winpcap发送的tcp包
源程序:
#include <iostream.h>
#include <Winsock2.h>
#include <conio.h>
#include <pcap.h>
#include <iomanip.h>
#define LIMITETHREAD 100
#include "ntddndis.h"
#include <Packet32.h>
#define SEQ 0x28376839
#pragma comment(lib,"ws2_32.lib")
#pragma comment(lib,"packet.lib")
#pragma pack(push,1)
struct DLCHEADER
{
unsigned char desMac[6];
unsigned char scrMac[6];
unsigned short Ethertype;
};
typedef struct ip_hdr
{
unsigned char h_verlen; //4位首部长度,4位IP版本号
unsigned char tos; //8位服务类型TOS
unsigned short total_len; //16位总长度(字节)
unsigned short ident; //16位标识
unsigned short frag_and_flags; //3位标志位
unsigned char ttl; //8位生存时间 TTL
unsigned char proto; //8位协议 (TCP, UDP 或其他)
unsigned short checksum; //16位IP首部校验和
unsigned int sourceIP; //32位源IP地址
unsigned int destIP; //32位目的IP地址
}IP_HEADER;
typedef struct tcp_hdr //定义TCP首部
{
USHORT th_sport; //16位源端口
USHORT th_dport; //16位目的端口
unsigned int th_seq; //32位序列号
unsigned int th_ack; //32位确认号
unsigned char th_lenres; //4位首部长度/6位保留字
unsigned char th_flag; //6位标志位
USHORT th_win; //16位窗口大小
USHORT th_sum; //16位校验和
USHORT th_urp; //16位紧急数据偏移量
}TCP_HEADER;
typedef struct tsd_hdr //定义TCP伪首部
{
unsigned long saddr; //源地址
unsigned long daddr; //目的地址
char mbz;
char ptcl; //协议类型
unsigned short tcpl; //TCP长度
}PSD_HEADER;
//计算检验和函数
USHORT checksum(USHORT *buffer, int size)
{
unsigned long cksum=0;
while(size >1)
{
cksum += *buffer++;
size -= sizeof(USHORT);
}
if(size)
{
cksum += *(UCHAR*)buffer;
}
cksum = (cksum >> 16) + (cksum & 0xffff);
cksum += (cksum >> 16);
return (USHORT)(~cksum);
}
unsigned long lSource_ip;
unsigned long lTarget_ip;
long countThread;
long* aa=&countThread;
char scrIp[20];
char packet_filter[] = "ip and tcp";
pcap_t *adhandle;
pcap_if_t *alldevs;
pcap_if_t *d;
DWORD WINAPI rev_packet(LPVOID pParam);
void packet_handler(u_char *param, const struct pcap_pkthdr *header, const u_char *pkt_data);
void main()
{
char errbuf[PCAP_ERRBUF_SIZE];
//获得网卡列表
if (pcap_findalldevs(&alldevs,errbuf)==-1)
{
cout<<"Error in pcap_findalldevs"<<errbuf;
return;
}
for (d=alldevs;d;d=d->next)
{
cout<<d->description<<endl;
if ((adhandle=pcap_open_live(d->name,1000,1,300,errbuf))==NULL)
{
cout<<"Unable to open the adapter!"<<endl;
pcap_freealldevs(alldevs);
return;
}
if (pcap_datalink(adhandle)==DLT_EN10MB&&d->addresses!=NULL)
{
break;
}
if (d==NULL)
{
cout<<"NO interface found"<<endl;
return;
}
}
char hostname[128];
struct hostent *phe;
char scrIp[20];
DLCHEADER dlcHeader;
memset(hostname,0,128);
memset(scrIp,0,20);
gethostname(hostname,128);
phe=gethostbyname(hostname);
strcpy(scrIp,inet_ntoa(*((struct in_addr *)phe->h_addr_list[0])));
//测试本机IP地址用,注释
//cout<<scrIp;
lSource_ip=inet_addr(scrIp);
lTarget_ip=inet_addr(scrIp);
countThread=0;
IP_HEADER ipHeader;
TCP_HEADER tcpHeader;
PSD_HEADER psdHeader;
CreateThread(NULL,0,rev_packet,NULL,0,NULL);
char szSendBuf[1024];
memset(szSendBuf,0,1024);
//填充以太头
for (int k=0;k<6;k++)
{
// dlcHeader.desMac[k]=0xff;
// dlcHeader.scrMac[k]=0x32;
}
//00-0D-87-34-69-50
dlcHeader.desMac[0]=0x00;
dlcHeader.desMac[1]=0x0d;
dlcHeader.desMac[2]=0x87;
dlcHeader.desMac[3]=0x34;
dlcHeader.desMac[4]=0x69;
dlcHeader.desMac[5]=0x50;
dlcHeader.scrMac[0]=0x00;
dlcHeader.scrMac[1]=0x0d;
dlcHeader.scrMac[2]=0x87;
dlcHeader.scrMac[3]=0x34;
dlcHeader.scrMac[4]=0x69;
dlcHeader.scrMac[5]=0x50;
dlcHeader.Ethertype=htons(0x0800);
for (int i=0;i<1024;i++)
{
//填充IP头部
ipHeader.h_verlen = (4<<4 | sizeof(ipHeader)/sizeof(unsigned long));
ipHeader.total_len = htons(sizeof(ipHeader)+sizeof(tcpHeader));
ipHeader.ident = 1;
ipHeader.frag_and_flags = 0x40;
ipHeader.ttl = 128;
ipHeader.proto = IPPROTO_TCP;
ipHeader.checksum = 0;
ipHeader.sourceIP = lSource_ip;//源IP
ipHeader.destIP = lTarget_ip;//目的IP
//填充TCP头部
tcpHeader.th_dport = htons(i);//目的端口
tcpHeader.th_sport = htons(23); //源端口
tcpHeader.th_seq = SEQ;
tcpHeader.th_ack = 0;
tcpHeader.th_lenres = (sizeof(tcpHeader)/4<<4|0);
tcpHeader.th_flag = 2;//syn标志位。
tcpHeader.th_win = htons(512);
tcpHeader.th_urp = 0;
tcpHeader.th_sum = 0;
//填充tcp伪首部
psdHeader.saddr = ipHeader.sourceIP;
psdHeader.daddr = ipHeader.destIP;
psdHeader.mbz = 0;
psdHeader.ptcl = IPPROTO_TCP;
psdHeader.tcpl = htons(sizeof(tcpHeader));
//计算TCP校验和
memcpy(szSendBuf, &psdHeader, sizeof(psdHeader));
memcpy(szSendBuf + sizeof(psdHeader), &tcpHeader, sizeof(tcpHeader));
tcpHeader.th_sum = checksum((USHORT *)szSendBuf, sizeof(psdHeader) + sizeof(tcpHeader));
//计算IP检验和
memcpy(szSendBuf, &ipHeader, sizeof(ipHeader));
memcpy(szSendBuf + sizeof(ipHeader), &tcpHeader, sizeof(tcpHeader));
memset(szSendBuf + sizeof(ipHeader) + sizeof(tcpHeader), 0, 4);
ipHeader.checksum = checksum((USHORT *)szSendBuf, sizeof(ipHeader) + sizeof(tcpHeader));
//将要发送的字段放入数组
memcpy(szSendBuf,&dlcHeader,sizeof(dlcHeader));
memcpy(szSendBuf+sizeof(dlcHeader), &ipHeader, sizeof(ipHeader));
memcpy(szSendBuf + sizeof(ipHeader)+sizeof(dlcHeader), &tcpHeader, sizeof(tcpHeader));
if (pcap_sendpacket(adhandle,(unsigned char*)szSendBuf,sizeof(dlcHeader)+sizeof(ipHeader)+sizeof(tcpHeader))!=0)
{
cout<<"Error in sending packet!"<<endl;
}
}
int l;
cin>>l;
}
void packet_handler(const struct pcap_pkthdr *header, const u_char *pkt_data)
{
IP_HEADER* ip;
TCP_HEADER* tcp;
ip=(IP_HEADER *)(pkt_data+14);
tcp=(TCP_HEADER*)(pkt_data+14+sizeof(IP_HEADER));
if (ntohl(tcp->th_ack)==SEQ+1&&ntohl(tcp->th_seq)==SEQ)
{
if (ip->destIP==lSource_ip&&tcp->th_flag==18)
{
struct sockaddr_in ina;
ina.sin_addr.s_addr=ip->destIP;
cout<<inet_ntoa(ina.sin_addr)<<" ";
cout<<ntohs(tcp->th_sport)<<endl;
}
}
}
DWORD WINAPI rev_packet(LPVOID pParam)
{
InterlockedIncrement(aa);
struct bpf_program fcode;
const u_char *pkt_data;
struct pcap_pkthdr *header;
unsigned int netmask=((struct sockaddr_in *)(d->addresses->netmask))->sin_addr.S_un.S_addr;
//编译过滤器
if (pcap_compile(adhandle, &fcode, packet_filter, 1, netmask) <0 )
{
cout<<"compile the filter error"<<endl;
pcap_freealldevs(alldevs);
return 0;
}
//设置过滤器
if (pcap_setfilter(adhandle, &fcode)<0)
{
cout<<"setfilter error!"<<endl;
pcap_freealldevs(alldevs);
return 0 ;
}
cout<<"listening on "<<d->description<<endl;
/* At this point, we don't need any more the device list. Free it */
// pcap_freealldevs(alldevs);
//开始抓包
int res;
while ((res=pcap_next_ex(adhandle, &header, &pkt_data))>=0)
{
packet_handler(header,pkt_data);
}
InterlockedDecrement(aa);
return 0;
}
[8327 byte] By [xufangbisheng] at [2008-1-9] 