////////////////////////////////////////////////////////////////////////////////
//Filename:TestSniffer.c
//Author:yunshu
//Write:2005-01-11
////////////////////////////////////////////////////////////////////////////////
#include
#include
#include
////////////////////////////////////////////////////////////////////////////////
//全局变量
////////////////////////////////////////////////////////////////////////////////
typedef struct ip_hdr
{
unsigned char h_verlen; //4位首部长度,4位IP版本号
unsigned char tos; //8位服务类型TOS
unsigned short total_len; //16位总长度(字节)
unsigned short ident; //16位标识
unsigned short frag_and_flags; //3位标志位
unsigned char ttl; //8位生存时间 TTL
unsigned char proto; //8位协议 (TCP, UDP 或其他)
unsigned short checksum; //16位IP首部校验和
unsigned int sourceIP; //32位源IP地址
unsigned int destIP; //32位目的IP地址
}IP_HEADER;
typedef struct tcp_hdr //定义TCP首部
{
USHORT th_sport; //16位源端口
USHORT th_dport; //16位目的端口
unsigned int th_seq; //32位序列号
unsigned int th_ack; //32位确认号
unsigned char th_lenres; //4位首部长度/6位保留字
unsigned char th_flag; //6位标志位
USHORT th_win; //16位窗口大小
USHORT th_sum; //16位校验和
USHORT th_urp; //16位紧急数据偏移量
}TCP_HEADER;
////////////////////////////////////////////////////////////////////////////////
//函数原形
////////////////////////////////////////////////////////////////////////////////
//void RecvPacket(char *);//抓包函数
void DecoPacket(char *);//解包函数
////////////////////////////////////////////////////////////////////////////////
//主函数
////////////////////////////////////////////////////////////////////////////////
int main()
{
WSADATA WSAData;
char FAR hostname[128] = { 0 };//存放主机名
struct hostent *phe;//存放IP地址结构
char myIP[16] = ;
SOCKET sock;
BOOL flag;
char recvBuffer[65000] = { 0 };//缓冲区存放捕获的数据
SOCKADDR_IN sniff;
if ( WSAStartup(MAKEWORD(2,2) , &WSAData) == 0 )
{
printf( "WSAStartup Error...\n" );
return -1;
}
gethostname( hostname ,128 );//获取本机主机名
phe = gethostbyname( hostname );//获取本机ip地址结构
if( phe == NULL )
{
printf( "Get LocalIP Error...\n" );
return -1;
}
if( phe->h_addr_list[0] )
{
struct in_addr addr;
memmove(&addr , phe->h_addr_list[0] , 4);
//获得标准IP地址
myIP = inet_ntoa(addr);
}
//调试用,注释掉
printf( "test\n" );
printf( "test\t%s\n" , myIP );
//建立socket监听数据包
sock = socket( AF_INET,SOCK_RAW,IPPROTO_IP );
sniff.sin_family = AF_INET;
sniff.sin_port = htons(0);
sniff.sin_addr.s_addr = inet_addr( myIP );
//绑定到本地随机端口
bind(sock,(PSOCKADDR)&sniff,sizeof(sniff));
//设置SOCK_RAW为SIO_RCVALL,以便接收所有的IP包
DWORD dwBufferLen[10] ;
DWORD dwBufferInLen = 1 ;
DWORD dwBytesReturned = 0 ;
WSAIoctl(sock,SIO_RCVALL,&dwBufferInLen,sizeof(dwBufferInLen),&dwBufferLen,sizeof(dwBufferLen),&dwBytesReturned,NULL,NULL);
while(TRUE)
{
memset( recvBuffer , 0 , sizeof(recvBuffer) );
//开始捕获数据包
int bytesRecived = recv( sock , recvBuffer , sizeof(recvBuffer) , 0 );
if(bytesRecived <= 0)
{
continue;
}
DecoPacket( recvBuffer );
}
return 0;
}
void DecoPacket( char *buffer)
{
IP_HEADER *ipHeader;//IP_HEADER型指针
TCP_HEADER *tcpHeader;//TCP_HEADER型指针
in_addr inAddr;
ipHeader = (IP_HEADER *)buffer;
tcpHeader = (TCP_HEADER *) (buffer+sizeof(IP_HEADER));
printf( "协议类型:\t%d\n" , ipHeader->proto );
inAddr.s_addr = ipHeader->sourceIP;
printf( "来源地址:\t%s\n" , inet_ntoa(inAddr) );
inAddr.s_addr = ipHeader->destIP;
printf( "目的地址:\t%s\n" , inet_ntoa(inAddr) );
printf( "来源端口:\t%d\n" , ntohs(tcpHeader->th_sport) );
printf( "目的端口:\t%d\n\n" , ntohs(tcpHeader->th_dport) );
}
阅读(722) | 评论(0) | 转发(0) |
