• PUDN用户
    了解作者
  • C/C++
    开发工具
  • 15KB
    文件大小
  • zip
    文件格式
  • 0
    收藏次数
  • 1 积分
    下载积分
  • 0
    下载次数
  • 2020-06-22 10:20
    上传日期
基于RawSocket的数据包过滤程序,共包含7个文件:inetheader.h、rawsocsniffer.h、rawsocket.h、rawsocket.c、rawsocsniffer.c、main.c、makefile。编译:命令行模式下,切换到代码所在目录,输入make即可编译。编译后将生成一个可执行文件main,以及一些obj文件。
6.zip
  • 6
  • main.c
    1.1KB
  • inetheader.h
    2.8KB
  • rawsocket.c
    1.2KB
  • rawsocsniffer.c
    6.2KB
  • main
    17.7KB
  • makefile
    130B
  • rawsocket.h
    333B
  • rawsocsniffer.h
    875B
内容介绍
#include <iostream> #include <iomanip> #include <arpa/inet.h rel='nofollow' onclick='return false;'> #include "rawsocsniffer.h" #include "inetheader.h" using namespace std; rawsocsniffer::rawsocsniffer(int protocol):rawsocket(protocol),max_packet_len(2048) { packet=new char[max_packet_len]; memset(&simfilter,0,sizeof(simfilter)); } rawsocsniffer::~rawsocsniffer() { delete[] packet; } //set the socket to promiscuous mode which means to capture all packets. bool rawsocsniffer::init() { dopromisc("eth0"); } //set the filter void rawsocsniffer::setfilter(filter myfilter) { simfilter.protocol=myfilter.protocol; simfilter.sip=myfilter.sip; simfilter.dip=myfilter.dip; } bool rawsocsniffer::testbit(const unsigned int p,int k) { if((p>>(k-1))&0x01) return true; else return false; } void rawsocsniffer::setbit(unsigned int &p,int k) { p=(p)|((0x01)<<(k-1)); } //capture packets; void rawsocsniffer::sniffer() { struct sockaddr_in from; int sockaddr_len=sizeof(struct sockaddr_in); int recvlen=0; while(1) { recvlen=receive(packet,max_packet_len,&from,&sockaddr_len); if(recvlen>0) { analyze(); } else { continue; } } } //analyze packets; void rawsocsniffer::analyze() { ether_header_t *etherpacket=(ether_header_t *)packet; if(simfilter.protocol==0) simfilter.protocol=0xff; switch (ntohs(etherpacket->frametype)) { case 0x0800: if(((simfilter.protocol)>>1)) { cout<<"\n\n/*---------------ip packet--------------------*/"<<endl; ParseIPPacket(); } break; case 0x0806: if(testbit(simfilter.protocol,1)) { cout<<"\n\n/*--------------arp packet--------------------*/"<<endl; ParseARPPacket(); } break; case 0x0835: if(testbit(simfilter.protocol,5)) { cout<<"\n\n/*--------------RARP packet--------------------*/"<<endl; ParseRARPPacket(); } break; default: cout<<"\n\n/*--------------Unknown packet----------------*/"<<endl; cout<<"Unknown ethernet frametype!"<<endl; break; } } //analyze ip packets void rawsocsniffer::ParseIPPacket() { ip_packet_t *ippacket=(ip_packet_t *)packet; cout<<"ipheader.protocol: "<<int(ippacket->ipheader.protocol)<<endl; if(simfilter.sip!=0) { if(simfilter.sip!=(ippacket->ipheader.src_ip)) return; } if(simfilter.dip!=0) { if(simfilter.dip!=(ippacket->ipheader.des_ip)) return; } switch (int(ippacket->ipheader.protocol)) { case 1: if(testbit(simfilter.protocol,4)) { cout<<"Received an ICMP packet"<<endl; ParseICMPPacket(); } break; case 6: if(testbit(simfilter.protocol,2)) { cout<<"Received an TCP packet"<<endl; ParseTCPPacket(); } break; case 17: if(testbit(simfilter.protocol,3)) { cout<<"Received an UDP packet"<<endl; ParseUDPPacket(); } break; default: cout<<"Unknown ip protocoltype"<<endl; break; } } //analyze RARP packets; void rawsocsniffer::ParseRARPPacket() { } //analyze arp packets; void rawsocsniffer::ParseARPPacket() { arp_packet_t *arppacket=(arp_packet_t *)packet; print_hw_addr(arppacket->arpheader.send_hw_addr); print_hw_addr(arppacket->arpheader.des_hw_addr); cout<<endl; print_ip_addr(arppacket->arpheader.send_prot_addr); print_ip_addr(arppacket->arpheader.des_prot_addr); cout<<endl; cout<<setw(15)<<"Hardware type: "<<"0x"<<hex<<ntohs(arppacket->arpheader.hw_type); cout<<setw(15)<<" Protocol type: "<<"0x"<<hex<<ntohs(arppacket->arpheader.prot_type); cout<<setw(15)<<" Operation code: "<<"0x"<<hex<<ntohs(arppacket->arpheader.flag); cout<<endl; } //analyze udp packets; void rawsocsniffer::ParseUDPPacket() { udp_packet_t *udppacket=(udp_packet_t *)packet; cout<<setw(20)<<"MAC address: from "; print_hw_addr(udppacket->etherheader.src_hw_addr); cout<<"to "; print_hw_addr(udppacket->etherheader.des_hw_addr); cout<<endl<<setw(20)<<"IP address: from "; print_ip_addr(udppacket->ipheader.src_ip); cout<<"to "; print_ip_addr(udppacket->ipheader.des_ip); cout<<endl; cout<<setw(10)<<"srcport: "<<ntohs(udppacket->udpheader.src_port)<<" desport: "<<ntohs(udppacket->udpheader.des_port)\ <<" length:"<<ntohs(udppacket->udpheader.len)<<endl; } //analyze tcp packets; void rawsocsniffer::ParseTCPPacket() { tcp_packet_t *tcppacket=(tcp_packet_t *)packet; cout<<setw(20)<<"MAC address: from "; print_hw_addr(tcppacket->etherheader.src_hw_addr); cout<<"to "; print_hw_addr(tcppacket->etherheader.des_hw_addr); cout<<endl<<setw(20)<<"IP address: from "; print_ip_addr(tcppacket->ipheader.src_ip); cout<<"to "; print_ip_addr(tcppacket->ipheader.des_ip); cout<<endl; cout<<setw(10)<<"srcport: "<<ntohs(tcppacket->tcpheader.src_port)<<" desport: "<<ntohs(tcppacket->tcpheader.des_port)<<endl; cout<<"seq: "<<ntohl(tcppacket->tcpheader.seq)<<" ack: "<<ntohl(tcppacket->tcpheader.ack)<<endl; } //analyze icmp packets; void rawsocsniffer::ParseICMPPacket() { icmp_packet_t *icmppacket=(icmp_packet_t *)packet; cout<<setw(20)<<"MAC address: from "; print_hw_addr(icmppacket->etherheader.src_hw_addr); cout<<"to "; print_hw_addr(icmppacket->etherheader.des_hw_addr); cout<<endl<<setw(20)<<"IP address: from "; print_ip_addr(icmppacket->ipheader.src_ip); cout<<"to "; print_ip_addr(icmppacket->ipheader.des_ip); cout<<endl; cout<<setw(12)<<"icmp type: "<<int(icmppacket->icmpheader.type)<<" icmp code: "<<int(icmppacket->icmpheader.code)<<endl; cout<<setw(12)<<"icmp id: "<<ntohs(icmppacket->icmpheader.id)<<" icmp seq: "<<ntohs(icmppacket->icmpheader.seq)<<endl; } void rawsocsniffer::print_hw_addr(const unsigned char *ptr) { char hw_addr[18]; sprintf(hw_addr,"%02x:%02x:%02x:%02x:%02x:%02x",ptr[0],ptr[1],ptr[2],ptr[3],ptr[4],ptr[5]); cout<<setiosflags(ios::left)<<setw(20)<<hw_addr; } void rawsocsniffer::print_ip_addr(const unsigned long ip) { cout<<setiosflags(ios::left)<<setw(18)<<inet_ntoa(*(in_addr *)&(ip)); }
评论
    相关推荐
    • WINDOWS__socket13.rar
      利用“原始套接字”(Raw Socket),我们可访问位于基层的传输协议。本章专门讲解如 何运用这种原始套接字,来模拟I P的一些实用工具,比如Tr a c e r o u t e和P i n g程序等等。使用原 始套接字,亦可对I P头...
    • RawSocket.rar
      本文专门讲解如何运用这种原始套接字,来模拟I P的一些实用工具,比如Tr a c e r o u t e和P i n g程序等等。使用原始套接字,亦可对I P头信息进行实际的操作。
    • rawsocket.rar
      基于RawSocket数据包过滤程序,共包含7个文件:inetheader.h、rawsocsniffer.h、rawsocket.h、rawsocket.c、rawsocsniffer.c、main.c、makefile。 编译:命令行模式下,切换到代码所在目录,输入make即可编译。...
    • raw_socket.rar
      主要讲的是windows下网络编程中原始套接字的使用及Ping程序中如何使用原始套接字。
    • Code-caught.rar
      基于RawSocket数据包过滤程序 综合端口扫描器
    • linux_sock_raw.rar
      linux_sock_raw原始套接字编程
    • Row Socket.zip
      基于RawSocket数据包过滤程序,共包含7个文件:inetheader.h、rawsocsniffer.h、rawsocket.h、rawsocket.c、rawsocsniffer.c、main.c、makefile。 编译:命令行模式下,切换到代码所在目录,输入make即可编译。...
    • packet-logger:用于tera-proxy的GUI数据包记录器mod
      保存和加载过滤器和数据包日志 定义参考 在选择数据包时单击定义按钮将打开用于解析该数据包的定义。 此窗口是可拖动和可调整大小的(从右下角调整大小) 六角工具 该工具将是一种快速计算工具,用于从数据包数据...
    • raw_socket.zip
      Linux下使用raw_socket进行模拟抓包的程序,网卡被设置为混杂模式,可以接收到网络中任意的数据包。可根据需要决定是否启用BPF功能
    • 3DES加密算法源代码.rar
      DES加密源代码,用3DES加密算法。 加密强度高,到目前为止,还无人能够破解!