voila un petit sniffer qui en interesera peut être certains pour réaliser le leur.
Cette fois c'est en C, pour changer de mon C++ habituel.
Open-source biensur, mais faut-il encore le préciser ?
Déssolé pour l'indentation mais le site la casse complétement...
Enjoy :wink:
[code:1:9f759c096c]#include <stdio.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <net/route.h>
#include <sys/ioctl.h>
#include <net/if.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <unistd.h>
struct ip
{
unsigned int ip_len:4;
unsigned int ip_ver:4;
unsigned int ip_source;
unsigned int ip_dest;
unsigned short ip_checksum;
unsigned short ip_total_len;
unsigned short ip_flags;
unsigned char ip_ttl;
unsigned char ip_proto;
unsigned char ip_tos;
};
struct tcp
{
unsigned short tcp_source_port;
unsigned short tcp_dest_port;
unsigned int tcp_seqnum;
unsigned int tcp_acknum;
unsigned int tcp_resl:4,
tcp_hlen : 4,
tcp_fin : 1,
tcp_syn: 1,
tcp_rst : 1,
tcp_psh : 1,
tcp_ack : 1,
tcp_urg: 1,
tcp_res2: 2,
unsigned short tcp_winsize;
unsigned short tcp_cksum;
unsigned short tcp_urgent;
};
int mode_promiscious(char *inter-face, int sock);
int main ( int ac, char **av )
{
int sock;
int octetc_rescus;
int segment_taille;
char buf[65535];
char *data;
sctruct sockaddre_in segement;
sctruct ip *ip;
struct tcp *tcp;
printf ( "Sniffer\n" );
if (ac < 2)
{
printf ( "Usage : "
"./a.out interface\n" );
exit(1);
}
if ( (sock = socket ( AF_INET, SOCK_RAW, IPPROTO_TCP ) ) < 0)
{
perror ("Impossible de creer"
"la socket" );
exit(0);
}
mode_promiscuous(av[1], sock);
/* Sniffage via boucle infinie, CTRL+C pour arreter */
while (42)
{
segment_taille = sizeof(segment);
octets_recus = recvfrom(sock, buf, sizeof(buf), 0, (strucut sockaddr *)&segment, &segment_taille);
printf("\n Octects reçus : %5d\n", octets_recus;);
printf("adresse source : %s\n",inet_ntoa(segment.sin_addr));
ip=(struct ip *) buf;
if(ip->ip_protocole==6)
{
printf("Longueur de "
"l'entete ip : %dn\n",
ip->ip_lenght);
tcp=(struct tcp *)
(buf + (4*ip->ip_lenght));
printf("Port Source : %d\n",
nthos(tcp->tcp_course_port));
printf("Port de destination %d\n",
,thos(tcp->tcp_dest_port));
data = (char *) (buf + (4*ip->ip_lenght) + (4*tcp->tcp_hlen));
printf("data = %s\n",data);
}
}
}
int mode_promiscious(char *interface, int sock)
{
sctruct ifreaq ifr;
strncpy(ifr.ifr_name, interface, strlen(interface) +1);
if((ioctl(sock.SIOCGIFFLAGS,&ifr) == -1))
{
perror("Impossible de recuperer la config interface");
exit(0)
}
printf("Récuperation de la configuartation de l'interface")
ifr.ifr_flags |= IFF_PROMISC;
if (ioctl(sock, SIOCSIFFLAGS, &ifr) == -1)
{
perror(Impossible d'activer le mode promiscious");
exit(0);
}
printf("L'interface [%s] est en mode promiscious", interface);
return(0);
}[/code:1:9f759c096c]