本文主要是介绍C++抓包 分析IP头部数据,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
// 抓包工具.cpp : 定义控制台应用程序的入口点。
//#include "stdafx.h"
#include <iostream>
#include <stdlib.h>
#include <cstdio>
#include <winsock2.h>
#include <mstcpip.h>
#include <string.h>
using namespace std;#pragma comment(lib,"WS2_32.lib")
//加载动态库 ws2_32.dll#define OK 0
#define ERR -1
#define MY_PORT 10000//1024以上#define HOST_NAME_LEN 256
#define BUFF_LEN 65535struct IP_HEADER
{char cVer:4;//版本号char cHeadLen:4;//IP包头长度char cTOS;//服务类型unsigned short usLen;//IP包总长unsigned short usIdent;//标识符unsigned short usFlagOffset;//标记&片偏移char cTTL;//生存时间char cProtocol;//协议unsigned short usChkSum;//校验和unsigned int uiSrcIP;//源地址unsigned int uiDstIP;//目标地址//数据类型的字节数对应IP头部各个内容所需的字节数
};/*
协议类型:
1 ICMP
2 IGMP
6 TCP
17 UDP
88 IGRP
89 OSPF
*/void PrintData(char szBuf[],int iLen)
{//printf("%s\n",szBuf);//捕获的数据一定不是字符串 IP_HEADER *pHeader;SOCKADDR_IN stAddr={0};pHeader=(IP_HEADER*)szBuf;printf("\nRCV:\n");printf("Version:%d\n",pHeader->cVer);printf("IP Len:%d\n",pHeader->cHeadLen);printf("Type Of Service:%d\n",pHeader->cTOS);printf("Total Length:%d\n",pHeader->usLen);printf("Identification:%d\n",pHeader->usIdent);printf("TTL:%d\n",pHeader->cTTL);printf("Protocol:%d\n",pHeader->cProtocol);stAddr.sin_addr.s_addr=pHeader->uiSrcIP;//stAddr.sin_addr.s_addr存的是网络字节序的int ip地址//inet_ntoa把in_addr转成字符串的ip地址//返回点分十进制的字符串在静态内存中的指针printf("Source IP:%s\n",inet_ntoa(stAddr.sin_addr));stAddr.sin_addr.s_addr=pHeader->uiDstIP;printf("Dest IP:%s\n",inet_ntoa(stAddr.sin_addr));puts("");return;}int CapturaeData()
{SOCKET iFd;char szHostName[HOST_NAME_LEN];HOSTENT *pHost;//保存ip//该结构记录主机的信息,包括主机名、别名、地址类型、地址长度和地址列表SOCKADDR_IN stAddr={0};DWORD dwInBuff=1;DWORD dwOutBuff;DWORD dwBytesRet;//实际返回多长int iRet;char szBuf[BUFF_LEN];WSADATA stWsa;//用于打开动态链接库 是网络编程接口 可用//0x0202版本号 if(WSAStartup(0x0202,&stWsa)!=OK){printf("Wsa startup failed.\n");return ERR;}if(gethostname(szHostName,HOST_NAME_LEN)!=OK){WSACleanup();return ERR;}printf("hostName:%s\n",szHostName);pHost=gethostbyname(szHostName);printf("My IP:%d.%d.%d.%d\n",pHost->h_addr_list[0][0]&0xff,pHost->h_addr_list[0][1]&0xff,pHost->h_addr_list[0][2]&0xff,pHost->h_addr_list[0][3]&0xff);stAddr.sin_addr.s_addr=*(unsigned long*)pHost->h_addr;stAddr.sin_family=AF_INET;stAddr.sin_port=htons(MY_PORT);//大写字节序转换//接收原始数据流 因为我们要接收的数据不仅是发往MY_PORT这个端口的 而是所有端口的iFd=socket(AF_INET,SOCK_RAW,IPPROTO_IP);//cout<<"iFD: "<<iFd<<endl;if(iFd<0){WSACleanup();return ERR;}if(bind(iFd,(SOCKADDR*)&stAddr,sizeof(SOCKADDR))!=OK){WSACleanup();closesocket(iFd);return ERR;}//设置iFd收包规则 SIO_RCVALL 接收所有的包iRet=WSAIoctl(iFd,SIO_RCVALL,&dwInBuff,sizeof(dwInBuff),&dwOutBuff,sizeof(dwOutBuff),&dwBytesRet,NULL,NULL);if(iRet!=OK){printf("IOCTL failed.\n");WSACleanup();closesocket(iFd);return ERR;}//puts("2222");while(true){memset(szBuf,0,BUFF_LEN);//puts("bug");iRet=recv(iFd,szBuf,BUFF_LEN,0);//cout<<iRet<<endl;//puts("11111");//将数据copy到szBuf 返回读入的字节数if(iRet<0){break;}else {//puts("here");PrintData(szBuf,iRet);}}WSACleanup();return OK;
}int _tmain(int argc, _TCHAR* argv[])
{CapturaeData();system("pause");return 0;
}
这篇关于C++抓包 分析IP头部数据的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!
