伪造IP的一段代码
2016-06-30 21:48
253 查看
伪造IP的一段代码
源代码如下:
int TcpOptScan::send_tcp_raw( SOCKET sd, struct in_addr *srcAddr, struct in_addr *desAddr, u16 srcPort, u16 desPort, u32 seq, u32 ack, u8
flags,u16 window, u8 *options, int optlen, char *data, u16 datalen)
{
char *packet = new char[sizeof(IP_HEADER)+sizeof(TCP_HEADER)];
IP_HEADER *ip = (IP_HEADER *) packet;
TCP_HEADER *tcp = (TCP_HEADER*) (packet + sizeof(IP_HEADER));
psd_header *pseudo = new psd_header;
u8 myttl = 128;
// With these placement we get data and some field alignment so we aren't wasting too much in computing the checksum
int res = -1;
struct sockaddr_in sock;
int source_malloced = 0;
// 检查是否为错误的地址
if ( !desAddr || sd < 0 || !srcAddr)
{
delete packet;
delete pseudo;
return -1;
}
//填写目标地址
sock.sin_family = AF_INET;
sock.sin_port = htons(desPort);
sock.sin_addr.S_un.S_addr = desAddr->s_addr;
//填写数据报
memset((char *) packet,0,sizeof(IP_HEADER) + sizeof(TCP_HEADER));
//填写IP数据报头
//填充IP首部
ip->h_lenver=(4<<4|sizeof(IP_HEADER)/sizeof(unsigned long)); //高四位IP版本号,低四位首部长度
ip->total_len=htons(sizeof(IP_HEADER)+sizeof(TCP_HEADER) +optlen + datalen);//16位总长度(字节)
ip->ident=0;//16位标识
ip->frag_and_flags=0;//3位标志位
ip->ttl=myttl;//8位生存时间TTL
ip->proto=IPPROTO_TCP;//8位协议(TCP,UDP…)
ip->checksum=0;//16位IP首部校验和
ip->sourceIP= srcAddr->s_addr;//32位源IP地址
ip->destIP= desAddr->s_addr;//32位目的IP地址
//填写伪报头
pseudo->saddr = srcAddr->s_addr;
pseudo->daddr = desAddr->s_addr;
pseudo->ptcl = IPPROTO_TCP;
pseudo->tcpl = htons(sizeof(TCP_HEADER) + optlen + datalen);
pseudo->mbz=0;
//填写Tcp报头
tcp->th_sport = htons(srcPort);
tcp->th_dport = htons(desPort);
if (seq)
{
tcp->th_seq = htonl(seq);
}
else if (flags & TH_SYN)
{
tcp->th_seq = GetRadom();
}
if (ack)
tcp->th_ack = htonl(ack);
tcp->th_lenres = (sizeof(TCP_HEADER)/4<<4|0);
tcp->th_flag = flags;
if (window)
tcp->th_win = htons(window);
else
tcp->th_win = htons(1024); /* Who cares */
//拷贝数据
//if (data && datalen)
// memcpy(packet + sizeof(struct ip) + sizeof(struct tcphdr) + optlen, data, datalen);
/* 拷贝选项 */
//if (optlen)
// memcpy(packet + sizeof(struct ip) + sizeof(struct tcphdr), options, optlen);
//计算TCP校验和,计算校验和时需要包括TCPpseudoheader
unsigned short niu;
niu=ntohs(ip->total_len);
char *SendBuf = new char[128];
memcpy(SendBuf,pseudo,sizeof(psd_header));
memcpy(SendBuf+sizeof(psd_header),tcp,sizeof(TCP_HEADER));
tcp->th_sum = checksum((USHORT*)SendBuf,sizeof(psd_header)+sizeof(TCP_HEADER)); //无Tcp数据
delete SendBuf;
//debug
int m = ntohs(ip->total_len);
int pr = ip->proto;
//debug
//ip->total_len=40;
res =sendto( sd,packet,ntohs(ip->total_len),0,(struct sockaddr*)&sock, sizeof(sock));
if( res == SOCKET_ERROR)
{
char str_eror[50];
printf(" Raw socket sendto 发送数据失败,错误代码:%d",GetLastError());
ReportStat(str_eror,0);
return -1;
}
delete packet;
delete pseudo;
return res;
}
源代码如下:
int TcpOptScan::send_tcp_raw( SOCKET sd, struct in_addr *srcAddr, struct in_addr *desAddr, u16 srcPort, u16 desPort, u32 seq, u32 ack, u8
flags,u16 window, u8 *options, int optlen, char *data, u16 datalen)
{
char *packet = new char[sizeof(IP_HEADER)+sizeof(TCP_HEADER)];
IP_HEADER *ip = (IP_HEADER *) packet;
TCP_HEADER *tcp = (TCP_HEADER*) (packet + sizeof(IP_HEADER));
psd_header *pseudo = new psd_header;
u8 myttl = 128;
// With these placement we get data and some field alignment so we aren't wasting too much in computing the checksum
int res = -1;
struct sockaddr_in sock;
int source_malloced = 0;
// 检查是否为错误的地址
if ( !desAddr || sd < 0 || !srcAddr)
{
delete packet;
delete pseudo;
return -1;
}
//填写目标地址
sock.sin_family = AF_INET;
sock.sin_port = htons(desPort);
sock.sin_addr.S_un.S_addr = desAddr->s_addr;
//填写数据报
memset((char *) packet,0,sizeof(IP_HEADER) + sizeof(TCP_HEADER));
//填写IP数据报头
//填充IP首部
ip->h_lenver=(4<<4|sizeof(IP_HEADER)/sizeof(unsigned long)); //高四位IP版本号,低四位首部长度
ip->total_len=htons(sizeof(IP_HEADER)+sizeof(TCP_HEADER) +optlen + datalen);//16位总长度(字节)
ip->ident=0;//16位标识
ip->frag_and_flags=0;//3位标志位
ip->ttl=myttl;//8位生存时间TTL
ip->proto=IPPROTO_TCP;//8位协议(TCP,UDP…)
ip->checksum=0;//16位IP首部校验和
ip->sourceIP= srcAddr->s_addr;//32位源IP地址
ip->destIP= desAddr->s_addr;//32位目的IP地址
//填写伪报头
pseudo->saddr = srcAddr->s_addr;
pseudo->daddr = desAddr->s_addr;
pseudo->ptcl = IPPROTO_TCP;
pseudo->tcpl = htons(sizeof(TCP_HEADER) + optlen + datalen);
pseudo->mbz=0;
//填写Tcp报头
tcp->th_sport = htons(srcPort);
tcp->th_dport = htons(desPort);
if (seq)
{
tcp->th_seq = htonl(seq);
}
else if (flags & TH_SYN)
{
tcp->th_seq = GetRadom();
}
if (ack)
tcp->th_ack = htonl(ack);
tcp->th_lenres = (sizeof(TCP_HEADER)/4<<4|0);
tcp->th_flag = flags;
if (window)
tcp->th_win = htons(window);
else
tcp->th_win = htons(1024); /* Who cares */
//拷贝数据
//if (data && datalen)
// memcpy(packet + sizeof(struct ip) + sizeof(struct tcphdr) + optlen, data, datalen);
/* 拷贝选项 */
//if (optlen)
// memcpy(packet + sizeof(struct ip) + sizeof(struct tcphdr), options, optlen);
//计算TCP校验和,计算校验和时需要包括TCPpseudoheader
unsigned short niu;
niu=ntohs(ip->total_len);
char *SendBuf = new char[128];
memcpy(SendBuf,pseudo,sizeof(psd_header));
memcpy(SendBuf+sizeof(psd_header),tcp,sizeof(TCP_HEADER));
tcp->th_sum = checksum((USHORT*)SendBuf,sizeof(psd_header)+sizeof(TCP_HEADER)); //无Tcp数据
delete SendBuf;
//debug
int m = ntohs(ip->total_len);
int pr = ip->proto;
//debug
//ip->total_len=40;
res =sendto( sd,packet,ntohs(ip->total_len),0,(struct sockaddr*)&sock, sizeof(sock));
if( res == SOCKET_ERROR)
{
char str_eror[50];
printf(" Raw socket sendto 发送数据失败,错误代码:%d",GetLastError());
ReportStat(str_eror,0);
return -1;
}
delete packet;
delete pseudo;
return res;
}
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- what's J2EE
- php上传文件失败解决方式
- Python时间处理总结
- Java String
- Java SE-基本数据类型对应包装类
- 【Struts2】基础总结
- JDK配置
- C#/PHP调用有SoapHeader的WebService
- 传统javabean与spring中的bean的区别
- java中如何写一个死锁例子
- spring-jdbcTemplate
- moongoose对象无法新增删除属性
- eclipse工程下的.project文件
- Androguard获取Java源码的方法及问题汇总
- django学习笔记3:视图与路由
- Java平均拆分list
- JAVA集合(三)-LinkedList
- java输入与输出(I/O)(二):常见输入输出流小结
- C#项目中调用C++生成的Dll 入门教程
- Java对象及其引用