#include <winsock2.h>
#define MAX_PACK_LEN 65535
#define MAX_HOSTNAME_LAN 255
#pragma comment (lib , "ws2_32.lib")
int main()
{
SOCKET SockRaw,Sock;
WSADATA wsaData;
int ret=0;
struct sockaddr_in sAddr,addr;
char RecvBuf[MAX_PACK_LEN];
char FAR name[MAX_HOSTNAME_LAN];
struct hostent FAR * pHostent;
char *Buf=(char *)malloc(128);
int settimeout=1000;//这里我们设置了一秒钟超时
printf("UNSniffer for Win2k v1.0\nPower by BigBall\nHomePage:http:\/\/www.patching.net\/liumy\nEmail:liumy@patching.net\nOicq:9388920\n\nChecking your system ,wait a moment please...\n");
WSAStartup(MAKEWORD(2,2),&wsaData);
//建立一条RawSocket
SockRaw=socket(AF_INET,SOCK_RAW,IPPROTO_IP);
//再建立一条UDP
Sock=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP);
memset(&sAddr,0,sizeof(sAddr));
memset(&addr,0,sizeof(addr));
sAddr.sin_family=AF_INET;
sAddr.sin_port=htons(5257);
addr.sin_family=AF_INET;
addr.sin_port=htons(5258);
///把IP地址指向本机
addr.sin_addr.S_un.S_addr=inet_addr("127.0.0.1");
memset(RecvBuf,0, sizeof(RecvBuf));
pHostent=malloc(sizeof(struct hostent));
gethostname(name, MAX_HOSTNAME_LAN);
pHostent=gethostbyname(name);
///取得自己的IP地址
memcpy(&sAddr.sin_addr.S_un.S_addr, pHostent->h_addr_list[0], pHostent->h_length);
free(pHostent);
///绑定一个本机的接收端口
bind(SockRaw, (struct sockaddr *)&sAddr, sizeof(sAddr));
///虚连接到本机的一个未打开的端口
connect(Sock,(struct sockaddr *)&addr,sizeof(addr));
Buf="1234567890!@#$%^&*";
///设置超时
setsockopt(SockRaw,SOL_SOCKET,SO_RCVTIMEO,(char *)&settimeout,sizeof(int));
///向虚连接端口发送一个数据包
send(Sock,Buf,strlen(Buf),0);
///使用SockRaw尝试接收这个数据包
ret=recv(SockRaw,RecvBuf,sizeof(RecvBuf),0);
if(ret==SOCKET_ERROR || ret==0)
printf("No found any sniffer in your system!\n");
else
{
///进行ChkSum
if(Buf=="1234567890!@#$%^&*")
printf("Warning!!! Found sniffer!!!\n");
}
closesocket(Sock);
closesocket(SockRaw);
free(pHostent);
free(Buf);
WSACleanup();
return 0;
} |
安全中国首页 > 文章中心 > Sniffer嗅探