Example of LIBNET (12)

zhaozj2021-02-16  63

Example of use libnet (12) Author: small four Home Page: http: //www.nsfocus.com Date: 2000-12-14 This series of 1-11 are raw socket layer programming, today Introduce Lin Layer Programming, below is part of the key function for link layer programming: int libnet_build_ethernet (u_char * daddr, u_char * saddr, u_short id, const payload_s, u_char * buf); this function is used to construct Ethernet physics frame, Daddr, and Saddr points to a 6-byte array, corresponding to the target MAC of the physical frame, source MAC. id specified physical frame type, valid values ​​are as follows: The value represents the type ETHERTYPE_PUP PUP protocolETHERTYPE_IP IP protocolETHERTYPE_ARP ARP protocolETHERTYPE_REVARP Reverse ARP protocolETHERTYPE_VLAN IEEE VLAN taggingETHERTYPE_LOOPBACK Used to test intefacespayload is NULL, payload_s zero. The last parameter buf pointing to the data area allocated and initialized through the libnet_init_packet, at which time the BUF is actually the physical frame head. It must be aware that certain link layer interfaces (such as BPF) do not allow camouflage physical frame source Mac unless you change the kernel yourself. int libnet_build_arp (u_short hrd, u_short pro, u_short hln, u_short pln, u_short op, u_char * sha, u_char * spa, u_char * tha, u_char * tpa, const u_char * payload, int payload_s, u_char * buf); This function is used Construct the ARP packet. For common applications, HRD is arphrd_ether, and pro is ethertype_ip, HLN is ether_addr_len (already 6, MAC address length), PLN is 4 (IPv4 address length), OP specifies ARP operation type, effective value has arpop_request, arpop_reply, arpop_revrequest , Arpop_revreply, arpop_invrequest, and arpop_invreply, I don't know what the last two types are, here OP is provided in the host word sequence, such as 0x0002 is arpop_reply. SHA Specifies the sender MAC address, the SPA specifies the sender IP address, THA specifies the receiver MAC address, the TPA specifies the receiver IP address, the payload is null, and payload_s is zero. The meticulin BUF needs to point to an allocated data area, and the ARP layer begins with the pointer.

struct libnet_link_int * libnet_open_link_interface (char * device, char * ebuf); int libnet_close_link_interface (struct libnet_link_int * l); If transmit direct link physical frame, must first use libnet_open_link_interface () opens the interface device. Device Specifies the name of the interface device, and for Linux is the name of "Eth0". EBUF is typically defined as follows: CHAR ERR_BUF [LIBNET_ERRBUF_SIZE]; / usr / include / libnet / libnet-macros.h: #define libnet_errbuf_size 256 If the call fails returns NULL, the success is filled with a libnet_link_int structure and returns this structural pointer. LIBNET_CLOSE_LINK_INTERFACE () corresponds to the libnet_open_link_interface (), turn off the previously opened interface device, failed to return -1, successfully returned 1. INT libnet_select_device (strunt socketdr_in * sin, u_char ** device, u_char * eBuf); if you cannot determine which interface device name for libnet_open_link_interface (), you can call libnet_select_device () to get it. The latter traversed the interface chain list, and selected the first non-retransmission interface. SIN, Device is not NULL, SIN must point to a sockaddr_in structure, Device must point to a pointer, * sin, * Device's initial value does not matter. The call successfully returns 1, * Device points to a valid interface device name, which can be used for subsequent libnet_open_link_interface () calls. Failure returns -1, and EBUF will include the cause of failure. Struct ether_addr * libnet_get_hwaddr (struct libnet_link_int * l, const u_char * device, const u_char * eBuf); the first point is from libnet_open_link_interface (), device pointing the interface device name. Success returns the MAC address of the specified interface, failed to return 0 (NULL), and EBUF will include the cause of failure. INT libnet_write_link_layer (strunt libnet_link_int * L, const u_char * device, u_char * buf, int LEN); This function is used to send link layer physical frames, and the first reference is from libnet_open_link_interface (), Device points to the interface device name. BUF points to the physical frame header, which is generally assigned and initialized by libnet_init_packet, and libnet_destroy_packet () is responsible for release. LEN Specifies the length of the physical frame. Failure returns -1, otherwise returns the number of bytes sent out. Write an arpsend program to verify these lovely functions, the RecVMac must be a real and effective MAC address, otherwise who will receive it. Sendmac can be disguised as needed, but the link layer supports unable to disguise when the BPF is made unless you change the kernel. There are too many discussions on the ARP protocol itself, and do not further explain.

No random number support, if you have special needs, you can refer to the technique repeatedly used in this series 1-11, or you can directly use the libnet_seed_prand (), libnet_get_prand () function provided by the Libnet itself. If there is time, another program will provide these two random functions. -------------------------------------------------- ------------------------ / ** File: arpsend program for i386 / linux using libnet * Version: 0.01 Aleph * Author: scz *: http://www.nsfocus.com* complie: gcc -o3 -o arpsend arpsend.c `libnet-config --defines - cflags`` -wall * Usage: ./ARPSEND - Recv 000000111111 - Si 192.168.8.90 - SM 00000022222 - Num 30 * Date: 2000-12-13 16:43 * // ************ *********************************************************** ***** ** ************************************************* ************************************************* / # define _gnu_source # incrude #include #include < Getopt.h> / * for getopt () * / # include

/ ************************************************** ****************** ** macro ** *********************************** *********************************************************************************** / # Define Success 0 # Define Failure -1 # Define defaultarpnumber 0x5 / * Number of ARP messages by default * // ***************************************** ********************************** ** STATIC GLOBAL VAR ** ******* *********************************************************** ********** / static u_char * packet = null; static size_t packet_size = libnet_th_h libnet_arp_h; static struct libnet_link_int * link_handler = null; / ************* *********************************** ************************* ** ******** ************************* *********************************************************** * / static void Libnet_close_link_interface (struct libnet_link_int * l); / * static void Libnet_get_hwaddr (struct libnet_link_int * l, const u_char * device, u_char * mac); * / static void Libnet_init_packet (size_t p_size, u_char ** buf); static struct LIBNET_LINK_INT * LIBNET_OPEN_LINK_INTERFACE (CHAR * Device); static void libnet_select_device (u_char ** device);

static void Libnet_write_link_layer (struct libnet_link_int * l, const u_char * device, u_char * buf, int len); static char * Strncpy (char * dest, const char * src, size_t n); static void usage (char * arg); / * ------------------------------------------------- --------------------- * / static void libnet_close_link_interface (struct libnet_link_int * L) {if (libnet_close_link_interface (l) == -1) {libnet_err_warning, " libnet_close_link_interface failed / n ");} return;} / * end of Libnet_close_link_interface * // * static void Libnet_get_hwaddr (struct libnet_link_int * l, const u_char * device, u_char * mac) {char err_buf [LIBNET_ERRBUF_SIZE]; struct ether_addr * m = NULL; if (mac == null) {return;} m = libnet_get_hwaddr (l, device, err_buf); if (m == null) {libnet_ERROR (libnet_err_warning, "libnet_get_hwaddr failed:% s / n", err_buf); } Else {MEMMOVE (Mac, (U_CHAR *) M, 6);} return;} * / static void libnet_init_packet (size_t p_size, u_char ** buf) {if (libnet_init_packet (p_size, buf) == -1) {libnet_error (LIBNET_ERR_FATAL, "Can not initialize packet / n");} return;} / * end of Libnet_init_packet * / static struct libnet_link_int * Libnet_open_link_interface (char * device) {struct libnet_link_int * link = NULL; char err_buf [LIBNET_ERRBUF_SIZE]; if ((Link = libnet_open_link_interface (device, err_buf)) == null) {libnet_error (libnet_rr_fatal, "libnet_open_link_interface failed:% s / n"

, Err_buf);} return (link);} / * end of Libnet_open_link_interface * / static void Libnet_select_device (u_char ** device) {struct sockaddr_in sin; char err_buf [LIBNET_ERRBUF_SIZE]; if (device == NULL) {libnet_error (LIBNET_ERR_FATAL, "Can't locate a device / n");} if (libnet_select_device (& sin, device, err_buf) == -1) {libnet_rror (libnet_select_fatal, "libnet_select_device failed:% s / n", err_buf);} fprintf (stderr , "[Device ->% S] / N", * Device); Return;} / * end of libnet_select_device * / static void libnet_Write_Link_Layer (Struct Libnet_Link_int * L, Const U_CHAR * Device, U_CHAR * BUF, INT LEN) { int w; if ((w = libnet_write_link_layer (l, device, buf, len))

/ * Define long option * / static struct option longoption [] = {{"send", 1, 0, longoptionchar}, / * Send Mac * / {"RECV", 1, 0, longoptionchar}, / * receive Mac * / {"Si", 1, 0, longoptionchar}, / * source ip * / {"di", 1, 0, longoptionchar}, / * target IP * / {"SM", 1, 0, longoptionchar}, / * Source Mac * / {"DM", 1, 0, LongOptionchar}, / * Target Mac * / {"Arpop", 1, 0, LongOptionchar}, / * ARP Operation Type * / {"Num", 1, 0 , Longoptionchar}, / * ARP packet number * / {0, 0, 0, 0}}; int longoptionIndex = 0; / * Used to process long option * / u_char sendmac [6] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}; u_char recvmac [6] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}; u_char srcmac [6] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}; u_char DSTMAC [ 6] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}; u_long srcip = 0xfffffffff; / * Source IP uses the network word Sequence of designated * / u_long dstIp = 0xffffffff; u_short arpOp = ARPOP_REPLY; / * little-endian order * / u_long arpNumber = DEFAULTARPNUMBER; / * number of ARP packets * / char tempString1 [16] = ""; char tempString2 [3] = ""; U_short tempushort = 0; INT C, I; u_long a; u_char * device; if (argc == 1) {usage (argv [0]);} OpterR = 0; / * Don't Want getopt ( Writing to stderr * / while ((c = getopt_long (argc, argv, "h"

, Longoption, & longoptioninDex)! = EOF) {switch (c) {copy longoptionchar: / * Processing length option * / / * fprintf (stderr, "option% s", longoption [longoptionindex] .name); if (Optarg) {FPRINTF (stderr, "with arg% s", OPTARG);} fprintf (stderr, "/ n"); * / if (OPTARG) {switch (longoptionindex) {casse 0: Strncpy (Tempstring1, Optarg, 16); Tempushort = Strlen (TempString1); if (Tempushort == 12) {Tempstring2 [2] = '/ 0'; for (i = 0; i <6; i ) {tempstring2 [0] = Tempstring1 [i << 1] Tempstring2 [1] = Tempstring1 [(i << 1) 1]; sendMAC [i] = (u_char) Strtoul (Tempstrin G2, NULL, 16);} / * end of for * /} Break; Case 1: Strncpy (TempString1, Optarg, 16); Tempushort = Strlen (Tempstring1); if (Tempushort == 12) {Tempstring2 [2] = '/ 0'; for (i = 0; i <6; i ) {tempString2 [0] = Tempstring1 [i << 1]; tempstring2 [1] = Tempstring1 [(i << 1) 1];

Recvmac [i] = (u_char) Strtoul (Tempstring2, NULL, 16);} / * end of for * /} Break; Case 2: / * Return value is BIG-Endian order * / srcip = libnet_name_resolve (Optarg, libnet_dont_resolve) ; If (srcip == -1) {libnet_error (libnet_err_fatal, "Bad srcip:% s / n", OPTARG);} Break; Case 3: / * Return value is BIG-endian order * / dstip = libnet_name_resolve (Optarg, LIBNET_DONT_RESOLVE); if (DSTIP == -1) {/ * The first parameter is libnet_err_fatal, which causes exit * / libnet_error (libnet_err_fatal, "Bad Dstip:% S / N", OPTARG);} Break; Case 4: Strncpy (Tempstring1, Optarg, 16); Tempushort = Strlen (Temps TRING1); if (tempushort == 12) {Tempstring2 [2] = '/ 0'; for (i = 0; i <6; i ) {tempstring2 [0] = Tempstring1 [i << 1]; tempstring2 [1 ] = Tempstring1 [(i << 1) 1]; srcmac [i] = (u_char) Strtoul (Tempstring2, NULL, 16);} / * end of for * /} Break; Case 5: Strncpy (Tempstring1, Optarg 16);

转载请注明原文地址:https://www.9cbs.com/read-16465.html

New Post(0)