#include <afxsock.h>
#include<winsock2.h>
#pragma comment(lib,"ws2_32.lib")

 

#include <ras.h>
#include <raserror.h>
#pragma comment(lib, "rasapi32.lib")
#include <WinInet.h>
#pragma comment(lib, "WinInet.LIB")

#include <Dlgs.h>

#pragma comment(lib,"vfw32.lib")
#pragma comment(lib,"winmm.lib")
         #define MAX_HOSTNAME_LAN 255
         #define SIO_RCVALL _WSAIOW(IOC_VENDOR,1)
         #define MAX_ADDR_LEN 16
         struct ipheader {
                  unsigned char ip_hl:4, ip_v:4; /* this means that each member is 4 bits */
                  unsigned char ip_tos;
                  unsigned short int ip_len;
                  unsigned short int ip_id;
                  unsigned short int ip_off;
                  unsigned char ip_ttl;
                  unsigned char ip_p;
                  unsigned short int ip_sum;
                  unsigned int ip_src;
                  unsigned int ip_dst;
         }; /* total ip header length: 20 bytes (=160 bits) */
         typedef struct udphdr {         
                  unsigned short sport;
                  unsigned short dport;
                  unsigned short len;
                  unsigned short cksum;
         }UDP_HDR;
         void main()
         {
                  SOCKET sock;
                  WSADATA wsd;
                  DWORD dwBytesRet;
                  unsigned int optval = 1;
                  unsigned char *dataudp,*pUdpData;
                  int QQ,iUdpDataLen;
                  SOCKADDR_IN sa,saSource, saDest;
                  struct hostent FAR * pHostent;
                  char FAR name[MAX_HOSTNAME_LAN];
                  char szSourceIP[MAX_ADDR_LEN],RecvBuf[65535] = {0};
                  struct udphdr *pUdpheader;
                  struct ipheader *pIpheader;
                  WSAStartup(MAKEWORD(2,1),&wsd);
                  if ((sock = socket(AF_INET, SOCK_RAW, IPPROTO_IP))==SOCKET_ERROR)exit(1);
                  gethostname(name, MAX_HOSTNAME_LAN);
                  pHostent = gethostbyname(name);
                  sa.sin_family = AF_INET;
                  sa.sin_port = htons(6000);
                  memcpy(&sa.sin_addr.S_un.S_addr, pHostent->h_addr_list[0], pHostent->h_length);
                  bind(sock, (SOCKADDR *)&sa, sizeof(sa));
                  if ((WSAGetLastError())==10013)exit(1);
                  WSAIoctl(sock, SIO_RCVALL, &optval, sizeof(optval), NULL, 0, &dwBytesRet, NULL, NULL);
                  pIpheader = (struct ipheader *)RecvBuf;
                  pUdpheader = (struct udphdr *) (RecvBuf+ sizeof(struct ipheader ));
                  printf("QQ sniffer V1.1 code powerd by cooldiyer/r/n");
                  while (1)
                  {
                           memset(RecvBuf, 0, sizeof(RecvBuf));
                           recv(sock, RecvBuf, sizeof(RecvBuf), 0);
                           saSource.sin_addr.s_addr = pIpheader->ip_src;
                           strncpy(szSourceIP, inet_ntoa(saSource.sin_addr), MAX_ADDR_LEN);
                           iUdpDataLen =(ntohs(pIpheader->ip_len)-(sizeof(struct ipheader)+sizeof(struct udphdr)));
                           if((pIpheader->ip_p)==IPPROTO_UDP&&iUdpDataLen!=0)
                           {
                                   pUdpData=(unsigned char *) RecvBuf+sizeof(struct ipheader)+sizeof(struct udphdr);
                                   iUdpDataLen=ntohs(pIpheader->ip_len)-(sizeof(struct ipheader)+sizeof(struct udphdr));
                                   if(ntohs(pUdpheader->dport)==8000)
                                           if(iUdpDataLen%4==0 && iUdpDataLen>0)
                                                     if(pUdpData[0]==0x02 && pUdpData[3]==0x00 && pUdpData[iUdpDataLen-1]==0x03)
                                                     {
                                                             QQ = (pUdpData[7]&0xff);
                                                             QQ = (QQ<<8) + (pUdpData[8]&0xff);
                                                             QQ = (QQ<<8) + (pUdpData[9]&0xff);
                                                             QQ = (QQ<<8) + (pUdpData[10]&0xff);
                                                             printf("IP:%s QQ:%d/r",szSourceIP,QQ);
                                                     }
                           }
                  }
         }

需要源码的请留下E-mail,我给你们发

posted on 2009-04-09 16:08  Yincheng  阅读(200)  评论(0编辑  收藏  举报