Raw Socket(原始套接字)实现Sniffer(嗅探)但是收不到数据包
//检查Winsock版本号,WSAData为WSADATA结构对象intiResult=WSAStartup(MAKEWORD(2,2),&WSAData);if(iR...
// 检查 Winsock 版本号,WSAData为WSADATA结构对象
int iResult = WSAStartup(MAKEWORD(2, 2), &WSAData);
if (iResult != NO_ERROR)
printf("Error at WSAStartup()\n");
// 创建原始套接字
sock = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
if (sock == INVALID_SOCKET)
{
printf("Error at socket(): %ld\n", WSAGetLastError());
WSACleanup();
return 1;
}
// 设置IP头操作选项,其中flag 设置为ture,亲自对IP头进行处理
int sckopterr = setsockopt(sock, IPPROTO_IP, IP_HDRINCL, (char*)&flag, sizeof(flag));
if (sckopterr != 0)
printf("Error at setsockopt()\n");
// 获取本机名
gethostname((char*)LocalName, sizeof(LocalName)); printf("name: %s \n",LocalName);
// 获取本地 IP 地址
pHost = gethostbyname((char*)LocalName); printf("ip: %s\n",inet_ntoa(*(in_addr *)pHost->h_addr_list[0]));
// 填充SOCKADDR_IN结构
addr_in.sin_addr = *(in_addr *)pHost->h_addr_list[0]; //IP
addr_in.sin_family = AF_INET;
addr_in.sin_port = htons(57274);
// 把原始套接字sock 绑定到本地网卡地址上
int binderr = bind(sock, (PSOCKADDR)&addr_in, sizeof(addr_in));
if (binderr == SOCKET_ERROR )
printf("Error at bind()\n");
// dwValue为输入输出参数,为1时执行,0时取消
DWORD dwValue = 1;
// 设置 SOCK_RAW 为SIO_RCVALL,以便接收所有的IP包。其中SIO_RCVALL
// 的定义为: #define SIO_RCVALL _WSAIOW(IOC_VENDOR,1)
int ioctlsckterr = ioctlsocket(sock, SIO_RCVALL, &dwValue);
if (ioctlsckterr != NO_ERROR)
printf("Error at ioctlsocket()\n");
while (true)
{
// 接收原始数据包信息
int ret = recv(sock, RecvBuf, BUFFER_SIZE, 0);
if (ret > 0)
{
// 对数据包进行分析,并输出分析结果
ip = *(IP*)RecvBuf;
tcp = *(TCP*)(RecvBuf + ip.HdrLen);
printf("协议: %s\r\n",GetProtocolTxt(ip.Protocol));
printf("IP源地址: %s\r\n",inet_ntoa(*(in_addr*)&ip.SrcAddr));
printf("IP目标地址: %s\r\n",inet_ntoa(*(in_addr*)&ip.DstAddr));
printf("TCP源端口号: %d\r\n",tcp.SrcPort);
printf("TCP目标端口号:%d\r\n",tcp.DstPort);
printf("数据包长度: %d\r\n\r\n\r\n",ntohs(ip.TotalLen));
}
但是收不到数据包 一直卡在 int ret = recv(sock, RecvBuf, BUFFER_SIZE, 0);
我也是用的管理员权限运行的了 展开
int iResult = WSAStartup(MAKEWORD(2, 2), &WSAData);
if (iResult != NO_ERROR)
printf("Error at WSAStartup()\n");
// 创建原始套接字
sock = socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
if (sock == INVALID_SOCKET)
{
printf("Error at socket(): %ld\n", WSAGetLastError());
WSACleanup();
return 1;
}
// 设置IP头操作选项,其中flag 设置为ture,亲自对IP头进行处理
int sckopterr = setsockopt(sock, IPPROTO_IP, IP_HDRINCL, (char*)&flag, sizeof(flag));
if (sckopterr != 0)
printf("Error at setsockopt()\n");
// 获取本机名
gethostname((char*)LocalName, sizeof(LocalName)); printf("name: %s \n",LocalName);
// 获取本地 IP 地址
pHost = gethostbyname((char*)LocalName); printf("ip: %s\n",inet_ntoa(*(in_addr *)pHost->h_addr_list[0]));
// 填充SOCKADDR_IN结构
addr_in.sin_addr = *(in_addr *)pHost->h_addr_list[0]; //IP
addr_in.sin_family = AF_INET;
addr_in.sin_port = htons(57274);
// 把原始套接字sock 绑定到本地网卡地址上
int binderr = bind(sock, (PSOCKADDR)&addr_in, sizeof(addr_in));
if (binderr == SOCKET_ERROR )
printf("Error at bind()\n");
// dwValue为输入输出参数,为1时执行,0时取消
DWORD dwValue = 1;
// 设置 SOCK_RAW 为SIO_RCVALL,以便接收所有的IP包。其中SIO_RCVALL
// 的定义为: #define SIO_RCVALL _WSAIOW(IOC_VENDOR,1)
int ioctlsckterr = ioctlsocket(sock, SIO_RCVALL, &dwValue);
if (ioctlsckterr != NO_ERROR)
printf("Error at ioctlsocket()\n");
while (true)
{
// 接收原始数据包信息
int ret = recv(sock, RecvBuf, BUFFER_SIZE, 0);
if (ret > 0)
{
// 对数据包进行分析,并输出分析结果
ip = *(IP*)RecvBuf;
tcp = *(TCP*)(RecvBuf + ip.HdrLen);
printf("协议: %s\r\n",GetProtocolTxt(ip.Protocol));
printf("IP源地址: %s\r\n",inet_ntoa(*(in_addr*)&ip.SrcAddr));
printf("IP目标地址: %s\r\n",inet_ntoa(*(in_addr*)&ip.DstAddr));
printf("TCP源端口号: %d\r\n",tcp.SrcPort);
printf("TCP目标端口号:%d\r\n",tcp.DstPort);
printf("数据包长度: %d\r\n\r\n\r\n",ntohs(ip.TotalLen));
}
但是收不到数据包 一直卡在 int ret = recv(sock, RecvBuf, BUFFER_SIZE, 0);
我也是用的管理员权限运行的了 展开
2个回答
展开全部
sock = socket(AF_INET, SOCK_RAW, IPPROTO_RAW),这里有问题,应该是
sock = socket(AF_INET, SOCK_RAW, IPPROTO_IP)
sock = socket(AF_INET, SOCK_RAW, IPPROTO_IP)
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
展开全部
我在这一步就有问题了ioctlsocket,一直返回-1
已赞过
已踩过<
评论
收起
你对这个回答的评价是?
推荐律师服务:
若未解决您的问题,请您详细描述您的问题,通过百度律临进行免费专业咨询
