📄 defend.c
字号:
#include<stdio.h>#include<stdlib.h>#include<string.h>#include<sys/socket.h>#include<sys/types.h>#include<netinet/in.h>#include<netinet/ip.h>#include<netinet/tcp.h>#include<netdb.h>#include<arpa/inet.h>#include"header.h"unsigned short check_sum(unsigned short *addr, int len);int intercept(char *buffer, char *dns);int judge_badurl(char *requestadd);int send_to_client(struct ip *fip, struct tcphdr *ftcp);int send_to_server(struct ip *fip, struct tcphdr *ftcp);unsigned short check_sum(unsigned short *addr, int len){ unsigned long sum = 0; while (len > 1) { sum += *addr++; len -= sizeof(unsigned short); } if (len) { sum += *(unsigned char *) addr; } while (sum >> 16) sum = (sum & 0xffff) + (sum >> 16); return (unsigned short) (~sum);}/*********************************************//* intercept the requestion *//*********************************************/int intercept(char *buffer, char *dns){ char *http, *p; char method[10], host[10], url[100], request[500]; struct ip *fip; struct tcphdr *ftcp; p = dns; fip = (struct ip *) (buffer+14); ftcp = (struct tcphdr *) ((buffer+14) + 4 * fip->ip_hl); if(strcmp(inet_ntoa(fip->ip_src),"127.0.0.1")==0){ return 0; } http = (buffer+14) + 4 * fip->ip_hl + 4 * ftcp->doff; int i = 0; while (*http != ' ' && i < 3) method[i++] = *http++; method[i] = '\0'; /****************** get url *****************/ if (strcmp(method, "GET") != 0) return; while (*http != ' ') http++; http++; int j = 0; while (*http != ' '&*http!='?') url[j++] = *http++; url[j] = '\0'; while (*http != '\n') http++; http++; /****************** get dns *****************/ while (*http != '\n') { int k = 0; while (k < 4) host[k++] = *http++; host[k] = '\0'; http++; http++; int l = 0; if (strcmp(host, "Host") == 0) { while (*http != '\r') dns[l++] = *http++; dns[l] = '\0'; break; } else while (*http != '\n') http++; http++; }// printf("ip source address is:%s\n", inet_ntoa(fip->ip_src)); printf("ip dest address is:%s\n", inet_ntoa(fip->ip_dst)); printf("url is :%s\n", url); printf("dns is:%s\n", dns); memcpy(request, dns, strlen(dns)); memcpy(request + strlen(dns), url, strlen(url)); int len = strlen(dns) + strlen(url); request[len] = '\0'; printf("request address is:%s\n", request); int flag = judge_badurl(request); if (flag == 1) { send_to_client(fip, ftcp); send_to_server(fip, ftcp); } return flag;}/*********************************************//* judge the request address *//*********************************************/int judge_badurl(char *requestadd){ int len, i=0,j= 0; char str[200]; FILE *fp; len = strlen(requestadd); char buffer[len + 1];// printf("now begin the judgement!\n"); if ((fp = fopen("/root/filename.txt", "rb")) == NULL) { printf("can not open file\n"); exit(0); } bzero(&buffer, sizeof(buffer)); while (i < len) {/* if(j>0){ buffer[j]=requestadd[i-1]; j=j+1; }*/ for (; requestadd[i]!='/'&&i<len-1; ) { buffer[j++] = requestadd[i++]; } buffer[j++]=requestadd[i++]; printf("buffer is :%s\n",buffer); fseek(fp,0,SEEK_SET); while (!feof(fp)) { if (fscanf(fp, "%s", str) < 0) break; printf("str:%s\n", str); if (strcmp(buffer, str) == 0) { printf("to interrupt the request address!\n"); fclose(fp); return 1; } }// i++; } if (feof(fp)) { printf("allow the request address\n"); fclose(fp); return 0; } else return -1;}/***************************************************//* send the redirect message to the request client *//***************************************************/int send_to_client(struct ip *fip, struct tcphdr *ftcp){ int sockc, socks; struct sockaddr_in addr; char sendbuffer[200]; struct ip ip; struct psdtcphdr ptcp; struct tcphdr tcp; int head_len; char tbuffer[65535]; int flag = 1; char *http = "HTTP/1.1 301 Redirection\r\nLocation: http://www.neu.edu.cn\r\n"; head_len = sizeof(struct ip) + sizeof(struct tcphdr); if ((sockc = socket(AF_INET, SOCK_RAW, IPPROTO_TCP)) < 0) { perror("client socket\n"); exit(1); } if ((setsockopt(sockc, IPPROTO_IP, IP_HDRINCL, &flag, sizeof(int))) < 0) perror("set client socket\n"); bzero(&tbuffer, sizeof(tbuffer)); bzero(&sendbuffer, sizeof(sendbuffer)); addr.sin_family = AF_INET; addr.sin_port = ftcp->source; addr.sin_addr = fip->ip_src; ip.ip_v = IPVERSION; ip.ip_hl = sizeof(struct ip) >> 2; ip.ip_tos = 0; ip.ip_len = htons(head_len + strlen(http)); ip.ip_id = 0; ip.ip_off = 0; ip.ip_ttl = MAXTTL; ip.ip_p = IPPROTO_TCP; ip.ip_sum = 0; ip.ip_src = fip->ip_dst; ip.ip_dst = fip->ip_src; tcp.source = ftcp->dest; tcp.dest = ftcp->source; tcp.seq = ftcp->ack_seq; tcp.ack_seq = htonl(ntohl(ftcp->seq) + ntohs(fip->ip_len) - (fip->ip_hl) * 4 - (ftcp->doff) * 4); tcp.doff = 5; tcp.fin = 0; tcp.syn = 0; tcp.ack = 1; tcp.urg = 0; tcp.rst = 0; tcp.check = 0; tcp.window = htons(65535); tcp.urg_ptr = 0; ptcp.sourceaddr = ip.ip_src; ptcp.destinationaddr = ip.ip_dst; ptcp.zero = 0; ptcp.protcol = 6; ptcp.tcplen = htons(sizeof(struct tcphdr) + strlen(http)); memcpy(tbuffer, &ptcp, sizeof(struct psdtcphdr)); memcpy(tbuffer + sizeof(struct psdtcphdr), &tcp, sizeof(struct tcphdr)); memcpy(tbuffer + sizeof(struct psdtcphdr) + sizeof(struct tcphdr), http, strlen(http)); tcp.check = check_sum((unsigned short *) tbuffer, sizeof(struct psdtcphdr) + sizeof(struct tcphdr) + strlen(http)); memset(tbuffer, 0, sizeof(tbuffer)); memcpy(tbuffer, &ip, sizeof(struct ip)); ip.ip_sum = check_sum((unsigned short *) tbuffer, sizeof(struct ip)); memcpy(sendbuffer, &ip, sizeof(struct ip)); memcpy(sendbuffer + sizeof(struct ip), &tcp, sizeof(struct tcphdr)); memcpy(sendbuffer + sizeof(struct ip) + sizeof(struct tcphdr), http, strlen(http)); if (sendto(sockc, sendbuffer, sizeof(struct ip) + sizeof(struct tcphdr) + strlen(http), 0, (struct sockaddr *) &addr, sizeof(struct sockaddr_in)) < 0) perror("send redirect message\n"); printf("sending redirect message succeed\n"); close(sockc); return 0;}/********************************************//* send reset message to the server *//********************************************/int send_to_server(struct ip *fip, struct tcphdr *ftcp){ int socks; struct sockaddr_in addr; char sendbuffer[200]; struct ip ip; struct psdtcphdr ptcp; struct tcphdr tcp; int head_len; char tbuffer[65535]; int flag = 1; head_len = sizeof(struct ip) + sizeof(struct tcphdr); if ((socks = socket(AF_INET, SOCK_RAW, IPPROTO_TCP)) < 0) { perror("server socket\n"); exit(1); } bzero(&tbuffer, sizeof(tbuffer)); bzero(&sendbuffer, sizeof(sendbuffer)); addr.sin_family = AF_INET; addr.sin_port = ftcp->dest; addr.sin_addr = fip->ip_dst; ip.ip_len = htons(head_len); ip.ip_sum = 0; ip.ip_src = fip->ip_src; ip.ip_dst = fip->ip_dst; tcp.source = ftcp->source; tcp.dest = ftcp->dest; tcp.seq = ftcp->seq; tcp.ack_seq = ftcp->ack_seq; tcp.ack = 1; tcp.rst = 1; tcp.check = 0; ptcp.sourceaddr = ip.ip_src; ptcp.destinationaddr = ip.ip_dst; ptcp.tcplen = htons(sizeof(struct tcphdr)); memcpy(tbuffer, &ptcp, sizeof(struct psdtcphdr)); memcpy(tbuffer + sizeof(struct psdtcphdr), &tcp, sizeof(struct tcphdr)); tcp.check = check_sum((unsigned short *) tbuffer, sizeof(struct psdtcphdr) + sizeof(struct tcphdr)); memcpy(sendbuffer + sizeof(struct ip), &tcp, sizeof(struct tcphdr)); memset(tbuffer, 0, sizeof(tbuffer)); memcpy(tbuffer, &ip, sizeof(struct ip)); ip.ip_sum = check_sum((unsigned short *) tbuffer, sizeof(struct ip)); memcpy(sendbuffer, &ip, sizeof(struct ip)); memcpy(sendbuffer + sizeof(struct ip), &tcp, sizeof(struct tcphdr)); sendto(socks, sendbuffer, sizeof(struct ip) + sizeof(struct tcphdr), 0, (struct sockaddr *) &addr, sizeof(struct sockaddr_in)); close(socks); printf("sending reset message succeed\n"); return 0;}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -