人妻精品久久久久中文字幕69,99久久久精品免费观看国产,久久综合精品国产二区无码

一個構造SYN包做掃描的例子： ------------------ 轉

//---------------------------------------------------------------------------
//Filename:ss.c
//Author:yunshu
//---------------------------------------------------------------------------
//Filename:ss.c
//Author:yunshu
//Last:2004-04-02
//Thank Wineggdrop's Code
//---------------------------------------------------------------------------
#include <winsock2.h>
#include <ws2tcpip.h>
#include <MSTcpIP.h>
#include <stdio.h>
#include <string.h>

#pragma comment(lib,"ws2_32")

////////////////////////////////////////////////////////////////
//全局變量
////////////////////////////////////////////////////////////////

#define srcPort 8296

char srcIP[20] = {0};//定義源地址
char tgtIP[20] = {0};//定義目的地址
int portNow;//定義正在掃描的端口

//標準端口列表
int ports[20] = {21,22,23,25,53,79,80,110,111,135,139,445,554,1080,1433,1521,3306,3389,5631,8080};

typedef struct ip_hdr
{
unsigned char h_verlen; //4位首部長度,4位IP版本號
unsigned char tos; //8位服務類型TOS
unsigned short total_len; //16位總長度（字節）
unsigned short ident; //16位標識
unsigned short frag_and_flags; //3位標志位
unsigned char ttl; //8位生存時間 TTL
unsigned char proto; //8位協議 (TCP, UDP 或其他)
unsigned short checksum; //16位IP首部校驗和
unsigned int sourceIP; //32位源IP地址
unsigned int destIP; //32位目的IP地址
}IP_HEADER;

typedef struct tcp_hdr //定義TCP首部
{
USHORT th_sport; //16位源端口
USHORT th_dport; //16位目的端口
unsigned int th_seq; //32位序列號
unsigned int th_ack; //32位確認號
unsigned char th_lenres; //4位首部長度/6位保留字
unsigned char th_flag; //6位標志位
USHORT th_win; //16位窗口大小
USHORT th_sum; //16位校驗和
USHORT th_urp; //16位緊急數據偏移量
}TCP_HEADER;

typedef struct tsd_hdr //定義TCP偽首部
{
unsigned long saddr; //源地址
unsigned long daddr; //目的地址
char mbz;
char ptcl; //協議類型
unsigned short tcpl; //TCP長度
}PSD_HEADER;

////////////////////////////////////////////////////////////////
//函數原形
////////////////////////////////////////////////////////////////

int send_packet();//發送數據函數
int recv_packet();//監聽數據函數
USHORT checksum(USHORT *, int );//計算檢驗和函數
void usage(char *);//顯示幫助函數
void check_port(char *);//判斷端口是否開放函數

////////////////////////////////////////////////////////////////
//main函數
////////////////////////////////////////////////////////////////

int main(int argc,char *argv[])
{
WSADATA WSAData;
DWORD thread_ID = 1;
char FAR hostname[128];
struct hostent *phe;

if(argc != 2)//檢查命令行參數是否正確
{
usage(argv[0]);
exit(0);
}

if (WSAStartup(MAKEWORD(2,2), &WSAData))
{
printf("WSAStartup Error...\n");
exit(0);
}

strcpy(tgtIP,argv[1]);//得到目標主機的ip地址

gethostname(hostname,128);//獲取本機主機名

phe = gethostbyname(hostname);//獲取本機ip地址結構

if(phe == NULL)
{
printf("Get LocalIP Error...\n");
}

strcpy(srcIP, inet_ntoa(*((struct in_addr *)phe->h_addr_list[0])));//得到本機ip地址

//調試用，注釋掉
//printf("test\t%s\n",tgtIP);
//printf("test\t%s\n",srcIP);

//開啟新線程，接受數據包，分析返回的信息
CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)recv_packet,NULL,0,&thread_ID);

Sleep(1000);//休息一下再啟動發送數據包函數

for(int tmp = 0; tmp < 20; tmp++)
{
++thread_ID;

//要掃描的端口
portNow = ports[tmp];

//開啟新線程，發送數據包
CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)send_packet,NULL,0,&thread_ID);

//防止生成線程過快，休息
Sleep(100);
}

Sleep(1000);//等待掃描接結束
WSACleanup();
return 0;
}

//計算檢驗和函數，完全抄別人的
USHORT checksum(USHORT *buffer, int size)
{
unsigned long cksum=0;

while(size >1)
{
cksum += *buffer++;
size -= sizeof(USHORT);
}
if(size)
{
cksum += *(UCHAR*)buffer;
}
cksum = (cksum >> 16) + (cksum & 0xffff);
cksum += (cksum >> 16);
return (USHORT)(~cksum);
}

void usage(char *prog)
{
printf("===========================================\n");
printf("Used To Scan Remote Host's Ports\n");
printf("OurTeam:<a target="_blank">http://www.ph4nt0m.net\n</a>");
printf("Usage:%s TargetIP\n",prog);
printf("===========================================\n");
exit(0);
}

//發送數據包的函數
int send_packet()
{
SOCKET sendSocket;
BOOL flag;
int timeout;
SOCKADDR_IN sin;
IP_HEADER ipHeader;
TCP_HEADER tcpHeader;
PSD_HEADER psdHeader;
char szSendBuf[60];
int ret;
unsigned long source_ip;
unsigned long target_ip;

//建立原生數據socket
if((sendSocket = WSASocket(AF_INET, SOCK_RAW, IPPROTO_RAW, NULL, 0, WSA_FLAG_OVERLAPPED)) == INVALID_SOCKET)
{
printf("Socket Setup Error...\n");
return 0;
}

//設置自己填充數據包
if(setsockopt(sendSocket, IPPROTO_IP, IP_HDRINCL, (char *)&flag, sizeof(flag)) == SOCKET_ERROR)
{
printf("Setsockopt IP_HDRINCL Error...\n");
return 0;
}

//設置超時時間
timeout = 1000;
if(setsockopt(sendSocket, SOL_SOCKET, SO_SNDTIMEO, (char *)&timeout, sizeof(timeout)) == SOCKET_ERROR)
{
printf("Setsockopt SO_SNDTIMEO Error...\n");
return 0;
}

target_ip = inet_addr(tgtIP);
source_ip = inet_addr(srcIP);

sin.sin_family = AF_INET;
sin.sin_port = htons(portNow);
sin.sin_addr.S_un.S_addr = target_ip;

//填充IP首部
ipHeader.h_verlen = (4<<4 | sizeof(ipHeader)/sizeof(unsigned long));
// ipHeader.tos=0;
ipHeader.total_len = htons(sizeof(ipHeader)+sizeof(tcpHeader));
ipHeader.ident = 1;
ipHeader.frag_and_flags = 0x40;
ipHeader.ttl = 128;
ipHeader.proto = IPPROTO_TCP;
ipHeader.checksum = 0;
ipHeader.sourceIP = source_ip;//源IP
ipHeader.destIP = target_ip;//目的IP

//填充TCP首部
tcpHeader.th_dport = htons(portNow);//目的端口
tcpHeader.th_sport = htons(srcPort); //源端口
tcpHeader.th_seq = 0x12345678;
tcpHeader.th_ack = 0;
tcpHeader.th_lenres = (sizeof(tcpHeader)/4<<4|0);
tcpHeader.th_flag = 2;//syn標志位。0,2,4,8,16,32->FIN,SYN,RST,PSH,ACK,URG（推測,哈哈）
tcpHeader.th_win = htons(512);
tcpHeader.th_urp = 0;
tcpHeader.th_sum = 0;

//填充tcp偽首部
psdHeader.saddr = ipHeader.sourceIP;
psdHeader.daddr = ipHeader.destIP;
psdHeader.mbz = 0;
psdHeader.ptcl = IPPROTO_TCP;
psdHeader.tcpl = htons(sizeof(tcpHeader));

//計算TCP校驗和
memcpy(szSendBuf, &psdHeader, sizeof(psdHeader));
memcpy(szSendBuf + sizeof(psdHeader), &tcpHeader, sizeof(tcpHeader));

tcpHeader.th_sum = checksum((USHORT *)szSendBuf, sizeof(psdHeader) + sizeof(tcpHeader));

//計算IP檢驗和
memcpy(szSendBuf, &ipHeader, sizeof(ipHeader));
memcpy(szSendBuf + sizeof(ipHeader), &tcpHeader, sizeof(tcpHeader));
memset(szSendBuf + sizeof(ipHeader) + sizeof(tcpHeader), 0, 4);
ipHeader.checksum = checksum((USHORT *)szSendBuf, sizeof(ipHeader) + sizeof(tcpHeader));

memcpy(szSendBuf, &ipHeader, sizeof(ipHeader));
memcpy(szSendBuf + sizeof(ipHeader), &tcpHeader, sizeof(tcpHeader));

//發送數據包
ret = sendto(sendSocket, szSendBuf, sizeof(ipHeader) + sizeof(tcpHeader), 0, (struct sockaddr*)&sin, sizeof(sin));

if(ret == SOCKET_ERROR)
{
printf("Send Packet Error...\n");
return 0;
}
else return 1;
}

int recv_packet()
{
SOCKADDR_IN sniff;
SOCKET sock;
char recvBuffer[65000] = {0};//緩沖區存放捕獲的數據

//建立socket監聽數據包
sock = socket(AF_INET,SOCK_RAW,IPPROTO_IP);

sniff.sin_family = AF_INET;
sniff.sin_port = htons(0);
sniff.sin_addr.s_addr = inet_addr(srcIP);

//綁定到本地隨機端口
bind(sock,(PSOCKADDR)&sniff,sizeof(sniff));

//設置SOCK_RAW為SIO_RCVALL，以便接收所有的IP包
//copy來的
DWORD dwBufferLen[10] ;
DWORD dwBufferInLen = 1 ;
DWORD dwBytesReturned = 0 ;
WSAIoctl(sock,SIO_RCVALL,&dwBufferInLen,sizeof(dwBufferInLen),&dwBufferLen,sizeof(dwBufferLen),&dwBytesReturned,NULL,NULL);

while(TRUE)
{
memset(recvBuffer,0,sizeof(recvBuffer));

//開始捕獲數據包
int bytesRecived = recv(sock,recvBuffer,sizeof(recvBuffer),0);
if(bytesRecived <= 0)
{
break;
}
check_port(recvBuffer);
}
return 1;
}

void check_port(char *buffer)
{
IP_HEADER *ipHeader;//IP_HEADER型指針
TCP_HEADER *tcpHeader;//TCP_HEADER型指針

ipHeader = (IP_HEADER *)buffer;
tcpHeader = (TCP_HEADER *) (buffer+sizeof(IP_HEADER));

if(ipHeader->sourceIP != inet_addr(tgtIP))
{
return;
}

for(int tmp=0;tmp<20;tmp++)
{
//SYN+ACK -> 2+16=18（也是推測，哈哈）
if(tcpHeader->th_flag == 18 && tcpHeader->th_sport == htons(ports[tmp]))
{
printf("[Found]\t%s\tport\t%d\tOpen\n",tgtIP,ports[tmp]);
}
}
}

posted on 2009-03-17 20:20 大龍閱讀(944) 評論(0) 編輯收藏引用

只有注冊用戶登錄后才能發表評論。
【推薦】100%開源！大型工業跨平臺軟件C++源碼提供，建模，組態！



網站導航: 博客園 IT新聞 BlogJava 博問 Chat2DB 管理

大龍的博客

導航

留言簿(43)

收藏夾

隨筆檔案

文章檔案

閱讀排行榜

評論排行榜

常用鏈接

統計

最新評論

一個構造SYN包做掃描的例子： ------------------ 轉