写程序实现wireshark的抓包功能
选修了一门信息安全专业的课,做了个实验,是实现网络抓包的功能:
代码如下:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 | #include<stdio.h>#include<stdlib.h>#include<string.h>#include<netinet/ip_icmp.h>#include<netinet/tcp.h>#include<netinet/udp.h>#include<arpa/inet.h>#include<sys/socket.h>#include<sys/types.h>#define BUFFSIZE 1024int main(int argc,char **argv ){ if(argc!=2){ printf("Usage:Proto_Name\n"); return 0; } int rawsock; unsigned char buff[BUFFSIZE]; int n; int count = 0; char *ipr_name=argv[1]; char *ipr_tcp="TCP"; char *ipr_udp="UDP"; char *ipr_icmp="ICMP"; if(strcmp(ipr_name,ipr_tcp)==0) rawsock = socket(AF_INET,SOCK_RAW,IPPROTO_TCP); else if(strcmp(ipr_name,ipr_udp)==0) rawsock = socket(AF_INET,SOCK_RAW,IPPROTO_UDP); else if(strcmp(ipr_name,ipr_icmp)==0) rawsock = socket(AF_INET,SOCK_RAW,IPPROTO_ICMP); if(rawsock < 0){ printf("raw socket error!\n"); exit(1); } while(1){ n = recvfrom(rawsock,buff,BUFFSIZE,0,NULL,NULL); if(n<0){ printf("receive error!\n"); exit(1); } count++; struct ip *ip = (struct ip*)buff; printf("%4d %15s",count,inet_ntoa(ip->ip_src)); printf("%15s %5d %5d\n",inet_ntoa(ip->ip_dst),ip->ip_p,ntohs(ip->ip_len)); int i=0,j=0; for(i=0;i<n;i++) { if(i!=0 && i%16==0) { printf(" "); for(j=i-16;j<i;j++) { if(buff[j]>=32&&buff[j]<=128) printf("%c",buff[j]); else printf("."); } printf("\n"); } if(i%16 == 0) printf("%04x ",i); printf("%02x",buff[i]); if(i==n-1) { for(j=0;j<15-i%16;j++) printf(" "); printf(" "); for(j=i-i%16;j<=i;j++) { if(buff[j]>=32&&buff[j]<127) printf("%c",buff[j]); else printf("."); } } } printf("\n"); printf("internet protocol\n"); printf("version:%u\n",ip->ip_v); printf("Header Length:%u bytes\n",(ip->ip_hl)*4); printf("totle length:%d\n",ntohs(ip->ip_len)); printf("Identification:%u\n",ip->ip_id); if((IP_RF&0x8000)!=0) printf("reserved bits:set\n"); else printf("reserved bits:not set\n"); if((IP_DF&0x4000)!=0) printf("dont fragment: not set\n"); else printf("dont fragment: set\n"); if((IP_MF&0x2000)!=0) printf("more fragment: set\n"); else printf("more fragment: not set\n"); printf("Time to live:%u\n",ip->ip_ttl); if(ip->ip_p==6) printf("protocol TCP(6)\n"); else if(ip->ip_p==1) printf("protocol ICMP(1)\n"); else if(ip->ip_p==17) printf("protocol UDP(17)\n"); printf("source ip:%s\n",inet_ntoa(ip->ip_src)); printf("destination ip:%s\n",inet_ntoa(ip->ip_dst)); //TCP if(ip->ip_p==6) { printf("transmission control protocol\n"); struct tcphdr *tcp=(struct tcphdr *)(buff+(ip->ip_hl)*4); printf("source port:%u\n",ntohs(tcp->source)); printf("destation port:%u\n",ntohs(tcp->dest)); printf("sequence number:%u\n",ntohl(tcp->seq)); printf("acknowledgement number:%u\n",ntohl(tcp->ack_seq)); printf("head length:%d\n",ntohs((tcp->doff)*4)); if(tcp->urg==1) printf("urgent:set\n"); else printf("urgent:not set\n"); if(tcp->ack==1) printf("acknowledgment:set\n"); else printf("acknowledgment:not set\n"); if(tcp->psh==1) printf("push:set\n"); else printf("push:not set\n"); if(tcp->rst==1) printf("reset:set\n"); else printf("reset:not set\n"); if(tcp->syn==1) printf("syn:set\n"); else printf("syn:not set\n"); if(tcp->fin==1) printf("fin:set\n"); else printf("fin:not set\n"); printf("window size:%u\n",ntohs(tcp->window)); } //UDP if(ip->ip_p==17) { struct udphdr *udp=(struct udphdr*)(buff+(ip->ip_hl)*4); printf("user datagram protocol\n"); printf("source port:%u\n",udp->source); printf("destination port:%u\n",udp->dest); printf("length:%u\n",ntohs(udp->len)); } //ICMP if(ip->ip_p==1) { struct icmphdr *icmp = (struct icmphdr *)(buff+(ip->ip_hl)*4); printf("Internet Control Message Protocol\n"); printf("type:%u",icmp->type); if(icmp->type==0) printf("(Echo Reply)\n"); else if(icmp->type==8) printf("(Echo)\n"); else if(icmp->type==5) printf("(Redirect)\n"); else if(icmp->type==3) printf("(Dest Unreach)\n"); else if(icmp->type==4) printf("(Source quench)\n"); else if(icmp->type==13) printf("(Time Stamp)\n"); else if(icmp->type==14) printf("(Time Stamp Reply)\n"); printf("Code:%u\n",icmp->code); if(icmp->type==0||icmp->type==8) { printf("idetifier:0x%x\n",ntohs(icmp->un.echo.id)); printf("Sequence:%u\n",ntohs(icmp->un.echo.sequence)); } if(icmp->type==3||icmp->type==4) { printf("Unused:%u\n",ntohs(icmp->un.frag.__unused)); printf("Mtu:%u\n",ntohs(icmp->un.frag.mtu)); } if(icmp->type==5) printf("Gateway:%u\n",ntohs(icmp->un.gateway)); } printf("\n\n");}} |
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· Linux系列:如何用 C#调用 C方法造成内存泄露
· AI与.NET技术实操系列(二):开始使用ML.NET
· 记一次.NET内存居高不下排查解决与启示
· 探究高空视频全景AR技术的实现原理
· 理解Rust引用及其生命周期标识(上)
· 阿里最新开源QwQ-32B,效果媲美deepseek-r1满血版,部署成本又又又降低了!
· 单线程的Redis速度为什么快?
· 展开说说关于C#中ORM框架的用法!
· SQL Server 2025 AI相关能力初探
· Pantheons:用 TypeScript 打造主流大模型对话的一站式集成库