|
|
// Sniff.cpp: implementation of the CSniff class.
//
//////////////////////////////////////////////////////////////////////
#include "Sniff.h"
#include "MSTcpIP.h"
#include "AddDefines.h"
#ifdef _DEBUG
#undef THIS_FILE
static char THIS_FILE[]=__FILE__;
#define new DEBUG_NEW
#endif
//////////////////////////////////////////////////////////////////////
//Static members
unsigned char CSniff::m_ucPacket[PACKET_MAXLENGTH] = {0};
unsigned char CSniff::m_ucPacketOnes[PACKET_RCVONES] = {0};
SOCKET CSniff::m_hSniffSocket = INVALID_SOCKET;
DWORD CSniff::m_dwLastErrorCode = 0;
//////////////////////////////////////////////////////////////////////
// Construction/Destruction
//////////////////////////////////////////////////////////////////////
CSniff::CSniff()
{
memset(m_ucPacketOnes, 0x00, PACKET_RCVONES);
memset(m_ucPacket, 0x00, PACKET_MAXLENGTH);
}
//////////////////////////////////////////////////////////////////////
//
CSniff::~CSniff()
{
}
//////////////////////////////////////////////////////////////////////
//
BOOL CSniff::RetreiveDataConn( BYTE *Proto,
unsigned short *usPacketLen,
unsigned short *usLocalPort,
unsigned short *usDestPort)
{
//we have only IP packets
switch(m_ucPacket[9]) //Protocol type : TCP ? UDP
{
case IPPROTO_TCP:
*Proto = IPPROTO_TCP;
break;
case IPPROTO_UDP:
*Proto = IPPROTO_UDP;
break;
case IPPROTO_ICMP:
*Proto = IPPROTO_ICMP;
break;
default:
//unexpected proto
return FALSE;
break;
}
*usPacketLen = MAKEWORD(m_ucPacket[3], m_ucPacket[2]); //total packet length
*usLocalPort = MAKEWORD(m_ucPacket[23],m_ucPacket[22]); //local Port
*usDestPort = MAKEWORD(m_ucPacket[21],m_ucPacket[20]); //dest Port
TRACE("\n\t\trow packet: %x ", m_ucPacket);
return TRUE;
}
//////////////////////////////////////////////////////////////////////
//
BOOL CSniff::Create(HWND hApp, unsigned int hMsg)
{
SOCKADDR_IN sa;
DWORD dwBufferOutLen[10] ;
DWORD dwBufferInLen= 1 ;
DWORD dwBytesReturned = 0 ;
WSADATA wsaData;
WORD wVersionReq = MAKEWORD(2,0);
if (SOCKET_ERROR == WSAStartup(wVersionReq, &wsaData))
{
m_dwLastErrorCode = ::GetLastError();
return FALSE;
}
//Here we create the raw socket
m_hSniffSocket = socket(AF_INET, SOCK_RAW, IPPROTO_IP);
//Check for socket validity
if (m_hSniffSocket == INVALID_SOCKET)
{
//Error
m_dwLastErrorCode = WSAGetLastError();
return FALSE;
}
//Promiscous Mode
int rcvtimeo = 5000 ; // 5 sec insteadof 45 as default
if( setsockopt( m_hSniffSocket , SOL_SOCKET , SO_RCVTIMEO , (const char *)&rcvtimeo , sizeof(rcvtimeo) ) == SOCKET_ERROR)
{
//Check for options error
m_dwLastErrorCode = WSAGetLastError();
return FALSE;
}
//Bind socket
sa.sin_family = AF_INET;
sa.sin_port = htons(666);
char* szIP = "127.0.0.1";
sa.sin_addr.s_addr = inet_addr(szIP);
if (bind(m_hSniffSocket,(PSOCKADDR)&sa, sizeof(sa)) == SOCKET_ERROR)
{
m_dwLastErrorCode = WSAGetLastError() ;
closesocket(m_hSniffSocket);
return FALSE;
}
if( SOCKET_ERROR == WSAIoctl( m_hSniffSocket,
SIO_RCVALL,
&dwBufferInLen, sizeof(dwBufferInLen),
&dwBufferOutLen, sizeof(dwBufferOutLen),
&dwBytesReturned,
NULL,
NULL) )
{
m_dwLastErrorCode = WSAGetLastError() ;
closesocket(m_hSniffSocket);
return FALSE;
}
else
{
if (SOCKET_ERROR == WSAAsyncSelect(m_hSniffSocket, hApp, hMsg, FD_READ))
{
m_dwLastErrorCode = WSAGetLastError();
return FALSE;
}
}
return TRUE;
}
//////////////////////////////////////////////////////////////////////
//
BOOL CSniff::Clean(HWND hApp)
{
WSAAsyncSelect(m_hSniffSocket, hApp, 0, 0);
shutdown(m_hSniffSocket, SD_RECEIVE);
closesocket(m_hSniffSocket);
return FALSE;
}
|
By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.
If a file you wish to view isn't highlighted, and is a text file (not binary), please
let us know and we'll add colourisation support for it.
This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.
A list of licenses authors might use can be found here
This member has not yet provided a Biography. Assume it's interesting and varied, and probably something to do with programming.
Submit an article or tip