#include<pcap.h>
#include<malloc.h>
#include"Header.h"
#pragma comment(lib,"ws2_32.lib")
#pragma comment(lib,"wpcap.lib")
#pragma warning(disable:4996)
void packet_view(u_char *, const struct pcap_pkthdr *, const u_char *);
void print_hex(const u_char *, int);
int main(void)
{
char *dev;
pcap_t *pd;
bpf_u_int32 net, subnet;
char errbuf[PCAP_ERRBUF_SIZE];
struct bpf_program fcode;
if (!(dev = pcap_lookupdev(errbuf))) {
printf("[!] pcap_lookupdev\n");
return -1;
}
if (pcap_lookupnet(dev, &net, &subnet, errbuf) < 0) {
printf("[!] pcap_lookupnet\n");
return -1;
}
if (!(pd = pcap_open_live(dev, 65535, 1, 3000, errbuf))) {
printf("[!] pcap_open_live\n");
return -1;
}
if (pcap_compile(pd, &fcode, "tcp port 9623", 0, subnet) < 0) {
printf("[!] pcap_complie\n");
return -1;
}
if (pcap_setfilter(pd, &fcode) < 0) {
printf("[!] pcap_setfilter\n");
return -1;
}
printf("[-] Listening\n");
if (pcap_loop(pd, 0, packet_view, NULL) < 0) {
printf("[!] pcap_loop\n");
return -1;
}
return 0;
}
void packet_view(u_char *param, const struct pcap_pkthdr *header, const u_char *pkt_data)
{
int datalen = 0;
char* buffer;
ether_header *eh;
ip_header *iph;
udp_header *uh;
tcp_header *th;
u_int ip_len;
printf("[*] Received Packet\n");
printf("[*] Length: 0x%x\n", header->len);
print_hex(pkt_data, header->len);
eh = (ether_header*)pkt_data;
printf("[*] Ethernet\n");
printf("\tDestination: %02x-%02x-%02x-%02x-%02x-%02x\n", eh->eth_dst[0], eh->eth_dst[1], eh->eth_dst[2], \
eh->eth_dst[3], eh->eth_dst[4], eh->eth_dst[5]);
printf("\tSource: %02x-%02x-%02x-%02x-%02x-%02x\n", eh->eth_src[0], eh->eth_src[1], eh->eth_src[2], \
eh->eth_src[3], eh->eth_src[4], eh->eth_src[5]);
if (ntohs(eh->eth_type) == ETHERTYPE_IP)
{
iph = (ip_header*)(pkt_data + ETH_HLEN);
ip_len = (iph->ip_len & 0xf) * 4;
printf("[*] IP\n");
printf("\tDestination: %d.%d.%d.%d\n", iph->ip_dst[0], iph->ip_dst[1], iph->ip_dst[2], iph->ip_dst[3]);
printf("\tSource: %d.%d.%d.%d\n", iph->ip_src[0], iph->ip_src[1], iph->ip_src[2], iph->ip_src[3]);
if (iph->ip_p == IPPROTO_TCP)
{
th = (tcp_header*)(pkt_data + ETH_HLEN + IP_HLEN);
printf("[*] TCP\n");
printf("\tDestPort: %d\n", ntohs(th->tcp_dport));
printf("\tSrcPort: %d\n", ntohs(th->tcp_sport));
printf("\tSEQ: %X\n", ntohl(th->tcp_seqnum));
printf("\tACK: %X\n", ntohl(th->tcp_acknum));
datalen = header->len - ETH_HLEN - IP_HLEN - th->tcp_hlen;
buffer = (char*)_alloca(datalen+2);
strncpy(buffer, (char*)pkt_data + ETH_HLEN + IP_HLEN + th->tcp_hlen, datalen);
buffer[datalen] = NULL;
printf("\tData: %s\n", buffer);
}
if (iph->ip_p == IPPROTO_UDP)
{
uh = (udp_header*)(pkt_data + ETH_HLEN + IP_HLEN);
printf("[*] UDP\n");
printf("\tDestPort: %d\n", ntohs(uh->udp_dport));
printf("\tSrcPort: %d\n", ntohs(uh->udp_sport));
datalen = header->len - ETH_HLEN - IP_HLEN - sizeof(udp_header);
buffer = (char*)_alloca(datalen + 2);
strncpy(buffer, (char*)pkt_data + ETH_HLEN + IP_HLEN + sizeof(udp_header), datalen);
buffer[datalen] = NULL;
printf("\tData: %s\n", buffer);
}
}
printf("----------------------------------------\n");
}
void print_hex(const u_char *data, int len)
{
int i, j;
printf("Addr ");
for (i = 0; i < 16; i++)
printf("%02X ", i);
for (i = 0; i < 16; i++)
printf("%X", i);
printf("\n");
for (i = 0; i * 16 < len - (len%16); i++) {
printf("0x%04X ", i * 16);
for (j = 0; j < 16; j++)
printf("%02X ", (data + 16 * i)[j]);
for (j = 0; j < 16; j++) {
if (((data + 16 * i)[j]>0x1f) && ((data + 16 * i)[j] < 0x7F))
printf("%c", (data + 16 * i)[j]);
else
printf(".");
}
printf("\n");
}
printf("0x%04X ", i * 16);
for (j = 0; j < len % 16; j++)
printf("%02X ", (data + 16 * i)[j]);
for (; j < 16; j++)
printf(" ");
for (j = 0; j < len % 16; j++) {
if (((data + 16 * i)[j]>0x1f) && ((data + 16 * i)[j] < 0x7F))
printf("%c", (data + 16 * i)[j]);
else
printf(".");
}
printf("\n");
}