Network IP Hide

xiaoxiao2021-03-06  114

[:)] Hidden in the IP address

I. Introduction

This article mainly describes how to hide the IP address in the program. In fact, this thing is not written. Among them, I am too lazy to typing, so copying, paste the lonely swordsman, thank you! The code section refers to a program written by foreign program XES. So this is just a by-product in the learning process. Since the program is already done, it will be exchanged with you by the way, and we will improve it together. This article only wants to explain the structure and transmission mechanism of IP data. If someone change it to a malicious IP attack tool, the consequences are at your own risk.

Second, IP head structure

We know that all TCP / IP network data is all transmitted on the IP packet in the IP packet, which is packaged to establish an IP datagram containing IP headers and data. In general, network software always generates IP headers with multiple 32-bit words, even if IP headers must be filled with additional 0. The IP header contains all necessary information for transmitting the package data in the IP packet. The data structure and description of the IP header are as follows:

Member length (BIT) description

Version 4 IP header version number, currently IPv4, the latest IPv6

Header Length 4 IP header length, if there is no special choice, IP header is always 20-byte length

Type of Service 8 service type defines features such as priority, delay, throughput, and reliability of data transmission.

Total Packet Length 16 IP package length, if there is no special option, generally 20-byte length

Identification 16 IP package identifier, host uses it unique to determine each sending data report

Flag 3 IP Data Segmentation Sign

FRAGMENT OFFSET 13 IP Data Segmentation Offset

Time to Live 8 Data report on the survival time on the network, every passage, this value is reduced

Protocol 8 TCP / IP protocol type, such as: ICMP is 1, IGMP is 2, TCP is 6,

UDP is 17, etc.

Header Checksum 16 head inspection and

Source IP Address 32 Source IP Address

Destination IP Address 32 Destination IP Address

Other? Other options

Data? Data

Implementing your own defined IP head is a very meaningful thing, for example, by changing the priority and TTL of TOS in the IP head, you can make your own data package with stronger transmission capabilities and life, by modifying IP headers The source IP address can hide the IP address of your machine, and the like. The famous attack program "Teardrop TearDrop" is achieved by deliberate manufacturing systems that cannot be processed, and SYN FLOODER and

UDP Flooder is deceived by generating random source IP.

Third, the principle of implementation

In general, custom IP headers are implemented by using Socket's library function setsockopt () option ip_hdrincl, although it is easy to implement on UNIX and Linux platforms, but unfortunately, Winsock1.1 and Winsock2 in Windows platforms. .0 function library setsockopt () does not support IP_HDRINCL options, so in Windows 9x / NT is unable to implement IP header from the WINSOCK library, of course, can be implemented by writing a virtual device driver, but it is more complicated, but The emergence of Windows 2000 breaks this situation, and Windows2000's Winsock 2.2 library fully supports setsockopt () option ip_hdrincl so that we can easily implement custom IP headers. The implementation method is as follows:

Fourth, code part

{

1. This program can only run in Window 2000.

2. You must have administrator permissions.

3. Programs need to use a Button and a memo. ------------------------------------------------------------------------------------------------------------------------------------------------ --------------------------------

Before running the program, please change the value of SRCIP, Srcport, Destip, and Destport according to your needs.

-------------------------------------------------- --------------------

If you don't understand the following code, it is best not to run it.

-------------------------------------------------- --------------------

}

Unit unit1;

Interface

Uses

Windows, Messages, Sysutils, Classes, Graphics, Controls, Forms, Dialogs,

STDCTRLS, OLECTRLS, Registry;

Const

SRCIP = '123.123.123.1'; // Sending party IP address

Srcport = 1234; // Sending party port

Destip = '127.0.0.2'; // destination IP address

Destport = 4321; // destination port

MAX_MESSAGE = 4068;

MAX_PACKET = 4096;

Type

TpacketBuffer = array [0..max_packet-1] of byte;

TFORM1 = Class (TFORM)

Button1: tbutton;

Memo1: TMEMO;

Procedure Button1Click (Sender: TOBJECT);

Private

{Private Declarations}

public

{Public declarations}

Procedure de

END;

// ip header

Type

T_ip_header = record

IP_VERLEN: BYTE;

IP_tos: byte;

IP_TOTALLENGTH: WORD;

IP_ID: WORD;

IP_offset: Word;

IP_TTL: BYTE;

IP_PROTOCOL: BYTE;

IP_CHECKSUM: WORD;

IP_SRCADDR: Longword;

IP_DESTADDR: Longword;

END;

//

UDP header

Type

T_

UDP_HEADER = Record

SRC_Portno: Word;

DST_Portno: Word;

UDP_LENGTH: WORD;

UDP_CHECKSUM: WORD;

END;

// Some type declarations of Winsock 2

u_CHAR = char;

U_SHORT = WORD;

u_INT = integer;

U_long = longint;

Sunb = Packed Record

S_B1, S_B2, S_B3, S_B4: U_CHAR;

END;

SUNW = Packed Record

S_W1, S_W2: U_SHORT;

END;

IN_ADDR = Record

Case Integer of

0: (S_UN_B: Sunb);

1: (S_UN_W: SUNW);

2: (S_ADDR: U_LONG);

END;

TINADDR = IN_ADDR;

SockAddr_in = Record

Case Integer of

0: (SIN_FAMILY: U_SHORT; SIN_PORT: U_SHORT;

SIN_ADDR: TINADDR;

SIN_ZERO: ARRAY [0..7] of char);

1: (SA_FAMILY: U_SHORT;

SA_DATA: ARRAY [0..13] of char)

END;

TsockAddr = SockAddr_in;

Tsocket = u_int;

Const

WSADESCRIPTION_LEN = 256;

WSASYS_STATUS_LEN = 128;

Type

Pwsadata = ^ TWSADATA;

WSADATA = Record // WSDATA

WVERSION: WORD;

WORHVERSION: WORD;

Szdescription: array [0..wsadescription_len] of char;

SzsystemStatus: array [0..wsasys_status_len] of char;

IMAXSOCKETS: WORD;

IMAXUDPDG: WORD;

LPVENDORINFO: PCHAR;

END;

TWSADATA = WSADATA;

// Define some Winsock 2 functions

Function CloseSocket (S: Tsocket): Integer; stdcall;

Function socket (AF, STRUCT, Protocol: Integer): Tsocket; stdcall;

Function Sendto (S: Tsocket; Var Buf; Len, Flags: Integer; VAR AddRTO: TSOCKADDR;

TOLEN: Integer: integer; stdcall; {}

Function setsockopt (s: tsocket; level, optName: integer; optVal: pchar;

Optlen: Integer; integer; stdcall;

Function INET_ADDR (CP: PCHAR): U_LONG; stdcall; {Pinaddr;} {TinAddr}

Function Htons (Hostshort: U_SHORT): u_short; stdcall;

Function Wsagetlasterror: integer; stdcall;

Function WSAStartup (WVersionRequired: Word; Var WSData: TWSADATA): Integer; stdcall;

Function wsacleanup: integer; stdcall;

Const

AF_INET = 2; // InternetWork:

UDP, TCP, ETC.

IP_HDRINCL = 2; // ip Header Include

SOCK_RAW = 3; // Raw-Protocol Interface

Ipproto_ip = 0; // Dummy for IP

Ipproto_tcp = 6; // TCP

Ipproto_

UDP = 17; // User DataGram Protocol

Ipproto_raw = 255; // raw ip packet

INVALID_SOCKET = TSocket (not (0));

Socket_ERROR = -1;

VAR

FORM1: TFORM1;

IMPLEMENTATION

// Import Winsock 2 functions

Const winsocket = 'ws2_32.dll';

Function CloseSocket; External Winsocket Name 'CloseSocket'; Function Socket; External Winsocket Name 'Socket'

Function Sendto; External Winsocket Name 'Sendto';

Function setsockopt; External Winsocket Name 'setsockopt';

Function INET_ADDR; External Winsocket Name 'INET_ADDR'

Function Htons; External Winsocket Name 'Htons'

Function Wsagetlasterror; External Winsocket Name 'Wsagetlasterror';

Function WSAStartup; External Winsocket Name 'WSAStartup';

Function WSacleanup; External Winsocket Name 'wsacleanup';

{$ R * .dfm}

Function Checksum (Var Buffer; Size: Integer): Word;

Type

TWORDARRAY = array [0..1] of Word;

VAR

Chksum: longword;

i: integer;

Begin

CHKSUM: = 0;

I: = 0;

While size> 1 do begin

Chksum: = CHKSUM TOORDARRAY (BUFFER) [i];

INC (I);

Size: = size - sizeof (word);

END;

If size = 1 Then Chksum: = Chksum Byte (TwordArray (Buffer) [i]);

Chksum: = (CHKSUM SHR 16) (Chksum and $ fff);

Chksum: = CHKSUM (Chksum SHR 16);

Result: = Word (chksum);

END;

Procedure Buildheaders

Fromip: String;

iFromPort: Word;

TOIP: STRING;

ITOPORT: WORD;

Strime: String;

VAR BUF: TPACKETBUFFER;

Var Remote: TsockAddr;

Var hoodsize: word

);

VAR

Dwfromip: longword;

DWTOIP: longword;

IIPVERSION: WORD;

IIPSIZE: WORD;

iPhdr: t_ip_header;

UDphdr: T_

UDP_HEADER;

Iudpsize: Word;

IudpChecksumsize: word;

CKSUM: WORD;

PTR: ^ Byte;

Procedure IncPtr (Value: Integer);

Begin

PTR: = Pointer (Integer (PTR) VALUE;

END;

Begin

// Convert IP Address'ss

dwfromip: = inet_addr (pchar (fromip));

DWTOIP: = inet_addr (pchar (toip));

// Initialize IP header

//

ITOTALSIZE: = SIZEOF (IPHDR) SIZEOF (UDphDR) Length;

IIPVERSION: = 4;

IIPSIZE: = SizeOf (iPhdr) Div sizeof (longword);

iPhdr.ip_verlen: = (IIPVERSION SHL 4) OR IIPSIZE;

iphdr.ip_tos: = 0; // ip Type Of Service

iphdr.ip_totallength: = htons (itotalsize); // Total Packet LEN

iphdr.ip_id: = 0; // Unique Identifier: SET TO 0

iphdr.ip_offset: = 0; // Fragment Offset Field

iphdr.ip_ttl: = 128; // Time to Live

iphdr.ip_protocol: = $ 11; // Protocol

UDP)

iphdr.ip_checksum: = 0; // ip Checksum

iphdr.ip_srcaddr: = dwfromip; // source address

iphdr.ip_destaddr: = dwtoip; // destination address

//

// Initialization

UDP header

//

Iudpsize: = SizeOf (udphdr) length (strmessage);

Udphdr.src_portno: = htons (iFromport);

UDphdr.dst_portno: = HTONS (ITOPORT);

UDphdr.

UDP_LENGTH: = HTONS (IUDPSIZE);

UDphdr.

UDP_CHECKSUM: = 0;

IudpChecksumsize: = 0;

PTR: = @buf [0];

Fillchar (BUF, SIZEOF (BUF), 0);

Move (iphdr.ip_srcaddr, ptr ^, sizeof (iPhdr.ip_srcaddr));

Incptr (sizeof (iPhdr.ip_srcaddr);

Iudpchecksumsize: = iudpchecksumsize sizeof (iPhdr.ip_srcaddr);

Move (iphdr.ip_destaddr, ptr ^, sizeof (iphdr.ip_destaddr);

Incptr (sizeof (iPhdr.ip_DestAddr);

Iudpchecksumsize: = Iudpchecksumsize sizeof (iPhdr.ip_DestAddr);

IncPtr (1);

IudpChecksumsize;

Move (iphdr.ip_protocol, ptr ^, sizeof (iPhdr.ip_protocol);

Incptr (sizeof (iPhdr.ip_protocol);

IudpChecksumsize: = Iudpchecksumsize sizeof (iPhdr.ip_protocol);

Move (udphdr.

UDP_LENGTH, PTR ^, SizeOf (UDphdr.

UDP_LENGTH));

Incm (sizeof (UDphdr)

UDP_LENGTH));

Iudpchecksumsize: = Iudpchecksumsize Sizeof (udphdr.

UDP_LENGTH);

Move (udphdr, ptr ^, sizeof (udphdr)); IncPtr (SizeOf (UDphdr));

Iudpchecksumsize: = Iudpchecksumsize SizeOf (UDphdr);

Move (StrMessage [1], PTR ^, Length (StrMessage));

IncPtr (length (strmessage);

Iudpchecksumsize: = Iudpchecksumsize length (strMessage);

CKSUM: = Checksum (buf, iudpchecksumsize);

UDphdr.

UDP_CHECKSUM: = CKSUM;

//

// Now IP and

UDP header OK, we can send it out.

//

Fillchar (BUF, SIZEOF (BUF), 0);

PTR: = @buf [0];

Move (iPhdr, Ptr ^, SizeOf (iPhdr)); IncPtr (SizeOf (iPhdr));

Move (udphdr, ptr ^, sizeof (udphdr)); IncPtr (SizeOf (UDphdr));

Move (StrMessage [1], PTR ^, Length (StrMessage));

Remote.sin_family: = af_INet;

Remote.sin_port: = HTONS (ITOPORT);

Remote.sin_addr.s_addr: = DWTOIP;

END;

Procedure TFORM1.Sendit;

VAR

sh: tsocket;

Bopt: integer;

RET: Integer;

BUF: TPACKETBUFFER;

Remote: TsockAddr;

Local: TsockAddr;

ITOTALSIZE: WORD;

WSDATA: TWSADATA;

Begin

// Startup Winsock 2

RET: = WSAStartup ($ 0002, WSDATA);

IF RET <> 0 THEN BEGIN

Memo1.Lines.Add ('WSA Startup Failed.');

EXIT;

END;

With memo1.lines do begin

Add ('WSA Startup:');

Add ('dec .:' wsdata.szdescription);

Add ('Status:' WSData.szsystemStatus);

END;

Try

// Create Socket

SH: = Socket (AF_INET, SOCK_RAW, IPPROTO_

UDP);

IF (sh = invalid_socket) THEN Begin

MEMO1.LINES.ADD ('socket () failed:' INTOSTR (Wsagetlasterror));

EXIT;

END;

Memo1.Lines.Add ('socket handle =' INTOSTR (SH);

// Option: Header Include

Bopt: = 1;

RET: = setsockopt (sh, ipproto_ip, ip_hdrincl, @BOPT, SIZEOF (BOPT));

if Ret = Socket_ERROR THEN Begin

Memo1.Lines.Add ('setsockopt (ip_hdrincl) failed:' intentlasterror); exit;

END;

// build the packet

Buildheaders (Srcip, Srcport,

Destip, Destport,

'This is a test packet',

BUF, Remote, ITAOTALSIZE

// send the packet

RET: = Sendto (SH, BUF, ITAOTALSIZE, 0, Remote, SizeOf (remote));

if Ret = Socket_ERROR THEN

Memo1.Lines.Add ('sendto () failed:' INTOSTR (Wsagetlasterror))

Else

Memo1.Lines.Add ('Send' INTOSTR (RET) 'Bytes.');

// Close Socket

CloseSocket (SH);

Finally

// Close Winsock 2

WSACLEANUP;

END;

END;

Procedure TFORM1.BUTTON1CLICK (Sender: TOBJECT);

Begin

Sendit;

END;

End.

转载请注明原文地址:https://www.9cbs.com/read-126797.html

New Post(0)