Chinaunix首页 | 论坛 | 博客

Water Center

首页 |  博文目录 |  关于我

d1m3r

  • 博客访问: 218446
  • 博文数量: 40
  • 博客积分: 316
  • 博客等级: 二等列兵
  • 技术积分: 840
  • 用 户 组: 普通用户
  • 注册时间: 2012-03-13 12:39
文章分类

全部博文(40)

文章存档

2014年(2)

2013年(28)

2012年(10)

我的朋友
最近访客
推荐博文
相关博文
过滤gsm的c

分类: C/C++

2013-11-11 15:20:19


点击(此处)折叠或打开

  1. #include <stdio.h>
  2. #include <stdlib.h>
  3. #include <sys/socket.h>
  4. #include <sys/types.h>
  5. #include <errno.h>
  6. #include <string.h>
  7. #include <sys/ioctl.h>
  8. #include <linux/if_ether.h>
  9. #include <linux/in.h>
  10. #include <net/if.h>
  11. #include <linux/filter.h>

  13. char buf[2048];
  14. //char result[]={0x09,0x01,0x3f,0x01,0x01,0x08,0x91,0x68,0x31,0x08,0x10,0x00,0x85,0xf8,0x00,0x32,0x24,0x0d,0x91,0x68,0x81,0x16,0x52,0x79,0x16,0xf2,0x00,0x08,0x31,0x11,0x60,0x71,0x83,0x21,0x23,0x1e,0x62,0x11,0x53,0xbb,0x96,0xcd,0x54,0x8c,0x5b,0xab,0xff,0x0c,0x4f,0x60,0x89,0x81,0x66,0x2f,0x57,0x50,0x57,0x30,0x94,0xc1,0x54,0x4a,0x8b,0xc9,0x62,0x11};
  15. char result[2048];
  16. char Two_2_3[]={};

  18. int d_deal(int num)
  19. {
  20.     int di=0;
  21.     int m = 0;
  22.     int m_len = 0;
  23.     int dst_len = 0;
  24.     printf("T_src:");
  25.     for ( di=7;di<=13;di++)
  26.     {
  27.         printf("%02x",((result[di] << 4 ) & 0xf0) | ((result[di] >> 4) & 0xf)); // change the positon of result[7] 68=>86
  28.     }
  29.     printf("\t");
  30.     m_len=(int)((result[17]+1)/2);
  31.     printf("T_dst:");
  32.     dst_len=19+m_len;
  33.     for (di=19; di < dst_len; di++)
  34.     {
  35.         printf("%02x",((result[di] << 4 ) & 0xf0) | ((result[di] >> 4) & 0xf)); // change the positon of result[7] 68=>86
  36.     }
  37.     printf("\ttext:");
  38.     for (di=dst_len + 10; di < num; di+=2)
  39.     {
  40.         if(result[di] == 0x00)
  41.         {
  42.             Two_2_3[m] = result[di+1];
  43.             m++;
  44.         }
  45.         else
  46.         {
  47.         Two_2_3[m]=(0xe0 | (result[di] & 0xf0) >> 4);
  48.         Two_2_3[m+1] = (0x80 | (result[di] & 0x0f) << 2 | (result[di+1] & 0xc0) >> 6);
  49.         Two_2_3[m+2] = (0x80 | result[di+1] & 0x3f);
  50.         m+=3;
  51.         }
  52.     }
  53.     printf("%s\n",Two_2_3);

  55. }


  58. int main(int argc,char **argv)
  59. {
  60.     int sock,n,i;
  61.     int j = 0;
  62.     int m = 0;
  63.     int tal_num = 0;
  64.     int d_len =0;
  65.     unsigned char *iphead,*ethhead;
  66.     struct ifreq ethreq;
  67. //    struct sigaction sighandle;

  69.     if ((sock = socket(PF_PACKET,SOCK_RAW,htons(ETH_P_IP))) < 0)
  70.     {
  71.         perror("socket failed");
  72.         exit(1);
  73.     }


  76.     /*set promiscuos mode*/
  77.     strncpy(ethreq.ifr_name, "wlp6s0", IFNAMSIZ);
  78.     if (ioctl(sock,SIOCGIFFLAGS,&ethreq) == -1)
  79.     {
  80.         perror("ioctl failed");
  81.         close(sock);
  82.         exit(1);
  83.     }
  84.     ethreq.ifr_flags |= IFF_PROMISC;
  85.     if (ioctl(sock,SIOCSIFFLAGS,&ethreq) == -1)
  86.     {
  87.         perror("ioctl failed");
  88.         close(sock);
  89.         exit(1);
  90.     }
  91.     
  92.     struct sock_filter bpf_code[] = {
  93.         { 0x28, 0, 0, 0x0000000c },
  94.         { 0x15, 0, 4, 0x000086dd },
  95.         { 0x30, 0, 0, 0x00000014 },
  96.         { 0x15, 0, 11, 0x00000011 },
  97.         { 0x28, 0, 0, 0x00000038 },
  98.         { 0x15, 8, 9, 0x00000035 },
  99.         { 0x15, 0, 8, 0x00000800 },
  100.         { 0x30, 0, 0, 0x00000017 },
  101.         { 0x15, 0, 6, 0x00000011 },
  102.         { 0x28, 0, 0, 0x00000014 },
  103.         { 0x45, 4, 0, 0x00001fff },
  104.         { 0xb1, 0, 0, 0x0000000e },
  105.         { 0x48, 0, 0, 0x00000010 },
  106.         { 0x15, 0, 1, 0x00000035 },
  107.         { 0x6, 0, 0, 0x00000051 },
  108.         { 0x6, 0, 0, 0x00000000 },
  109.     };
  110.     struct sock_fprog filter;
  111.     filter.len = sizeof(bpf_code)/sizeof(bpf_code[0]);
  112.     filter.filter = bpf_code;

  114.     //sighandle.sa_flags = 0;
  115.     //sighandle.sa_handler = sig_handler;
  116. //    sigemptyset(&sighandle.sa_mask);

  118. //    sigaction(SIGTERM,&sighandle,NULL);
  119. //    sigaction(SIGINT,&sighandle,NULL);
  120. //    sigaction(SIGQUIT,&sighandle,NULL);


  123.     if (setsockopt(sock, SOL_SOCKET, SO_ATTACH_FILTER, &filter, sizeof(filter)) < 0)
  124.     {
  125.         perror("setsockopt failed");
  126.         close(sock);
  127.         exit(1);
  128.     }
  129.     
  130.     while (1)
  131.     {
  132.         int is_last = 0;
  133.         n = recvfrom(sock, buf, sizeof(buf), 0, NULL, NULL);
  134.         if (n < (14 + 20 + 8))
  135.         {
  136.             printf("invalid packet\n");
  137.             continue;
  138.         }
  139.         printf("%d bytes recieved\n",n);
  140.         ethhead = buf;
  141.     //    printf("dst port: %02x%02x\n",ethhead[36],ethhead[37]);
  142.     //    printf("channel type: %02x\n",ethhead[54]);
  143.     //    if ( 0xf == 15 ) printf("find ok\n%02x\n", (0x03 >> 4) | (0x03 << 4));
  144.         if (ethhead[54] == 0x08 && (ethhead[59] & 0x1) == 0x0 ) //the last bit of 59 byte decide if frame
  145.         {
  146.             d_len = (ethhead[60] & 0x2)?20:(is_last++,((ethhead[60] >> 2) & 0x3f));
  147.             tal_num+=d_len;
  148.             for (j=1; j <= d_len; m++,j++)//read len data
  149.             {
  150.                 result[m]=ethhead[60+j];
  151.             }
  152.             if (is_last) {m = 0;d_deal(tal_num);tal_num = 0;}
  153.         }
  154.     }
  155. }

bpf过滤的是upd 53 的流量,  gsm请过滤udp 4729 进行替换。 tcpdump udp and dst port 4729 -s 81 -dd
注:   wireshark中的信息部分,是2字节表示一个汉字,但是c语言中3个字节表示一个汉字。
1110 xxxx  10xxxxxx 10xxxxxx  ,  左边的16个x表示 wireshark中的2个字节。
阅读(2753) | 评论(0) | 转发(0) |
0

上一篇:php危险函数

下一篇:ubuntu 12.04 32位封装64位的iso。

给主人留下些什么吧!~~
关于我们 | 关于IT168 | 联系方式 | 广告合作 | 法律声明 | 免费注册

Copyright 2001-2010 ChinaUnix.net All Rights Reserved 北京皓辰网域网络信息技术有限公司. 版权所有

感谢所有关心和支持过ChinaUnix的朋友们

16024965号-6