📄 sniffer.cpp
字号:
#include <winsock2.h>
#include <windows.h>
#include <ws2tcpip.h>
#include <stdio.h>
#include <stdlib.h>
#define MAX_HOSTNAME_LAN 255
#define SIO_RCVALL _WSAIOW(IOC_VENDOR,1)
#define MAX_ADDR_LEN 16
typedef struct tcpheader {
unsigned short int sport;//16位源端口
unsigned short int dport;//16位目的端口
unsigned int th_seq; //32位序列号
unsigned int th_ack;//32位确认号
unsigned char th_x2:4;
unsigned char th_off:4;
unsigned char Flags;//6位标志位
unsigned short int th_win;//16位窗口大小
unsigned short int th_sum;//16位校验和
unsigned short int th_urp;//16位紧急数据偏移量
}TCP_HDR;
struct ipheader {
unsigned char ip_hl:4, ip_v:4; //4位首部长度+4位IP版本号
unsigned char ip_tos;//8位服务类型TOS
unsigned short int ip_len; //16位总长度(字节)
unsigned short int ip_id;//16位标识
unsigned short int ip_off;
unsigned char ip_ttl;//8位生存时间 TTL
unsigned char ip_p;
unsigned short int ip_sum;
unsigned int ip_src;//32位源IP地址
unsigned int ip_dst;//32位目的IP地址
}; /* total ip header length: 20 bytes (=160 bits) */
// Psuedo Header
typedef struct ps_hdr
{
unsigned int source_address; // Source Address => 4 Bytes
unsigned int dest_address; // Destination Address => 4 Bytes
unsigned char placeholder; // Place Holder => 1 Bytes
unsigned char protocol; // Protocol => 1 Bytes
unsigned short tcp_length; // TCP Length => + 2 Bytes
// = 12 Bytes
struct tcpheader tcp;
}PS_HDR;
typedef struct udphdr {
unsigned short sport;
unsigned short dport;
unsigned short len;
unsigned short cksum;
}UDP_HDR;
//十六进制输出
void hexdump(char *pointer)
{
if ((*(pointer)>0))
printf("\\x%2.2i",*(pointer));
else
//pointer指向的字节超过Ascii码的范围,进行转换
printf("\\x%2.2i",(*(pointer))*(-1)+82);
}
void main()
{
SOCKET sock;
WSADATA wsd;
char RecvBuf[65535] = {0};
DWORD dwBytesRet;
int pCount=0;
unsigned int optval = 1; //the pointer , which shows us the payload begin
unsigned char *datatcp=NULL; //the pointer , which shows us the payload begin
unsigned char *dataudp=NULL;
int lentcp=0, lenudp;
WSAStartup(MAKEWORD(2,1),&wsd);
//创建套接字
if((sock = socket(AF_INET, SOCK_RAW, IPPROTO_IP))==SOCKET_ERROR)
{
exit(1);
}
char FAR name[MAX_HOSTNAME_LAN];
gethostname(name, MAX_HOSTNAME_LAN);
//获取本机相关信息
struct hostent FAR * pHostent;
pHostent = (struct hostent * )malloc(sizeof(struct hostent));
pHostent = gethostbyname(name);
SOCKADDR_IN sa;
sa.sin_family = AF_INET;
sa.sin_port = htons(6000);
memcpy(&sa.sin_addr.S_un.S_addr, pHostent->h_addr_list[0], pHostent->h_length);
bind(sock, (SOCKADDR *)&sa, sizeof(sa));
//if you don't have raw socket support (win 95/98/me/win2kuser) it calls the exit(1) function
if ((WSAGetLastError())==10013)
exit(1);
//改变socket属性
WSAIoctl(sock, SIO_RCVALL, &optval, sizeof(optval), NULL, 0, &dwBytesRet, NULL, NULL);
struct udphdr *pUdpheader;
struct ipheader *pIpheader;
struct tcpheader *pTcpheader;
char szSourceIP[MAX_ADDR_LEN], szDestIP[MAX_ADDR_LEN];
SOCKADDR_IN saSource, saDest;
pIpheader = (struct ipheader *)RecvBuf;
pTcpheader = (struct tcpheader *)(RecvBuf+ sizeof(struct ipheader ));
pUdpheader = (struct udphdr *) (RecvBuf+ sizeof(struct ipheader ));
while (1)
{
memset(RecvBuf, 0, sizeof(RecvBuf));
recv(sock, RecvBuf, sizeof(RecvBuf), 0);
saSource.sin_addr.s_addr = pIpheader->ip_src;
strncpy(szSourceIP, inet_ntoa(saSource.sin_addr), MAX_ADDR_LEN);
//Check Dest IP
saDest.sin_addr.s_addr = pIpheader->ip_dst;
strncpy(szDestIP, inet_ntoa(saDest.sin_addr), MAX_ADDR_LEN);
lentcp =(ntohs(pIpheader->ip_len)-(sizeof(struct ipheader)+sizeof(struct tcpheader)));
lenudp =(ntohs(pIpheader->ip_len)-(sizeof(struct ipheader)+sizeof(struct udphdr)));
if( (pIpheader->ip_p)==IPPROTO_TCP&&lentcp!=0)
{
printf("*******************************************\n");
pCount++;
datatcp=(unsigned char *) RecvBuf+sizeof(struct ipheader)+sizeof(struct tcpheader);
printf("-TCP-\n");
printf("\nDestination address->%s\n",szDestIP);
printf("\nDestination port->%i\n",ntohs(pTcpheader->dport));
printf("datatcp address->%x\n",datatcp);
printf("size of ipheader->%i\n",sizeof(struct ipheader));
printf("size of tcpheader->%i\n",sizeof(struct tcpheader));
printf("size of the hole packet->%i\n",ntohs(pIpheader->ip_len));
printf("\nchar Packet%i []=\"",pCount,lentcp);
for (int i=0;i<lentcp;i++)
{
printf("\\x%.2x",*(datatcp+i)); //hexdump(datatcp+i);
if(i%10==0)
{
printf("\"");
printf("\n\"");
}
}
printf("\";\n\n\n");
for (int i2=0;i2<lentcp;i2++)
{
//接受的数据是可打印字符
if( *(datatcp+i2)<=127&&*(datatcp+i2)>=20)
printf("%c",*(datatcp+i2));
else
printf(".");
}
printf("\n\n");
printf("*******************************************\n");
}
if( (pIpheader->ip_p)==IPPROTO_UDP&&lentcp!=0)
{
pCount++;
dataudp=(unsigned char *) RecvBuf+sizeof(struct ipheader)+sizeof(struct udphdr);
printf("-UDP-\n");
printf("\nDestination address->%s\n",szDestIP);
printf("\nDestination port->%d\n",ntohs(pTcpheader->dport));
printf("dataudp address->%x\n",dataudp);
printf("size of ipheader->%i\n",sizeof(struct ipheader));
printf("size of udpheader->%i\n",sizeof(struct udphdr));
printf("size of the hole packet->%i\n",ntohs(pIpheader->ip_len));
printf("\nchar Packet%i []=\"",pCount,lenudp);
for (int x=0;x<lenudp;x++)
{
printf("\\x%.2x",*(dataudp+x));
if (x%10==0)
{
printf("\"");
printf("\n\"");
}
}
printf("\";\n\n\n");
for (int x2=0;x2<lenudp;x2++)
{
if( *(dataudp+x2)<=127&&*(dataudp+x2)>=20)
printf("%c",*(dataudp+x2));
else
printf(".");
}
printf("\n\n");
printf("*******************************************\n");
}
}
}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -