13,190
社区成员
发帖
与我相关
我的任务
分享请教一些关于LAN探测的原理.
网上那些LAN探测QQ之类的软件 的原理是什么?
基于哪些?麻烦哪位大神指一下方向,或者告诉我要看些什么书,哪些方面的书.
小弟只对TCP/IP有一点浅薄的了解.
基于哪些?麻烦哪位大神指一下方向,或者告诉我要看些什么书,哪些方面的书.
小弟只对TCP/IP有一点浅薄的了解.
...全文
请发表友善的回复…
发表回复
weir55 2009-02-22
- 打赏
- 举报
在发一个
#include <winsock2.h>
#include <windows.h>
#include <ws2tcpip.h>
#include <stdio.h>
#include <stdlib.h>
#pragma comment(lib,"ws2_32.lib")
#define MAX_HOSTNAME_LAN 255
#define SIO_RCVALL _WSAIOW(IOC_VENDOR,1)
#define MAX_ADDR_LEN 16
struct ipheader {
unsigned char ip_hl:4, ip_v:4; /* this means that each member is 4 bits */
unsigned char ip_tos;
unsigned short int ip_len;
unsigned short int ip_id;
unsigned short int ip_off;
unsigned char ip_ttl;
unsigned char ip_p;
unsigned short int ip_sum;
unsigned int ip_src;
unsigned int ip_dst;
}; /* total ip header length: 20 bytes (=160 bits) */
typedef struct udphdr {
unsigned short sport;
unsigned short dport;
unsigned short len;
unsigned short cksum;
}UDP_HDR;
void main()
{
SOCKET sock;
WSADATA wsd;
DWORD dwBytesRet;
unsigned int optval = 1;
unsigned char *dataudp,*pUdpData;
int QQ,iUdpDataLen;
SOCKADDR_IN sa,saSource, saDest;
struct hostent FAR * pHostent;
char FAR name[MAX_HOSTNAME_LAN];
char szSourceIP[MAX_ADDR_LEN],RecvBuf[65535] = {0};
struct udphdr *pUdpheader;
struct ipheader *pIpheader;
WSAStartup(MAKEWORD(2,1),&wsd);
if ((sock = socket(AF_INET, SOCK_RAW, IPPROTO_IP))==SOCKET_ERROR)exit(1);
gethostname(name, MAX_HOSTNAME_LAN);
pHostent = gethostbyname(name);
sa.sin_family = AF_INET;
sa.sin_port = htons(6000);
memcpy(&sa.sin_addr.S_un.S_addr, pHostent->h_addr_list[0], pHostent->h_length);
bind(sock, (SOCKADDR *)&sa, sizeof(sa));
if ((WSAGetLastError())==10013)exit(1);
WSAIoctl(sock, SIO_RCVALL, &optval, sizeof(optval), NULL, 0, &dwBytesRet, NULL, NULL);
pIpheader = (struct ipheader *)RecvBuf;
pUdpheader = (struct udphdr *) (RecvBuf+ sizeof(struct ipheader ));
printf("QQ sniffer V1.1 code powerd by cooldiyer\r\n");
while (1)
{
memset(RecvBuf, 0, sizeof(RecvBuf));
recv(sock, RecvBuf, sizeof(RecvBuf), 0);
saSource.sin_addr.s_addr = pIpheader->ip_src;
strncpy(szSourceIP, inet_ntoa(saSource.sin_addr), MAX_ADDR_LEN);
iUdpDataLen =(ntohs(pIpheader->ip_len)-(sizeof(struct ipheader)+sizeof(struct udphdr)));
if((pIpheader->ip_p)==IPPROTO_UDP&&iUdpDataLen!=0)
{
pUdpData=(unsigned char *) RecvBuf+sizeof(struct ipheader)+sizeof(struct udphdr);
iUdpDataLen=ntohs(pIpheader->ip_len)-(sizeof(struct ipheader)+sizeof(struct udphdr));
if(ntohs(pUdpheader->dport)==8000)
if(iUdpDataLen%4==0 && iUdpDataLen>0)
if(pUdpData[0]==0x02 && pUdpData[3]==0x00 && pUdpData[iUdpDataLen-1]==0x03)
{
QQ = (pUdpData[7]&0xff);
QQ = (QQ<<8) + (pUdpData[8]&0xff);
QQ = (QQ<<8) + (pUdpData[9]&0xff);
QQ = (QQ<<8) + (pUdpData[10]&0xff);
printf("IP:%s QQ:%d\r",szSourceIP,QQ);
}
}
}
}
#include <winsock2.h>
#include <windows.h>
#include <ws2tcpip.h>
#include <stdio.h>
#include <stdlib.h>
#pragma comment(lib,"ws2_32.lib")
#define MAX_HOSTNAME_LAN 255
#define SIO_RCVALL _WSAIOW(IOC_VENDOR,1)
#define MAX_ADDR_LEN 16
struct ipheader {
unsigned char ip_hl:4, ip_v:4; /* this means that each member is 4 bits */
unsigned char ip_tos;
unsigned short int ip_len;
unsigned short int ip_id;
unsigned short int ip_off;
unsigned char ip_ttl;
unsigned char ip_p;
unsigned short int ip_sum;
unsigned int ip_src;
unsigned int ip_dst;
}; /* total ip header length: 20 bytes (=160 bits) */
typedef struct udphdr {
unsigned short sport;
unsigned short dport;
unsigned short len;
unsigned short cksum;
}UDP_HDR;
void main()
{
SOCKET sock;
WSADATA wsd;
DWORD dwBytesRet;
unsigned int optval = 1;
unsigned char *dataudp,*pUdpData;
int QQ,iUdpDataLen;
SOCKADDR_IN sa,saSource, saDest;
struct hostent FAR * pHostent;
char FAR name[MAX_HOSTNAME_LAN];
char szSourceIP[MAX_ADDR_LEN],RecvBuf[65535] = {0};
struct udphdr *pUdpheader;
struct ipheader *pIpheader;
WSAStartup(MAKEWORD(2,1),&wsd);
if ((sock = socket(AF_INET, SOCK_RAW, IPPROTO_IP))==SOCKET_ERROR)exit(1);
gethostname(name, MAX_HOSTNAME_LAN);
pHostent = gethostbyname(name);
sa.sin_family = AF_INET;
sa.sin_port = htons(6000);
memcpy(&sa.sin_addr.S_un.S_addr, pHostent->h_addr_list[0], pHostent->h_length);
bind(sock, (SOCKADDR *)&sa, sizeof(sa));
if ((WSAGetLastError())==10013)exit(1);
WSAIoctl(sock, SIO_RCVALL, &optval, sizeof(optval), NULL, 0, &dwBytesRet, NULL, NULL);
pIpheader = (struct ipheader *)RecvBuf;
pUdpheader = (struct udphdr *) (RecvBuf+ sizeof(struct ipheader ));
printf("QQ sniffer V1.1 code powerd by cooldiyer\r\n");
while (1)
{
memset(RecvBuf, 0, sizeof(RecvBuf));
recv(sock, RecvBuf, sizeof(RecvBuf), 0);
saSource.sin_addr.s_addr = pIpheader->ip_src;
strncpy(szSourceIP, inet_ntoa(saSource.sin_addr), MAX_ADDR_LEN);
iUdpDataLen =(ntohs(pIpheader->ip_len)-(sizeof(struct ipheader)+sizeof(struct udphdr)));
if((pIpheader->ip_p)==IPPROTO_UDP&&iUdpDataLen!=0)
{
pUdpData=(unsigned char *) RecvBuf+sizeof(struct ipheader)+sizeof(struct udphdr);
iUdpDataLen=ntohs(pIpheader->ip_len)-(sizeof(struct ipheader)+sizeof(struct udphdr));
if(ntohs(pUdpheader->dport)==8000)
if(iUdpDataLen%4==0 && iUdpDataLen>0)
if(pUdpData[0]==0x02 && pUdpData[3]==0x00 && pUdpData[iUdpDataLen-1]==0x03)
{
QQ = (pUdpData[7]&0xff);
QQ = (QQ<<8) + (pUdpData[8]&0xff);
QQ = (QQ<<8) + (pUdpData[9]&0xff);
QQ = (QQ<<8) + (pUdpData[10]&0xff);
printf("IP:%s QQ:%d\r",szSourceIP,QQ);
}
}
}
}
weir55 2009-02-22
- 打赏
- 举报
你可以了解下libpcap
chenyijiu 2009-02-21
- 打赏
- 举报
同一lan内计算机的网卡(或者网关更好)能够截取同一网段的数据包,如果知道qq传输的数据包的格式
(主要是加密了)你可以测试下,尽管加密了,应该还是有特征可寻的,更据lan内的哪些机器发qq特征的数据包来
判断是否开qq,可以抓些心跳数据包之类的
(主要是加密了)你可以测试下,尽管加密了,应该还是有特征可寻的,更据lan内的哪些机器发qq特征的数据包来
判断是否开qq,可以抓些心跳数据包之类的
king19840811 2009-02-21
- 打赏
- 举报
mark
