荔园在线
荔园之美,在春之萌芽,在夏之绽放,在秋之收获,在冬之沉淀
[回到开始]
[上一篇][下一篇]
发信人: bstone (Back to real world!), 信区: Hacker
标 题: anti_sniffer程序
发信站: BBS 荔园晨风站 (Thu Mar 30 17:20:53 2000), 转信
发信人: AngelFalls (Happiness Forever), 信区: Security
标 题: anti_sniffer程序
发信站: 武汉白云黄鹤站 (Wed Mar 29 18:18:54 2000), 站内信件
#include <netdb.h>
#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <net/if_packet.h>
#include <sys/ioctl.h>
#include <net/if.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <netinet/if_ether.h>
#include <string.h>
#include <arpa/inet.h>
#include <net/if_arp.h>
#include <netinet/tcp.h>
#include <netinet/udp.h>
#include <unistd.h>
#include <fcntl.h>
struct arp_hdr{
struct arp_hdr{
u_char dst_addr[6];
u_char src_addr[6];
u_short frame_type;
u_short hw_type;
u_short proto_type;
u_char hw_addr_len;
u_char proto_addr_len;
u_short op;
u_char snd_hw_addr[6];
u_char snd_ip_addr[4];
u_char rcv_hw_addr[6];
u_char rcv_ip_addr[4];
};
void dealARP(struct arp_hdr *ahdr)
{
struct in_addr daddr, saddr;
char str_s[32], str_d[32];
printf("\nARP datagram from %.2x:%.2x:%.2x:%.2x:%.2x:%.2x to %.2x:%.2x:.
2x:%.2x:%.2x:%.2x\n",
ahdr->src_addr[0], ahdr->src_addr[1], ahdr->src_addr[2], ahdr->r
c_addr[3],
c_addr[3],
ahdr->src_addr[4], ahdr->src_addr[5], ahdr->dst_addr[0], ahdr->s
t_addr[1],
ahdr->dst_addr[2], ahdr->dst_addr[3], ahdr->dst_addr[4], ahdr->s
t_addr[5]);
switch( ntohs(ahdr->op) )
{
case 1:
printf("Operation : ARP Request\n");
break;
case 2:
printf("Operation : ARP Reply\n");
break;
case 3:
printf("Operation : RARP Request\n");
break;
case 4:
printf("Operation : RARP Reply\n");
break;
default:
printf("Operation : %d\n", ntohs(ahdr->op));
break;
}
}
memcpy(&daddr, ahdr->rcv_ip_addr, 4);
memcpy(&saddr, ahdr->snd_ip_addr, 4);
strcpy(str_s, inet_ntoa(saddr));
strcpy(str_d, inet_ntop(AF_INET, &daddr, str_d, sizeof(str_d)));
printf("Source IP : %s, Dest IP : %s\n", str_s, str_d);
}
int main(int argc, char *argv[])
{
int sock_pak, i, flag, verbose = 0;
struct ifreq ifr;
struct sockaddr_in *sa, sa_in;
struct sockaddr sa_local;
u_int32_t nmask, uni_ip, brd_ip, t_ip, t_ip2, dst;
u_char ucMac[6], recvbuf[1024];
struct arp_hdr *ahdr = (struct arp_hdr*)recvbuf;
if( argc != 1 && argc != 2)
{
printf("Usage : %s [-v]\n", argv[0]);
exit(-1);
}
}
if( argc == 2 )
if( strcmp(argv[1], "-v")==0 )
verbose = 1;
else
{
printf("Usage : %s [-v]\n", argv[0]);
exit(-1);
}
if( (sock_pak = socket(PF_INET, SOCK_PACKET, htons(ETH_P_ARP))) < 0 )
{
perror("Socket");
exit(-1);
}
setuid(getuid());
strcpy(ifr.ifr_name, "eth0");
if( ioctl(sock_pak, SIOCGIFHWADDR, &ifr) < 0 )
{
perror("Ioctl SIOGIFHWADDR");
exit(-1);
}
}
memcpy(ucMac, &ifr.ifr_hwaddr.sa_data, 6);
printf("Eth0 MAC : %.2x:%.2x:%.2x:%.2x:%.2x:%.2x\n", ucMac[0], ucMac[1],
ucMac[2], ucMac[3], ucMac[4], ucMac[5]);
if( ioctl(sock_pak, SIOCGIFADDR, &ifr) < 0 )
{
perror("Ioctl SIOGIFADDR");
exit(-1);
}
sa = (struct sockaddr_in*)&ifr.ifr_addr;
uni_ip = ntohl(sa->sin_addr.s_addr);
printf("Eth0 IP : %s\n", inet_ntoa(sa->sin_addr));
if( ioctl(sock_pak, SIOCGIFBRDADDR, &ifr) < 0 )
{
perror("Ioctl SIOCGIFBRDADDR");
exit(-1);
}
sa = (struct sockaddr_in*)&ifr.ifr_broadaddr;
brd_ip = ntohl(sa->sin_addr.s_addr);
printf("Eth0 BCast IP : %s\n", inet_ntoa(sa->sin_addr));
if( ioctl(sock_pak, SIOCGIFNETMASK, &ifr) < 0 )
{
perror("Ioctl SIOGGIFNETMASK");
exit(-1);
}
sa = (struct sockaddr_in*)&ifr.ifr_netmask;
nmask = ntohl(sa->sin_addr.s_addr);
sa = (struct sockaddr_in*)&ifr.ifr_netmask;
printf("Eth0 Netmask : %s\n", inet_ntoa(sa->sin_addr));
if( ( flag = fcntl(sock_pak, F_GETFL, 0)) < 0 )
{
perror("Fcntl F_GETFL");
exit(-1);
}
if( fcntl(sock_pak, F_SETFL, flag | O_NONBLOCK) < 0 )
{
perror("Fcntl F_SETFL");
exit(-1);
}
for(i=0; i<80; i++)
printf("+");
printf("\n> Scanning...\n");
for(dst = (nmask & uni_ip)+1; dst < brd_ip; dst++)
{
bzero(recvbuf, 1024);
memset(ahdr->dst_addr, 0, 6);
memset(ahdr->dst_addr, 0xff, 1);
memcpy(ahdr->src_addr, ucMac, 6);
ahdr->frame_type = htons(0x0806); //ethernet frame
ahdr->hw_type = htons(1); //ethernet hw
ahdr->proto_type = htons(0x0800);
ahdr->hw_addr_len = 6;
ahdr->proto_addr_len = 4;
ahdr->op = htons(0x0001);
memcpy(ahdr->snd_hw_addr, ucMac, 6);
t_ip = htonl(uni_ip);
memcpy(ahdr->snd_ip_addr, &t_ip, 4);
memset(ahdr->rcv_hw_addr, 0, 6);
t_ip = htonl(dst);
memcpy(ahdr->rcv_ip_addr, &t_ip, 4);
sa_local.sa_family = AF_LOCAL;
sa_local.sa_family = AF_LOCAL;
strcpy(sa_local.sa_data, "eth0");
if( sendto(sock_pak, recvbuf, sizeof(struct arp_hdr), 0, &sa_loa
l, sizeof(sa_local)) < 0 )
perror("Sendto");
usleep(10);
i = recvfrom(sock_pak, recvbuf, 1024, 0, &sa_local, &flag);
if( i < sizeof(struct arp_hdr) )
continue;
memcpy(&t_ip, ahdr->rcv_ip_addr, 4);
memcpy(&t_ip2, ahdr->snd_ip_addr, 4);
if( ntohs(ahdr->op) == 0x0002 && ntohl(t_ip) == uni_ip
&& dst - ntohl(t_ip2) >= 0 && dst - ntohl(t_ip2) <= 2 )
{
bzero(&sa_in, sizeof(struct sockaddr_in));
sa_in.sin_family = AF_INET;
sa_in.sin_addr.s_addr = t_ip2;
printf("> Host %s Promisc Mode detected\n", inet_ntoa(s_
in.sin_addr));
}
else if(verbose)
if( ntohs(ahdr->op) == 0x0002 && ntohl(t_ip) == uni_ip
dealARP(ahdr);
}
printf("> Scanning End.\n");
}
--
Wish your sky be sunny,
Wish your heart be happy,
Wish your body be healthy,
Wish U never be lazy.
:) :> ;) ;> :-) :-> ;-) ;->
※ 来源:.武汉白云黄鹤站 bbs.whnet.edu.cn.[FROM: 202.106.16.45]
--
☆ 来源:.BBS 荔园晨风站 bbs.szu.edu.cn.[FROM: bbs@192.168.28.23]
[回到开始]
[上一篇][下一篇]
荔园在线首页 友情链接:深圳大学 深大招生 荔园晨风BBS S-Term软件 网络书店