Обычным примитивным сниффером это делается. И ничего "хукать" не надо. Сидишь и слушаешь что тебе валится. Из всего этого добра выгребаешь то что тебе надо.
У меня как раз такой рояль в кустах, вернее на диске оказался... гы, вчера архивы свои разгребал.
test.cpp
#include <stdio.h>
#include <Winsock2.h>
#include "IP.h"
#define SIO_RCVALL 0x98000001
void InitSocket();
void main()
{
CIP ip;
ip.SetTypeOfService( CIP_PRECEDENCE_FLASH,
CIP_DELAY_LOW,
CIP_THROUGHPUT_NORMAL,
CIP_RELIABILITY_NORMAL );
InitSocket();
SOCKET sock;
sock = socket( AF_INET, SOCK_RAW, IPPROTO_RAW );
//sock = socket( AF_INET, SOCK_RAW, 0 );
if( sock == INVALID_SOCKET )
{
printf( "socket error: %ld\n", GetLastError() );
}
struct sockaddr_in addr;
addr.sin_family = AF_INET;
addr.sin_addr.s_addr = inet_addr( "172.27.4.22" );
//addr.sin_addr.s_addr = INADDR_ANY;
//addr.sin_addr.s_addr = inet_addr( "0.0.0.0" );
if( bind( sock, (struct sockaddr*)&addr, sizeof(struct sockaddr_in) ) == SOCKET_ERROR )
{
printf( "bind error: %ld\n", GetLastError() );
return;
}
unsigned long flag = 1;
ioctlsocket(sock, SIO_RCVALL, &flag);
while(1)
{
char buffer[2048];
int qn = recv( sock, buffer, 2048, 0 );
if( qn >=20 )
{
printf( "%ld.", (unsigned char)buffer[12] );
printf( "%ld.", (unsigned char)buffer[13] );
printf( "%ld.", (unsigned char)buffer[14] );
printf( "%ld ->", (unsigned char)buffer[15] );
printf( "% ld.", (unsigned char)buffer[16] );
printf( "%ld.", (unsigned char)buffer[17] );
printf( "%ld.", (unsigned char)buffer[18] );
printf( "%ld", (unsigned char)buffer[19] );
}
for( int i = 0; i < qn; i++ )
{
if( (i % 4) == 0 )
printf( "\n" );
printf( "%.2X ", (unsigned char)buffer[i] );
}
printf( "\n-------\n" );
}
}
void InitSocket()
{
WORD wVersionRequested;
WSADATA wsaData;
int err;
wVersionRequested = MAKEWORD( 2, 2 );
err = WSAStartup( wVersionRequested, &wsaData );
if ( err != 0 )
{
printf( "Error: WSAStartup faild with code %ld\n", err );
return;
}
}
---
ip.cpp
#include "ip.h"
#include <string.h>
#include <stdlib.h>
CIP::CIP()
{
m_length_calculated = true;
m_checksum_calculated = true;
m_flags_fragment_offset = 0;
}
CIP::CIP( const char* blob, int len )
{
}
CIP::~CIP()
{
}
void CIP::SetVersion( unsigned char version )
{
version = version << 4;
version = version & 0xf0;
m_version_IHL = m_version_IHL & 0x0f;
m_version_IHL = m_version_IHL | version;
}
void CIP::SetIHL( unsigned char ihl )
{
ihl = ihl & 0x0f;
m_version_IHL = m_version_IHL & 0xf0;
m_version_IHL = m_version_IHL | ihl;
}
void CIP::SetTypeOfService( unsigned char typeOfService )
{
m_type_of_service = typeOfService;
}
void CIP::SetTypeOfService( unsigned char precedence, unsigned char delay,
unsigned char throughput, unsigned char reliability )
{
SetTypeOfServiceP( precedence );
SetTypeOfServiceD( delay );
SetTypeOfServiceT( throughput );
SetTypeOfServiceR( reliability );
}
void CIP::SetTypeOfServiceP( unsigned char precedence )
{
precedence = precedence << 5;
precedence = precedence & 0xE0;
m_type_of_service = m_type_of_service & 0x1C;
m_type_of_service = m_type_of_service | precedence;
}
void CIP::SetTypeOfServiceD( unsigned char delay )
{
delay = delay & 1;
delay = delay << 4;
m_type_of_service = m_type_of_service & 0xEC;
m_type_of_service = m_type_of_service | delay;
}
void CIP::SetTypeOfServiceT( unsigned char throughput )
{
throughput = throughput & 1;
throughput = throughput << 3;
m_type_of_service = m_type_of_service & 0xF4;
m_type_of_service = m_type_of_service | throughput;
}
void CIP::SetTypeOfServiceR( unsigned char reliability )
{
reliability = reliability & 1;
reliability = reliability << 2;
m_type_of_service = m_type_of_service & 0xF8;
m_type_of_service = m_type_of_service | reliability;
}
unsigned char CIP::GetTypeOfService( )
{
return m_type_of_service;
}
void CIP::SetLength( unsigned short length )
{
m_total_length = length;
m_length_calculated = false;
}
void CIP::UnsetLength()
{
m_length_calculated = true;
}
void CIP::SetIndentification( unsigned short id )
{
m_indentification = id;
}
unsigned short CIP::GetIndentification( )
{
return m_indentification;
}
void CIP::SetFlag( unsigned char f1, unsigned char f2, unsigned char f3 )
{
SetFlag0( f1 );
SetFlag1( f2 );
SetFlag2( f3 );
}
void CIP::SetFlag0( unsigned char flag )
{
unsigned short tmp = 0;
flag = flag & 0x1;
tmp = flag;
tmp = tmp << 15;
m_flags_fragment_offset = m_flags_fragment_offset & 0x7FFF;
m_flags_fragment_offset = m_flags_fragment_offset | tmp;
}
void CIP::SetFlag1( unsigned char flag )
{
unsigned short tmp = 0;
flag = flag & 0x1;
tmp = flag;
tmp = tmp << 14;
m_flags_fragment_offset = m_flags_fragment_offset & 0xBFFF;
m_flags_fragment_offset = m_flags_fragment_offset | tmp;
}
void CIP::SetFlag2( unsigned char flag )
{
unsigned short tmp = 0;
flag = flag & 0x1;
tmp = flag;
tmp = tmp << 13;
m_flags_fragment_offset = m_flags_fragment_offset & 0xDFFF;
m_flags_fragment_offset = m_flags_fragment_offset | tmp;
}
void CIP::SetOffset( unsigned short offset )
{
offset = offset & 0x1FFF;
m_flags_fragment_offset = m_flags_fragment_offset & 0xE000;
m_flags_fragment_offset = m_flags_fragment_offset | offset;
}
void CIP::SetTTL( unsigned char ttl )
{
m_time_to_live = ttl;
}
unsigned char CIP::GetTTL( )
{
return m_time_to_live;
}
void CIP::SetProtocol( unsigned char protocol )
{
m_protocol = protocol;
}
unsigned char CIP::GetProtocol( )
{
return m_protocol;
}
void CIP::SetCheckSum( unsigned short checksum )
{
m_header_checksum = checksum;
m_checksum_calculated = false;
}
void CIP::UnsetCheckSum()
{
m_checksum_calculated = true;
}
void CIP::SetSoureAddress( unsigned long source )
{
m_source_address = source;
}
bool CIP::SetSoureAddress( unsigned char* srcStr )
{
return StrIPToLong( srcStr, m_source_address );
}
void CIP::GetSoureAddress( unsigned long& sa )
{
sa = m_source_address;
}
int CIP::GetSoureAddress( unsigned char* ptr, int size )
{
return 0;
}
void CIP::SetDestAddress( unsigned long dest )
{
m_dest_address = dest;
}
bool CIP::SetDestAddress( unsigned char* destStr )
{
return StrIPToLong( destStr, m_dest_address );
}
void CIP::GetDestAddress( unsigned long& da )
{
da = m_dest_address;
}
int CIP::GetDestAddress( unsigned char* ptr, int size )
{
return 0;
}
void CIP::SetOptions( std::vector<Option> options )
{
m_option = options;
}
void CIP::Option::SetType( unsigned char type )
{
m_type = type;
}
void CIP::Option::SetLength( unsigned char length )
{
m_length = length;
}
void CIP::Option::SetBody( std::vector<unsigned char> body )
{
m_body = body;
}
//////////////////////////////////////////////////////////////////////
bool CIP::StrIPToLong( unsigned char* srcStr, unsigned long& retVal )
{
long tmpRetVal;
unsigned char* pRetVal = (unsigned char*)&tmpRetVal;
int srcLen = strlen( (char*)srcStr );
if( srcLen < 7|srcLen > 15 )
return false;
unsigned char* oldPtr = srcStr;
int indx;
for( indx = 0; indx < 4; indx++ )
{
unsigned char* ptr;
if( *oldPtr == '.'|*oldPtr == 0x0 )
return false;
if( indx == 3 )
{
ptr = oldPtr + strlen( (char*)oldPtr );
}
else
{
ptr = (unsigned char*)strstr( (char*)oldPtr, (char*)"." );
if( ptr == NULL )
return false;
}
unsigned char* tmpStr = new unsigned char[ ptr - oldPtr + 1 ];
memset( tmpStr, 0, ptr - oldPtr + 1 );
memcpy( tmpStr, oldPtr, ptr - oldPtr );
pRetVal[indx] = (unsigned char)atol( (char*)tmpStr );
delete[] tmpStr;
oldPtr = ptr + 1;
}// for(indx)
retVal = tmpRetVal;
return true;
}
---
ip.h
#ifndef_IPH_#define_IPH_
#include <vector>
#define CIP_PRECEDENCE_NETWORK_CONTROL 0x7
#define CIP_PRECEDENCE_INTERNETWORK_CONTROL 0x6
#define CIP_PRECEDENCE_CRITIC 0x5
#define CIP_PRECEDENCE_FLASH_OVERRIDE 0x4
#define CIP_PRECEDENCE_FLASH 0x3
#define CIP_PRECEDENCE_IMMEDIATE 0x2
#define CIP_PRECEDENCE_PRIORITY 0x1
#define CIP_PRECEDENCE_ROUTINE 0x0
#define CIP_DELAY_NORMAL 0x0
#define CIP_DELAY_LOW 0x1
#define CIP_THROUGHPUT_NORMAL 0x0
#define CIP_THROUGHPUT_HIGH 0x1
#define CIP_RELIABILITY_NORMAL 0x0
#define CIP_RELIABILITY_HIGH 0x1
#define CIP_FLAG1_MAY_FRAGMENT 0x0
#define CIP_FLAG1_DONT_FRAGMENT 0x1
#define CIP_FLAG2_LAST_FRAGMENT 0x0
#define CIP_FLAG2_MORE_FRAGMENTS 0x1
#define CIP_PROTOCOL_RESERVED 0
#define CIP_PROTOCOL_ICMP 1
#define CIP_PROTOCOL_GATEWAY_TO_GATEWAY 3
#define CIP_PROTOCOL_CMCC_GATEWAY_MONITORING_MESSAGE 4
#define CIP_PROTOCOL_ST 5
#define CIP_PROTOCOL_TCP 6
#define CIP_PROTOCOL_UCL 7
#define CIP_PROTOCOL_SECURE 9
#define CIP_PROTOCOL_BBN_RCC_MONITORING 10
#define CIP_PROTOCOL_NVP 11
#define CIP_PROTOCOL_PUP 12
#define CIP_PROTOCOL_PLURIBUS 13
#define CIP_PROTOCOL_TELENET 14
#define CIP_PROTOCOL_XNET 15
#define CIP_PROTOCOL_CHAOS 16
#define CIP_PROTOCOL_USER_DATAGRAM 17
#define CIP_PROTOCOL_MULTIPLEXING 18
#define CIP_PROTOCOL_DCN 19
#define CIP_PROTOCOL_TAC_MONITORING 20
#define CIP_PROTOCOL_ANY_LOCAL_NETWORK 63
#define CIP_PROTOCOL_SATNET_AND_BACKROOM_EXPAK 64
#define CIP_PROTOCOL_MIT_SUBNET_SUPPORT 65
#define CIP_PROTOCOL_SATNET_MONITORING 69
#define CIP_PROTOCOL_INTERNET_PACKET_CORE_UTILITY 71
#define CIP_PROTOCOL_BACKROOM_SATNET_MONITORING 76
#define CIP_PROTOCOL_WIDEBAND_MONITORING 78
#define CIP_PROTOCOL_WIDEBAND_EXPAK 79
class CIP
{
public:
CIP();
CIP( const char*, int );
~CIP();
void SetSoureAddress( unsigned long );
bool SetSoureAddress( unsigned char* );
void GetSoureAddress( unsigned long& );
int GetSoureAddress( unsigned char*, int size );
void SetDestAddress( unsigned long );
bool SetDestAddress( unsigned char* );
void GetDestAddress( unsigned long& );
int GetDestAddress( unsigned char*, int size );
void SetVersion( unsigned char );
void SetIHL( unsigned char );
void SetTypeOfService( unsigned char );
void SetTypeOfService( unsigned char precedence, unsigned char delay,
unsigned char throughput, unsigned char reliability );
void SetTypeOfServiceP( unsigned char );
void SetTypeOfServiceD( unsigned char );
void SetTypeOfServiceT( unsigned char );
void SetTypeOfServiceR( unsigned char );
unsigned char GetTypeOfService( );
void SetLength( unsigned short );
void UnsetLength(); // make calculated
void SetIndentification( unsigned short );
unsigned short GetIndentification( );
void SetFlag( unsigned char, unsigned char, unsigned char );
void SetFlag0( unsigned char );
void SetFlag1( unsigned char );
void SetFlag2( unsigned char );
void SetOffset( unsigned short );
void SetTTL( unsigned char );
unsigned char GetTTL( );
void SetProtocol( unsigned char );
unsigned char GetProtocol( );
void SetCheckSum( unsigned short );
void UnsetCheckSum();
class Option
{
public:
Option(){};
~Option(){};
void SetType( unsigned char );
void SetLength( unsigned char );
void SetBody( std::vector<unsigned char> );
protected:
unsigned char m_type;
unsigned char m_length;
std::vector<unsigned char> m_body;
};
void SetOptions( std::vector<Option> );
protected:
unsigned char m_version_IHL;
unsigned char m_type_of_service;
unsigned short m_total_length;
unsigned short m_indentification;
unsigned short m_flags_fragment_offset;
unsigned char m_time_to_live;
unsigned char m_protocol;
unsigned short m_header_checksum;
unsigned long m_source_address;
unsigned long m_dest_address;
std::vector<Option> m_option;
unsigned char m_padding;
bool m_length_calculated;
bool m_checksum_calculated;
protected:
bool StrIPToLong( unsigned char*, unsigned long& );
};
#endif
---
|
подробно о проекте
Анализ криптографических сетевых...
новое сообщение
закрытая нитка
новое сообщение
в закрытой нитке
старое сообщение
