PortScanerDlg.h"
#include <winsock2.h>
#include <ws2tcpip.h>
#pragma comment(lib,"ws2_32.lib")
#define SIO_RCVALL _WSAIOW(IOC_VENDOR,1)
#define srcPort 88
unsigned short checksum(USHORT *buffer, int size) ;
int send_packet(in_addr tgtIP,in_addr sourceIP,int port) ;
UINT SendThread(LPVOID pParam);
typedef struct ip_hdr
{
unsigned char h_verlen; //4位首部长度,4位IP版本号
unsigned char tos; //8位服务类型TOS
unsigned short total_len; //16位总长度(字节)
unsigned short ident; //16位标识
unsigned short frag_and_flags; //3位标志位
unsigned char ttl; //8位生存时间 TTL
unsigned char proto; //8位协议 (TCP, UDP 或其他)
unsigned short checksum; //16位IP首部校验和
unsigned int sourceIP; //32位源IP地址
unsigned int destIP; //32位目的IP地址
}IP_HEADER;
typedef struct tcp_hdr //定义TCP首部
{
USHORT th_sport; //16位源端口
USHORT th_dport; //16位目的端口
unsigned int th_seq; //32位序列号
unsigned int th_ack; //32位确认号
unsigned char th_lenres; //4位首部长度/6位保留字
unsigned char th_flag; //6位标志位
USHORT th_win; //16位窗口大小
USHORT th_sum; //16位校验和
USHORT th_urp; //16位紧急数据偏移量
}TCP_HEADER;
typedef struct tsd_hdr //定义TCP伪首部
{
unsigned long saddr; //源地址
unsigned long daddr; //目的地址
char mbz;
char ptcl; //协议类型
unsigned short tcpl; //TCP长度
}PSD_HEADER;
UINT SendThread(LPVOID pParam)
{
CPortScanerDlg* pDlg;
pDlg=(CPortScanerDlg* )::AfxGetApp()->GetMainWnd();
int nIP= (pDlg->IP[6]-pDlg->IP[2])*254 + (pDlg->IP[7]-pDlg->IP[3]) + 1;
char hostname[100],hostip[100],destip[100];
struct hostent* phe;
in_addr host,dest;
gethostname(hostname,128);//获取本机主机名
phe = gethostbyname(hostname);//获取本机ip地址结构
if(phe == NULL)
{
pDlg->SendOver();
return 1;
}
strcpy(hostip, inet_ntoa(*((struct in_addr*)phe->h_addr_list[0])));//得到本机ip地址
host.S_un.S_addr=inet_addr(hostip);
sprintf(destip,"%d.%d.%d.%d",pDlg->IP[0],pDlg->IP[1],pDlg->IP[2],pDlg->IP[3]);
dest.S_un.S_addr=inet_addr(destip);
Sleep(1000); //wait for RecvThread
CString msg;
for(int i=0;i<nIP;i++)
{
for(int j=0;j<pDlg->nPort;j++)
{
msg.Format("Scaning %d.%d.%d.%d port :%d ...",
dest.S_un.S_un_b.s_b1,dest.S_un.S_un_b.s_b2,dest.S_un.S_un_b.s_b3,dest.S_un.S_un_b.s_b4,
pDlg->portlist[j]);
pDlg->SetWindowText(msg);
send_packet(dest,host,pDlg->portlist[j]);
Sleep(speed);
}
dest.S_un.S_un_b.s_b4++;
if(dest.S_un.S_un_b.s_b4==255)
{
dest.S_un.S_un_b.s_b3++;
dest.S_un.S_un_b.s_b4=1;
}
if(dest.S_un.S_un_b.s_b3==255)
{
dest.S_un.S_un_b.s_b2++;
dest.S_un.S_un_b.s_b3=1;
}
if(dest.S_un.S_un_b.s_b2==255)
{
dest.S_un.S_un_b.s_b1++;
dest.S_un.S_un_b.s_b2=1;
}
}
pDlg->SetWindowText("Scan Finish,Wait ...");
pDlg->SendOver();
return 0;
}
int send_packet(in_addr tgtIP,in_addr sourceIP,int port)
{
SOCKET sendSocket;
BOOL flag;
int timeout;
SOCKADDR_IN sin;
IP_HEADER ipHeader;
TCP_HEADER tcpHeader;
PSD_HEADER psdHeader;
char szSendBuf[60] = {0}; //发送包的缓冲区
int ret;
unsigned long source_ip;
unsigned long target_ip;
//建立原始数据socket
if((sendSocket = WSASocket(AF_INET, SOCK_RAW, IPPROTO_RAW, NULL, 0, WSA_FLAG_OVERLAPPED)) == INVALID_SOCKET)
{
return 0;
}
//设置自己填充数据包
if(setsockopt(sendSocket, IPPROTO_IP, IP_HDRINCL, (char *)&flag, sizeof(flag)) == SOCKET_ERROR)
{
return 0;
}
//设置超时时间
timeout = 1000;
if(setsockopt(sendSocket, SOL_SOCKET, SO_SNDTIMEO, (char *)&timeout, sizeof(timeout)) == SOCKET_ERROR)
{
return 0;
}
target_ip = tgtIP.S_un.S_addr;
source_ip = sourceIP.S_un.S_addr;
sin.sin_family = AF_INET;
sin.sin_port = htons(port);
sin.sin_addr.S_un.S_addr = target_ip;
//填充IP首部
ipHeader.h_verlen = (4<<4 | sizeof(ipHeader)/sizeof(unsigned long));
ipHeader.total_len = htons(sizeof(ipHeader)+sizeof(tcpHeader));
ipHeader.ident = 1;
ipHeader.frag_and_flags = 0x40;
ipHeader.ttl = 128;
ipHeader.proto = IPPROTO_TCP;
ipHeader.checksum = 0;
ipHeader.sourceIP = source_ip;//源IP
ipHeader.destIP = target_ip; //目的IP
//填充TCP首部
tcpHeader.th_dport = htons(port);//目的端口
tcpHeader.th_sport = htons(srcPort); //源端口
tcpHeader.th_seq = 0x12345678;
tcpHeader.th_ack = 0;
tcpHeader.th_lenres = (sizeof(tcpHeader)/4<<4|0);
tcpHeader.th_flag = 2;//syn标志位。0,2,4,8,16,32->FIN,SYN,RST,PSH,ACK,URG(推测,哈哈)
tcpHeader.th_win = htons(512);
tcpHeader.th_urp = 0;
tcpHeader.th_sum = 0;
//填充tcp伪首部
psdHeader.saddr = ipHeader.sourceIP;
psdHeader.daddr = ipHeader.destIP;
psdHeader.mbz = 0;
psdHeader.ptcl = IPPROTO_TCP;
psdHeader.tcpl = htons(sizeof(tcpHeader));
//计算TCP校验和
memcpy(szSendBuf, &psdHeader, sizeof(psdHeader));
memcpy(szSendBuf + sizeof(psdHeader), &tcpHeader, sizeof(tcpHeader));
tcpHeader.th_sum = checksum((USHORT *)szSendBuf, sizeof(psdHeader) + sizeof(tcpHeader));
//计算IP检验和
memcpy(szSendBuf, &ipHeader, sizeof(ipHeader));
memcpy(szSendBuf + sizeof(ipHeader), &tcpHeader, sizeof(tcpHeader));
memset(szSendBuf + sizeof(ipHeader) + sizeof(tcpHeader), 0, 4);
ipHeader.checksum = checksum((USHORT *)szSendBuf, sizeof(ipHeader) + sizeof(tcpHeader));
memcpy(szSendBuf, &ipHeader, sizeof(ipHeader));
memcpy(szSendBuf + sizeof(ipHeader), &tcpHeader, sizeof(tcpHeader));
//发送数据包
ret = sendto(sendSocket, szSendBuf, sizeof(ipHeader) + sizeof(tcpHeader), 0, (struct sockaddr*)&sin, sizeof(sin));
if(ret == SOCKET_ERROR)
{
// printf("Send Packet Error...\n");
return 0;
}
else return 1;
}
unsigned short checksum(USHORT *buffer, int size)
{
unsigned long cksum=0;
while(size >1)
{
cksum += *buffer++;
size -= sizeof(USHORT);
}
if(size)
{
cksum += *(UCHAR*)buffer;
}
cksum = (cksum >> 16) + (cksum & 0xffff);
cksum += (cksum >> 16);
return (unsigned short)(~cksum);
}
UINT RecvThread(LPVOID pParam)
{
SOCKET sock;
SOCKADDR_IN sniff;
char recvBuffer[65000] = {0};//缓冲区存放捕获的数据
CPortScanerDlg* pDlg;
pDlg=(CPortScanerDlg* )::AfxGetApp()->GetMainWnd();
char hostname[100],hostip[100];
struct hostent* phe;
// in_addr host,dest;
gethostname(hostname,128);//获取本机主机名
phe = gethostbyname(hostname);//获取本机ip地址结构
if(phe == NULL)
{
return 1;
}
strcpy(hostip, inet_ntoa(*((struct in_addr*)phe->h_addr_list[0])));//得到本机ip地址
//建立socket监听数据包
sock = socket(AF_INET,SOCK_RAW,IPPROTO_IP);
sniff.sin_family = AF_INET;
sniff.sin_port = htons(0);
sniff.sin_addr.s_addr = inet_addr(hostip);
//绑定到本地随机端口
bind(sock,(PSOCKADDR)&sniff,sizeof(sniff));
//设置SOCK_RAW为SIO_RCVALL,以便接收所有的IP包
DWORD dwBufferLen[10] ;
DWORD dwBufferInLen = 1 ;
DWORD dwBytesReturned = 0 ;
WSAIoctl(sock,SIO_RCVALL,&dwBufferInLen,sizeof(dwBufferInLen),&dwBufferLen,sizeof(dwBufferLen),&dwBytesReturned,NULL,NULL);
IP_HEADER *ipHeader; //IP_HEADER型指针
TCP_HEADER *tcpHeader; //TCP_HEADER型指针
struct in_addr in;
while(1)
{
memset(recvBuffer , 0 , sizeof(recvBuffer) );
//开始捕获数据包
int bytesRecived = recv(sock,recvBuffer,sizeof(recvBuffer),0);
if(bytesRecived < 0)
{
break;
}
ipHeader = (IP_HEADER *) recvBuffer;
tcpHeader= (TCP_HEADER *) (recvBuffer+sizeof(IP_HEADER));
in.S_un.S_addr=ipHeader->sourceIP;
if(tcpHeader->th_flag == 18)// && tcpHeader->th_sport == htons(info.port))
{
//inet_ntoa(in),ntohs(tcpHeader->th_sport)
pDlg->AddPort(in,ntohs(tcpHeader->th_sport));
}
}
return 1;
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -