您所在位置:主题:[转帖]一个嗅探局域网QQ号码源码
hedaochun
[专家分:0] 发布于 2005-09-04 00:17:00
#include <winsock2.h>
#include <windows.h>
#include <ws2tcpip.h>
#include <stdio.h>
#include <stdlib.h>
#pragma comment(lib,"ws2_32.lib")
#define MAX_HOSTNAME_LAN 255
#define SIO_RCVALL _WSAIOW(IOC_VENDOR,1)
#define MAX_ADDR_LEN 16
struct ipheader {
unsigned char ip_hl:4, ip_v:4; /* this means that each member is 4 bits */
unsigned char ip_tos;
unsigned short int ip_len;
unsigned short int ip_id;
unsigned short int ip_off;
unsigned char ip_ttl;
unsigned char ip_p;
unsigned short int ip_sum;
unsigned int ip_src;
unsigned int ip_dst;
}; /* total ip header length: 20 bytes (=160 bits) */
typedef struct udphdr {
unsigned short sport;
unsigned short dport;
unsigned short len;
unsigned short cksum;
}UDP_HDR;
void main()
{
SOCKET sock;
WSADATA wsd;
DWORD dwBytesRet;
unsigned int optval = 1;
unsigned char *dataudp,*pUdpData;
int QQ,iUdpDataLen;
SOCKADDR_IN sa,saSource, saDest;
struct hostent FAR * pHostent;
char FAR name[MAX_HOSTNAME_LAN];
char szSourceIP[MAX_ADDR_LEN],RecvBuf[65535] = {0};
struct udphdr *pUdpheader;
struct ipheader *pIpheader;
WSAStartup(MAKEWORD(2,1),&wsd);
if ((sock = socket(AF_INET, SOCK_RAW, IPPROTO_IP))==SOCKET_ERROR)exit(1);
gethostname(name, MAX_HOSTNAME_LAN);
pHostent = gethostbyname(name);
sa.sin_family = AF_INET;
sa.sin_port = htons(6000);
memcpy(&sa.sin_addr.S_un.S_addr, pHostent->h_addr_list[0], pHostent->h_length);
bind(sock, (SOCKADDR *)&sa, sizeof(sa));
if ((WSAGetLastError())==10013)exit(1);
WSAIoctl(sock, SIO_RCVALL, &optval, sizeof(optval), NULL, 0, &dwBytesRet, NULL, NULL);
pIpheader = (struct ipheader *)RecvBuf;
pUdpheader = (struct udphdr *) (RecvBuf+ sizeof(struct ipheader ));
printf("QQ sniffer V1.1 code powerd by cooldiyer\r\n");
while (1)
{
memset(RecvBuf, 0, sizeof(RecvBuf));
recv(sock, RecvBuf, sizeof(RecvBuf), 0);
saSource.sin_addr.s_addr = pIpheader->ip_src;
strncpy(szSourceIP, inet_ntoa(saSource.sin_addr), MAX_ADDR_LEN);
iUdpDataLen =(ntohs(pIpheader->ip_len)-(sizeof(struct ipheader)+sizeof(struct udphdr)));
if((pIpheader->ip_p)==IPPROTO_UDP&&iUdpDataLen!=0)
{
pUdpData=(unsigned char *) RecvBuf+sizeof(struct ipheader)+sizeof(struct udphdr);
iUdpDataLen=ntohs(pIpheader->ip_len)-(sizeof(struct ipheader)+sizeof(struct udphdr));
if(ntohs(pUdpheader->dport)==8000)
if(iUdpDataLen%4==0 && iUdpDataLen>0)
if(pUdpData[0]==0x02 && pUdpData[3]==0x00 && pUdpData[iUdpDataLen-1]==0x03)
{
QQ = (pUdpData[7]&0xff);
QQ = (QQ<<8) + (pUdpData[8]&0xff);
QQ = (QQ<<8) + (pUdpData[9]&0xff);
QQ = (QQ<<8) + (pUdpData[10]&0xff);
printf("IP:%s QQ:%d\r",szSourceIP,QQ);
}
}
}
}
注意:
此嗅探器只能在支技RAW SOCKET的机器上运行,而且还得是非交换机的局域网内
代码原创:cooldiyer
这个程序我看不出什么名堂来,还希望各路指点。
问题一:
#pragma comment(lib,"ws2_32.lib")这个是什么意思?
#include <windows.h>
#include <ws2tcpip.h>
#include <stdio.h>
#include <stdlib.h>
#pragma comment(lib,"ws2_32.lib")
#define MAX_HOSTNAME_LAN 255
#define SIO_RCVALL _WSAIOW(IOC_VENDOR,1)
#define MAX_ADDR_LEN 16
struct ipheader {
unsigned char ip_hl:4, ip_v:4; /* this means that each member is 4 bits */
unsigned char ip_tos;
unsigned short int ip_len;
unsigned short int ip_id;
unsigned short int ip_off;
unsigned char ip_ttl;
unsigned char ip_p;
unsigned short int ip_sum;
unsigned int ip_src;
unsigned int ip_dst;
}; /* total ip header length: 20 bytes (=160 bits) */
typedef struct udphdr {
unsigned short sport;
unsigned short dport;
unsigned short len;
unsigned short cksum;
}UDP_HDR;
void main()
{
SOCKET sock;
WSADATA wsd;
DWORD dwBytesRet;
unsigned int optval = 1;
unsigned char *dataudp,*pUdpData;
int QQ,iUdpDataLen;
SOCKADDR_IN sa,saSource, saDest;
struct hostent FAR * pHostent;
char FAR name[MAX_HOSTNAME_LAN];
char szSourceIP[MAX_ADDR_LEN],RecvBuf[65535] = {0};
struct udphdr *pUdpheader;
struct ipheader *pIpheader;
WSAStartup(MAKEWORD(2,1),&wsd);
if ((sock = socket(AF_INET, SOCK_RAW, IPPROTO_IP))==SOCKET_ERROR)exit(1);
gethostname(name, MAX_HOSTNAME_LAN);
pHostent = gethostbyname(name);
sa.sin_family = AF_INET;
sa.sin_port = htons(6000);
memcpy(&sa.sin_addr.S_un.S_addr, pHostent->h_addr_list[0], pHostent->h_length);
bind(sock, (SOCKADDR *)&sa, sizeof(sa));
if ((WSAGetLastError())==10013)exit(1);
WSAIoctl(sock, SIO_RCVALL, &optval, sizeof(optval), NULL, 0, &dwBytesRet, NULL, NULL);
pIpheader = (struct ipheader *)RecvBuf;
pUdpheader = (struct udphdr *) (RecvBuf+ sizeof(struct ipheader ));
printf("QQ sniffer V1.1 code powerd by cooldiyer\r\n");
while (1)
{
memset(RecvBuf, 0, sizeof(RecvBuf));
recv(sock, RecvBuf, sizeof(RecvBuf), 0);
saSource.sin_addr.s_addr = pIpheader->ip_src;
strncpy(szSourceIP, inet_ntoa(saSource.sin_addr), MAX_ADDR_LEN);
iUdpDataLen =(ntohs(pIpheader->ip_len)-(sizeof(struct ipheader)+sizeof(struct udphdr)));
if((pIpheader->ip_p)==IPPROTO_UDP&&iUdpDataLen!=0)
{
pUdpData=(unsigned char *) RecvBuf+sizeof(struct ipheader)+sizeof(struct udphdr);
iUdpDataLen=ntohs(pIpheader->ip_len)-(sizeof(struct ipheader)+sizeof(struct udphdr));
if(ntohs(pUdpheader->dport)==8000)
if(iUdpDataLen%4==0 && iUdpDataLen>0)
if(pUdpData[0]==0x02 && pUdpData[3]==0x00 && pUdpData[iUdpDataLen-1]==0x03)
{
QQ = (pUdpData[7]&0xff);
QQ = (QQ<<8) + (pUdpData[8]&0xff);
QQ = (QQ<<8) + (pUdpData[9]&0xff);
QQ = (QQ<<8) + (pUdpData[10]&0xff);
printf("IP:%s QQ:%d\r",szSourceIP,QQ);
}
}
}
}
注意:
此嗅探器只能在支技RAW SOCKET的机器上运行,而且还得是非交换机的局域网内
代码原创:cooldiyer
这个程序我看不出什么名堂来,还希望各路指点。
问题一:
#pragma comment(lib,"ws2_32.lib")这个是什么意思?
