包已經(jīng)發(fā)出,但是偽造IP,無法實(shí)現(xiàn)3次握手,在服務(wù)器端,包將被丟棄。繼續(xù)研究。
//?stdafx.h?:?標(biāo)準(zhǔn)系統(tǒng)包含文件的包含文件,
//?或是經(jīng)常使用但不常更改的
//?特定于項(xiàng)目的包含文件
//
#pragma?once
#include?"targetver.h"
#include?<stdio.h>
#include?<tchar.h>
#include?<iostream>?
using?namespace?std;
typedef?unsigned?short?USHORT;
typedef?unsigned?char?UCHAR;
#define?URG?0x20?
#define?ACK?0x10?
#define?PSH?0x08?
#define?RST?0x04?
#define?SYN?0x02?
#define?FIN?0x01?
typedef?struct?ip_hdr?//定義IP首部?
{?
????unsigned?char?h_verlen;?//4位首部長度,4位IP版本號(hào)?
????unsigned?char?tos;?//8位服務(wù)類型TOS?
????unsigned?short?total_len;?//16位總長度(字節(jié))?
????unsigned?short?ident;?//16位標(biāo)識(shí)?
????unsigned?short?frag_and_flags;?//3位標(biāo)志位?
????unsigned?char?ttl;?//8位生存時(shí)間?TTL?
????unsigned?char?proto;?//8位協(xié)議?(TCP,?UDP?或其他)?
????unsigned?short?checksum;?//16位IP首部校驗(yàn)和?
????unsigned?int?sourceIP;?//32位源IP地址?
????unsigned?int?destIP;?//32位目的IP地址?
}IPHEADER;?
typedef?struct?tsd_hdr?//定義TCP偽首部?
{?
????unsigned?long?saddr;?//源地址?
????unsigned?long?daddr;?//目的地址?
????char?mbz;?
????char?ptcl;?//協(xié)議類型?
????unsigned?short?tcpl;?//TCP長度?
}PSDHEADER;?
typedef?struct?tcp_hdr?//定義TCP首部?
{?
????USHORT?th_sport;?//16位源端口?
????USHORT?th_dport;?//16位目的端口?
????unsigned?int?th_seq;?//32位序列號(hào)?
????unsigned?int?th_ack;?//32位確認(rèn)號(hào)?
????unsigned?char?th_lenres;?//4位首部長度/6位保留字?
????unsigned?char?th_flag;?//6位標(biāo)志位?
????USHORT?th_win;?//16位窗口大小?
????USHORT?th_sum;?//16位校驗(yàn)和?
????USHORT?th_urp;?//16位緊急數(shù)據(jù)偏移量?
}TCPHEADER;?
//?TODO:?在此處引用程序需要的其他頭文件
#include?"StdAfx.h"
#include?"HttpWeb.h"
#include?<winsock2.h>?
#include?<ws2tcpip.h>?
#pragma?comment(lib,"ws2_32.lib")??
#define?winsock_version?0x0101
//CheckSum:計(jì)算校驗(yàn)和的子函數(shù)?
USHORT?HttpWeb::checksum(USHORT?*buffer,?int?size)?
{?
????unsigned?long?cksum=0;?
????while(size?>1)?
????{?
????????cksum?+=?*buffer++;?
????????size?-=?sizeof(USHORT);?
????}?
????if(size)?
????{?
????????cksum?+=?*(UCHAR*)buffer;?
????}?
????cksum?=?(cksum?>>?16)?+?(cksum?&?0xffff);?
????cksum?+=?(cksum?>>16);?
????return?(USHORT)(~cksum);?
};
HttpWeb::HttpWeb(void)
{
}
HttpWeb::~HttpWeb(void)
{
}
void?UseAge()
{
????printf("********************************************************************\n");?
????printf("Vote?For?yeshj\n");?
????printf("\t?Written?by?yurow\n");?
????printf("\t?Email:?yurow@163.com\n");?
????printf("\t?Blog:?birdshover.cnblogs.com\n");?
????printf("Useage:?sniffer?ip?to?vote\n");?
????printf("********************************************************************\n");?
}
bool?HttpWeb::Post(char?host[],?char?path[],?char?parms[],int?port)
{
????UseAge();
????WSADATA?WSAData;?
????SOCKET?sock;
????SOCKADDR_IN?addr_in;?
????IPHEADER?ipHeader;?
????TCPHEADER?tcpHeader;?
????PSDHEADER?psdHeader;?
????char?szSendBuf[4000]?=?{0};?
????BOOL?flag;
????int?rect,nTimeOver;?
????if?(WSAStartup(MAKEWORD(2,2),?&WSAData)!=0)?
????{
????????printf("WSAStartup?Error!\n");?
????????return?false;?
????}
????if?((sock?=?WSASocket(AF_INET,SOCK_RAW,IPPROTO_RAW,NULL,0,WSA_FLAG_OVERLAPPED))?==?INVALID_SOCKET)?
????{
????????printf("Socket?Setup?Error!\n");?
????????return?false;?
????}
????flag=true;?
????if?(setsockopt(sock,IPPROTO_IP,?IP_HDRINCL,(char?*)&flag,sizeof(flag))?==?SOCKET_ERROR)?
????{?
????????printf("setsockopt?IP_HDRINCL?error!\n");?
????????return?false;?
????}?
????nTimeOver=1000;?
????if?(setsockopt(sock,?SOL_SOCKET,?SO_SNDTIMEO,?(char*)&nTimeOver,?sizeof(nTimeOver))?==?SOCKET_ERROR)?
????{?
????????printf("setsockopt?SO_SNDTIMEO?error!\n");?
????????return?false;?
????}?
????char?requestString[4000]?=?{0};
????if(strlen(parms)?>?0)
????????strcat(requestString,"POST?");
????else
????????strcat(requestString,"GET?");
????strcat(requestString,path);
????strcat(requestString,"?HTTP/1.1\r\n");
????strcat(requestString,"Host:?");
????strcat(requestString,host);
????strcat(requestString,"\r\nAccept:?*/*\r\n");
????strcat(requestString,"Accept-Language:?zh-cn\r\n");
????strcat(requestString,"User-Agent:?Mozilla/4.0?(compatible;?MSIE?7.0;?Windows?NT?5.2;?Trident/4.0;)\r\n");
????strcat(requestString,"Accept-Encoding:?gzip,?deflate\r\n");
????strcat(requestString,"Connection:?Keep-Alive\r\n");
????
????if(strlen(parms)?>?0){
????????strcat(requestString,"Content-Type:?application/x-www-form-urlencoded\r\n");
????????strcat(requestString,"Content-Length:?");
????????char?*?p?=?new?char[4];
????????itoa(strlen(parms),p,10);???
????????strcat(requestString,p);
????????strcat(requestString,"\r\n\r\n");
????????strcat(requestString,parms);
????????strcat(requestString,"\r\n\r\n");
????}
????cout?<<?requestString;
????int?postDataLength?=?strlen(requestString);
????LPHOSTENT?lphostent?=?gethostbyname(host);
????
????
????addr_in.sin_family?=?AF_INET;?
????addr_in.sin_port?=?htons(port);?
????//addr_in.sin_addr=?*((LPIN_ADDR)*lphostent->h_addr_list);?
????addr_in.sin_addr?=?*(in_addr?*)lphostent->h_addr_list[0];?
????//填充IP首部?
????ipHeader.h_verlen=(?4<<4?|?sizeof(ipHeader)/sizeof(unsigned?long));?
????//ipHeader.tos=0;?
????ipHeader.total_len?=?htons(sizeof(ipHeader)?+?sizeof(tcpHeader));?
????ipHeader.ident=1;?
????ipHeader.frag_and_flags=0;?
????ipHeader.ttl?=?128;?
????ipHeader.proto?=?IPPROTO_TCP;?
????ipHeader.checksum?=?0;?
????ipHeader.sourceIP?=?inet_addr("192.168.19.1");?
????ipHeader.destIP?=?addr_in.sin_addr.S_un.S_addr;
????//填充TCP首部?
????tcpHeader.th_dport?=?htons(port);??//目標(biāo)端口
????tcpHeader.th_sport=htons(4000);?//源端口號(hào)?
????tcpHeader.th_seq?=?htonl(0x12345678);?
????tcpHeader.th_ack=0;?
????tcpHeader.th_lenres?=?(sizeof(tcpHeader)?/?4?<<4|?0);?
????tcpHeader.th_flag?=?2;?//修改這里來實(shí)現(xiàn)不同的標(biāo)志位探測,2是SYN,1是FIN,16是ACK探測?等等?
????tcpHeader.th_win=?htons(512);?
????tcpHeader.th_urp=0;?
????tcpHeader.th_sum=0;?
????psdHeader.saddr?=?ipHeader.sourceIP;?
????psdHeader.daddr?=?ipHeader.destIP;?
????psdHeader.mbz?=?0;?
????psdHeader.ptcl?=?IPPROTO_TCP;?
????psdHeader.tcpl?=?htons(sizeof(tcpHeader));?
????//計(jì)算校驗(yàn)和?
????memcpy(szSendBuf,?&psdHeader,?sizeof(psdHeader));?
????memcpy(szSendBuf+sizeof(psdHeader),?&tcpHeader,?sizeof(tcpHeader));?
????tcpHeader.th_sum=checksum((USHORT?*)szSendBuf,sizeof(psdHeader)+sizeof(tcpHeader));?
????memcpy(szSendBuf,?&ipHeader,?sizeof(ipHeader));?
????memcpy(szSendBuf+sizeof(ipHeader),?&tcpHeader,?sizeof(tcpHeader));?
????memset(szSendBuf+sizeof(ipHeader)+sizeof(tcpHeader),?0,?4);?
????ipHeader.checksum=checksum((USHORT?*)szSendBuf,?sizeof(ipHeader)+sizeof(tcpHeader));?
????memcpy(szSendBuf,?&ipHeader,?sizeof(ipHeader));?
????memcpy(szSendBuf?+?sizeof(ipHeader)+sizeof(tcpHeader),requestString,postDataLength);
????cout?<<?szSendBuf?<<?endl;
????rect=sendto(sock,?szSendBuf,?sizeof(ipHeader)+sizeof(tcpHeader)?+?postDataLength,?0,?(struct?sockaddr*)&addr_in,?sizeof(addr_in));?
????
????cout?<<?rect?<<?"\t"?<<?sizeof(ipHeader)?+?sizeof(tcpHeader)?+?postDataLength?<<?endl;
????
????if?(rect?==?SOCKET_ERROR?||?rect?>?10000L)?
????{?
????????printf("send?error!:%d\n",WSAGetLastError());?
????????return?false;?
????}?
????else?
????????printf("send?ok!\n");?
????closesocket(sock);?
????WSACleanup();?
????return?false;
}
posted on 2008-11-10 16:43
BirdsHover 閱讀(3265)
評(píng)論(2) 編輯 收藏 引用