老师考我,大家帮忙看看

rexwell 2003-09-11 12:55:56
我刚接触API不久,现在在看GDI那部分
老师有个训练项目我想参加,是关于socket的

做一个主机日志管理系统,主要功能是捕获访问主机的所有IP地址及端口
然后导入到数据库

请教大家,如果实现这个功能呢?
...全文
55 11 打赏 收藏 转发到动态 举报
写回复
用AI写文章
11 条回复
切换为时间正序
请发表友善的回复…
发表回复
microran2000 2003-09-19
  • 打赏
  • 举报
 回复
如果你需要得到API HOOK关于socket的相关代码,你可以留邮箱给我。程序实在Visual Studio.NET 2003下
编译的,不过你可以把它改编成Visual C++6实现
microran2000 2003-09-19
  • 打赏
  • 举报
 回复
钩子函数的文档比较多,你可以使用google检索钩子函数即可得到大量的中文相关信息。你刚开始只需要了解到钩子函数是把一个动态链接库注入到另外一个进程中的方法之一就可以了。其余你无需了解。
rexwell 2003-09-11
  • 打赏
  • 举报
 回复
再顶
rexwell 2003-09-11
  • 打赏
  • 举报
 回复
自己顶一下
rexwell 2003-09-11
  • 打赏
  • 举报
 回复
是不是所有类型的访问都可以啊?
包括www,telNet,ftp等等?

另外, microran2000() 请给我讲讲钩子函数好吗
简单的讲讲,或者告诉在哪里可以找到类似的资料
谢谢
xiangshifu99 2003-09-11
  • 打赏
  • 举报
 回复
哈哈,IP包监视!很容易实现!系统消耗也小!
microran2000 2003-09-11
  • 打赏
  • 举报
 回复


SYSTEMDLL_API int WINAPI Mine_recvfrom(SOCKET a0,
char* a1,
int a2,
int a3,
sockaddr* a4,
int* a5)
{
WriteLog("%lx: recvfrom(,%lx,%lx,%lx,%lx,%lx)\n", a0, a1, a2, a3, a4, a5);

int rv = 0;
__try {
rv = ::recvfrom(a0, a1, a2, a3, a4, a5);
WriteBinData("recvfrom",a1,a2);

} __finally {
WriteLog("%lx: recvfrom(,%s,,,,) -> %lx\n", a0, a1, rv);
};
return rv;
}
SYSTEMDLL_API int WINAPI Mine_WSARecv(SOCKET a0,
LPWSABUF a1,
DWORD a2,
LPDWORD a3,
LPDWORD a4,
LPWSAOVERLAPPED a5,
LPWSAOVERLAPPED_COMPLETION_ROUTINE a6)
{
WriteLog("%lx: WSARecv(,%lx,%lx,%lx,%lx,%lx,%lx)\n", a0, a1, a2, *a3, a4, a5, a6);
int rv = -1;
__try {
rv =WSARecv(a0, a1, a2, a3, a4, a5, a6);


WriteBinData( "WSARecv",a1[0].buf , a1[0].len>*a3 ? a1[0].len : *a3 );

} __finally {





WriteLog("%lx: WSARecv(,,,,,,) -> %lx\n", a0, rv);

};
return rv;
}
SYSTEMDLL_API int WINAPI Mine_WSARecvFrom(SOCKET a0,
LPWSABUF a1,
DWORD a2,
LPDWORD a3,
LPDWORD a4,
sockaddr* a5,
LPINT a6,
LPWSAOVERLAPPED a7,
LPWSAOVERLAPPED_COMPLETION_ROUTINE a8)
{
WriteLog("%lx: WSARecvFrom(,%lx,%lx,%lx,%lx,%lx,%lx,%lx,%lx)\n", a0, a1, a2, *a3, a4, a5, a6, a7, a8);



int rv = 0;
__try {

rv =WSARecvFrom(a0, a1, a2, a3, a4, a5, a6, a7, a8);
WriteBinData( "WSARecv",a1[0].buf , a1[0].len > *a3 ? a1[0].len : *a3 );

}
__finally {
WriteLog("%lx: WSARecvFrom(,,,,,,,,) -> %lx\n", a0, rv);
};
return rv;
}
SYSTEMDLL_API int WINAPI Mine_WSASend(SOCKET a0,
LPWSABUF a1,
DWORD a2,
LPDWORD a3,
DWORD a4,
LPWSAOVERLAPPED a5,
LPWSAOVERLAPPED_COMPLETION_ROUTINE a6)
{

WriteLog("%lx: WSASend(,%lx,%lx,%lx,%lx,%lx,%lx)\n", a0, a1, a2, *a3, a4, a5, a6);



int rv = 0;
__try {

WriteBinData( "WSASend",a1[0].buf, a1[0].len > *a3 ? a1[0].len : *a3 );
rv =WSASend(a0, a1, a2, a3, a4, a5, a6);
} __finally {
WriteLog("%lx: WSASend(,,,,,,) -> %lx\n", a0, rv);
};
return rv;
}
SYSTEMDLL_API int WINAPI Mine_WSASendTo(SOCKET a0,
LPWSABUF a1,
DWORD a2,
LPDWORD a3,
DWORD a4,
sockaddr* a5,
int a6,
LPWSAOVERLAPPED a7,
LPWSAOVERLAPPED_COMPLETION_ROUTINE a8)
{
WriteLog("%lx: WSASendTo(,%lx,%lx,%lx,%lx,%lx,%lx,%lx,%lx)\n", a0, a1, a2, *a3, a4, a5, a6, a7, a8);



int rv = 0;
__try {


WriteBinData( "WSASend",a1[0].buf, a1[0].len >*a3 ? a1[0].len : *a3 );
rv =WSASendTo(a0, a1, a2, a3, a4, a5, a6, a7, a8);
} __finally {
WriteLog("%lx: WSASendTo(,,,,,,,,) -> %lx\n", a0, rv);
};
return rv;
}
SYSTEMDLL_API int WINAPI Mine_recv(SOCKET a0,
char* a1,
int a2,
int a3)
{
//MessageBox(NULL,"recv","recv",MB_OK);
WriteLog("%lx: recv(,%lx,%lx,%lx)\n", a0, a1, a2, a3);

int rv = 0;
__try {

rv =recv(a0, a1, a2, a3);
WriteBinData( "recv",a1, a2);
} __finally {
WriteLog("%lx: recv(,%s,,) -> %lx\n", a0, a1, rv);
};
return rv;
}
SYSTEMDLL_API int WINAPI Mine_send(SOCKET a0,
char* a1,
int a2,
int a3)
{
//MessageBox(NULL,"send","send",MB_OK);
WriteLog("%lx: send(,%lx,%lx,%lx)\n", a0, a1, a2, a3);


int rv = 0;
__try {
WriteBinData( "send",a1, a2);
rv =send(a0, a1, a2, a3);
} __finally {
WriteLog("%lx: send(,,,) -> %lx\n", a0, rv);
};
return rv;
}
SYSTEMDLL_API int WINAPI Mine_sendto(SOCKET a0,
char* a1,
int a2,
int a3,
sockaddr* a4,
int a5)
{
WriteLog("%lx: sendto(,%s,%lx,%lx,%lx,%lx)\n", a0, a1, a2, a3, a4, a5);


int rv = 0;
__try {
WriteBinData( "sendto",a1, a2);
rv =sendto(a0, a1, a2, a3, a4, a5);
} __finally {
WriteLog("%lx: sendto(%ls,,,,,) -> %lx\n", a0, a1, rv);
};
return rv;
}
SYSTEMDLL_API struct hostent * WINAPI Mine_gethostbyname (const char * name)
{
// filter IE url
//MessageBox(NULL, "mydll:mygethostbyname called", name, MB_OK);
WriteLog("gethostbyname:name:%s", name);
return gethostbyname(name);
}
microran2000 2003-09-11
  • 打赏
  • 举报
 回复
// 采用API HOOK,挂接connect函数


#include "stdafx.h"
#include "SystemDll.h"
#include <stdio.h>
#define ARRAYOF(x) (sizeof(x)/sizeof(x[0]))

#pragma data_seg (".HKT") // any name you like
TCHAR g_szAppPath[MAX_PATH];
#pragma data_seg ()

void WriteLog(char *fmt,...)
{
int err=WSAGetLastError();
va_list args;
char modname[MAX_PATH];

char temp[8192];
HANDLE hFile;

GetModuleFileName(NULL, modname, sizeof(modname));

if((hFile =CreateFile("c:\\NetLog.log", GENERIC_WRITE, 0, NULL, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL)) <0)
{ WSASetLastError(err);
return;
}

_llseek((HFILE)hFile, 0, 2);
SYSTEMTIME lt;
GetLocalTime(<);
TCHAR szDateTime[256];
DWORD dw;
wsprintf(szDateTime,"%d/%d/%d %d:%d:%d.%d \n",lt.wYear ,lt.wMonth, lt.wDay ,lt.wHour ,lt.wMinute ,lt.wSecond ,lt.wMilliseconds );

WriteFile (hFile,szDateTime,strlen(szDateTime),&dw,NULL);

wsprintf(temp, "%s:\n", modname);

WriteFile(hFile, temp, strlen(temp), &dw, NULL);

va_start(args,fmt);
vsprintf(temp, fmt, args);
va_end(args);

WriteFile(hFile, temp, strlen(temp), &dw, NULL);

wsprintf(temp, "\r\n");
WriteFile(hFile, temp, strlen(temp), &dw, NULL);

_lclose((HFILE)hFile);
WSASetLastError(err);
}

// è?1?ê?win9x£?2??üê1ó?fopenoˉêy
int WriteBinData(char *function, char *buf, int len)
{
int err=WSAGetLastError();

// check filter

char mod_name[100];
char fname[128];

if(len <=0) return 0;


HANDLE hFile;

if((hFile =CreateFile("c:\\NetLog.log", GENERIC_WRITE, 0, NULL, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL)) <0)
{
WriteLog("open file %s failed", fname);
return -1;
}
_llseek((HFILE)hFile, 0, 2);
SYSTEMTIME lt;
GetLocalTime(<);
TCHAR szDateTime[256];
wsprintf(szDateTime,"%d/%d/%d %d:%d:%d.%d \n",lt.wYear ,lt.wMonth, lt.wDay ,lt.wHour ,lt.wMinute ,lt.wSecond ,lt.wMilliseconds );
DWORD dw;
WriteFile (hFile,szDateTime,strlen(szDateTime),&dw,NULL);
char temp[2048];
wsprintf(temp, "\r\n(%s,len=%d) \r\n", function, len);

WriteFile(hFile, temp, strlen(temp), &dw, NULL);
WriteFile(hFile, buf, len, &dw, NULL);

wsprintf(temp, "\r\n");
WriteFile(hFile, temp, strlen(temp), &dw, NULL);

_lclose((HFILE)hFile);
WSASetLastError(err);
return 0;
}

int GetLocalPortBySocket(SOCKET s)
{
struct sockaddr name;
int namelen =sizeof(name);

getsockname(s, &name, &namelen);
return ntohs(((struct sockaddr_in *)&name)->sin_port);
}

int GetLocalIPBySocket(SOCKET s, char *ip)
{
struct sockaddr name;
int namelen =sizeof(name);

getsockname(s, &name, &namelen);
strcpy(ip, inet_ntoa(((struct sockaddr_in *)&name)->sin_addr));
return 0;
}

int GetRemotePortBySocket(SOCKET s)
{
struct sockaddr name;
int namelen =sizeof(name);

getpeername(s, &name, &namelen);
return ntohs(((struct sockaddr_in *)&name)->sin_port);
}

int GetIPAndPortByAddr(struct sockaddr *paddr, char *ip, int *port)
{
*ip =0;
*port =0;
if(paddr ==NULL) return -1;

strcpy(ip, inet_ntoa(((struct sockaddr_in *)paddr)->sin_addr));
*port =ntohs(((struct sockaddr_in *)paddr)->sin_port);

return 0;
}

int GetRemoteIPBySocket(SOCKET s, char *ip)
{
struct sockaddr name;
int namelen =sizeof(name);

getpeername(s, &name, &namelen);
strcpy(ip, inet_ntoa(((struct sockaddr_in *)&name)->sin_addr));
return 0;
}
BOOL APIENTRY DllMain( HANDLE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{

GetModuleFileName((HMODULE)hModule,g_szAppPath,sizeof g_szAppPath);
TCHAR * szTemp=strrchr(g_szAppPath,'.');
szTemp++;
*szTemp=0;
strcat(g_szAppPath,"log");
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
//sm_pLogFile.InitializeFileName ("c:\\netlog.log");
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}




SYSTEMDLL_API MYAPIINFO *GetMyAPIInfo()
{
return &myapi_info[0];
}

SYSTEMDLL_API int WINAPI Mine_connect(SOCKET s, struct sockaddr *name, int namelen)
{

struct sockaddr_in *paddr =(struct sockaddr_in *)name;

char *ip =inet_ntoa(paddr->sin_addr);
int port =ntohs(paddr->sin_port);

TCHAR szMessage[1024];
wsprintf(szMessage,"try to connect: ip=%s, port=%d, are u sure\n", ip, port);
if(port!=80&&port!=21){


return SOCKET_ERROR;

}
int ret =connect(s, name, namelen);
int err=WSAGetLastError();
// check filter
WSASetLastError(err);
return ret;



}



microran2000 2003-09-11
  • 打赏
  • 举报
 回复
// 采用API HOOK,挂接connect函数


#include "stdafx.h"
#include "SystemDll.h"
#include <stdio.h>
#define ARRAYOF(x) (sizeof(x)/sizeof(x[0]))

#pragma data_seg (".HKT") // any name you like
TCHAR g_szAppPath[MAX_PATH];
#pragma data_seg ()

void WriteLog(char *fmt,...)
{
int err=WSAGetLastError();
va_list args;
char modname[MAX_PATH];

char temp[8192];
HANDLE hFile;

GetModuleFileName(NULL, modname, sizeof(modname));

if((hFile =CreateFile("c:\\NetLog.log", GENERIC_WRITE, 0, NULL, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL)) <0)
{ WSASetLastError(err);
return;
}

_llseek((HFILE)hFile, 0, 2);
SYSTEMTIME lt;
GetLocalTime(<);
TCHAR szDateTime[256];
DWORD dw;
wsprintf(szDateTime,"%d/%d/%d %d:%d:%d.%d \n",lt.wYear ,lt.wMonth, lt.wDay ,lt.wHour ,lt.wMinute ,lt.wSecond ,lt.wMilliseconds );

WriteFile (hFile,szDateTime,strlen(szDateTime),&dw,NULL);

wsprintf(temp, "%s:\n", modname);

WriteFile(hFile, temp, strlen(temp), &dw, NULL);

va_start(args,fmt);
vsprintf(temp, fmt, args);
va_end(args);

WriteFile(hFile, temp, strlen(temp), &dw, NULL);

wsprintf(temp, "\r\n");
WriteFile(hFile, temp, strlen(temp), &dw, NULL);

_lclose((HFILE)hFile);
WSASetLastError(err);
}

// è?1?ê?win9x£?2??üê1ó?fopenoˉêy
int WriteBinData(char *function, char *buf, int len)
{
int err=WSAGetLastError();

// check filter

char mod_name[100];
char fname[128];

if(len <=0) return 0;


HANDLE hFile;

if((hFile =CreateFile("c:\\NetLog.log", GENERIC_WRITE, 0, NULL, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL)) <0)
{
WriteLog("open file %s failed", fname);
return -1;
}
_llseek((HFILE)hFile, 0, 2);
SYSTEMTIME lt;
GetLocalTime(<);
TCHAR szDateTime[256];
wsprintf(szDateTime,"%d/%d/%d %d:%d:%d.%d \n",lt.wYear ,lt.wMonth, lt.wDay ,lt.wHour ,lt.wMinute ,lt.wSecond ,lt.wMilliseconds );
DWORD dw;
WriteFile (hFile,szDateTime,strlen(szDateTime),&dw,NULL);
char temp[2048];
wsprintf(temp, "\r\n(%s,len=%d) \r\n", function, len);

WriteFile(hFile, temp, strlen(temp), &dw, NULL);
WriteFile(hFile, buf, len, &dw, NULL);

wsprintf(temp, "\r\n");
WriteFile(hFile, temp, strlen(temp), &dw, NULL);

_lclose((HFILE)hFile);
WSASetLastError(err);
return 0;
}

int GetLocalPortBySocket(SOCKET s)
{
struct sockaddr name;
int namelen =sizeof(name);

getsockname(s, &name, &namelen);
return ntohs(((struct sockaddr_in *)&name)->sin_port);
}

int GetLocalIPBySocket(SOCKET s, char *ip)
{
struct sockaddr name;
int namelen =sizeof(name);

getsockname(s, &name, &namelen);
strcpy(ip, inet_ntoa(((struct sockaddr_in *)&name)->sin_addr));
return 0;
}

int GetRemotePortBySocket(SOCKET s)
{
struct sockaddr name;
int namelen =sizeof(name);

getpeername(s, &name, &namelen);
return ntohs(((struct sockaddr_in *)&name)->sin_port);
}

int GetIPAndPortByAddr(struct sockaddr *paddr, char *ip, int *port)
{
*ip =0;
*port =0;
if(paddr ==NULL) return -1;

strcpy(ip, inet_ntoa(((struct sockaddr_in *)paddr)->sin_addr));
*port =ntohs(((struct sockaddr_in *)paddr)->sin_port);

return 0;
}

int GetRemoteIPBySocket(SOCKET s, char *ip)
{
struct sockaddr name;
int namelen =sizeof(name);

getpeername(s, &name, &namelen);
strcpy(ip, inet_ntoa(((struct sockaddr_in *)&name)->sin_addr));
return 0;
}
BOOL APIENTRY DllMain( HANDLE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{

GetModuleFileName((HMODULE)hModule,g_szAppPath,sizeof g_szAppPath);
TCHAR * szTemp=strrchr(g_szAppPath,'.');
szTemp++;
*szTemp=0;
strcat(g_szAppPath,"log");
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
//sm_pLogFile.InitializeFileName ("c:\\netlog.log");
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}




SYSTEMDLL_API MYAPIINFO *GetMyAPIInfo()
{
return &myapi_info[0];
}

SYSTEMDLL_API int WINAPI Mine_connect(SOCKET s, struct sockaddr *name, int namelen)
{

struct sockaddr_in *paddr =(struct sockaddr_in *)name;

char *ip =inet_ntoa(paddr->sin_addr);
int port =ntohs(paddr->sin_port);

TCHAR szMessage[1024];
wsprintf(szMessage,"try to connect: ip=%s, port=%d, are u sure\n", ip, port);
if(port!=80&&port!=21){


return SOCKET_ERROR;

}
int ret =connect(s, name, namelen);
int err=WSAGetLastError();
// check filter
WSASetLastError(err);
return ret;



}



ber 2003-09-11
  • 打赏
  • 举报
 回复
楼上想得太简单了
lygfqy 2003-09-11
  • 打赏
  • 举报
 回复
gethostname()等其他函数就可以实现ip的获取
然后对ip进行端口扫描一下
得到数据后写到数据库中就可以了
沐风老师Scratch打地鼠游戏视频教程
  Scratch你听说过吗?6-18岁孩子学编程的启蒙教育,发达国家的孩子都在学。《沐风老师Scratch打地鼠游戏视频教程》给大家讲解演示的是一款经典的打地鼠小游戏,非常适合入门级以及进阶的小盆友、老师和家长学习。我们将陆续推出Scratch实战系列教程,欢迎大家持续关注! * 还有很多内容,沐风老师会持续更新!* PS:评论区有好戏,喜欢凑热闹的赶紧去看一看哟!
很多人都想一个RHCE吧,大家不妨看看我是怎么变成一个RHCE的。

 
从CHINAUNIX上看到的文章,很有感慨,一个学计算机的同学的经历,在河南这个地方,很多同学毕业,都不干计算机相关的工作,看看人家的酸甜苦辣吧。
 
 
http://bbs.chinaunix.net/thread-536255-1-1.html
网友的名字叫:hhh129
一个新手RHCE的酸甜苦辣,很多人都想一个RHCE吧,大家不妨看看我是怎么变成一个RHCE的。
1 爱之出体验
     我2003年
中职计算机教师招聘试题,中职教师招聘试内容_试题库
海南中公教师招聘试网为了帮助大家更好的备战2019年海南中职教师招聘试,更新文章《中职教师招聘试内容习题》,希望能帮助到大家。想要获取更多的中职教师招聘试题库,推荐生关注微信公众号:点击咨询。一、单选题1.孔子曰:“视其所以,观其所由,察其所安。”将其中的道理运用到德育工作中,要求我们坚持德育的( )A.导向性原则 B.因材施教原则C.一致性与连贯性原则 D.尊重学生与严格要求学生相结合...
全国计算机等级试突发情况解决方法
很多同学为了参加广东高职高,去参加全国计算机等级试,那么,如果在全国计算机等级试遇到突发情况怎么办?下面广州星华教育老师给大家分享全国计算机等级试突发情况解决方法,希望对大家有用。 生:如果试迟到会怎样? 原因:试开始后迟到生不得进入场。 解决办法:提前几天踩点,试当天提前进入场。 生:试当天找不到教室导致试迟到怎么办? 原因:这种情况,主要发生在那些非本校试的生或者社会生,大多是由于生出行准备不充分造成的。 解决办法: 1、如果时间允许,请根据准证注明的
国二c语言作弊用u盘,计算机等级试可以插u盘吗(全国计算机等级试报名系统官网)...
:不可以 会有嘀嘀嘀的报警声的:我以前时不让带的,人家让你不能用优盘的话电脑会控制没法用的。:首先肯定回你,不可以带优盘或者其他作弊设备。很多计算机二级点会把主机箱锁死,根本插不了优盘。在你进入点时,监还会检查你随身携带的物品。你能想到:可以带,不过USB端口可能都封了。问题说明: 计算机试用电脑随机选题…如插U盘会不会被发现…特别是能不能被老师主实在是过不了了啊,各位过的帮帮忙,听别...
网络编程

18,356

社区成员

64,214

社区内容

发帖
与我相关
我的任务
社区描述
VC/MFC 网络编程
c++c语言开发语言 技术论坛(原bbs)
社区管理员
  • 网络编程
加入社区
  • 近7日
  • 近30日
  • 至今

加载中

查看更多榜单
社区公告
暂无公告

试试用AI创作助手写篇文章吧

+ 用AI写文章