1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176
|
#include <winsock2.h>
#include<iostream>
using namespace std;
typedef struct iphdr {
unsigned char verlen; /* version du protocol IP + la longeur de l'en t?te */
unsigned char tos; /* type de service */
unsigned short tot_len; /* longueur totale du datagramme */
unsigned short id; /* identification */
unsigned short offset; /* décalage */
unsigned char ttl; /* dur?e de vie du paquet */
unsigned char protocol; /* protocole */
unsigned short checksum; /* somme de contr?le */
unsigned int saddr; /* adresse IP source */
unsigned int daddr; /* adresse IP destinataire */
} IP_HDR;
typedef struct tcphdr
{
unsigned short sport; /* port source */
unsigned short dport; /* port de destination */
unsigned int seqnum; /* num?ro de s?quence */
unsigned int acknum; /* accus? de r?ception */
unsigned char dataoffset; /* d?calage des donn?es (data offset) */
unsigned char flags; /* flags */
unsigned short windows; /* fen?tre */
unsigned short checksum; /* checksum */
unsigned short urgpointer; /* pointeur de donn?es urgentes */
} TCP_HDR;
struct pseudohdr
{
unsigned long saddr;
unsigned long daddr;
char useless;
unsigned char protocol;
unsigned short length;
struct tcphdr TCP;
};
USHORT cksum(USHORT *buffer, int size)
{
unsigned long cksum=0;
while (size > 1)
{
cksum += *buffer++;
size -= sizeof(USHORT);
}
if (size)
{
cksum += *(UCHAR*)buffer;
}
cksum = (cksum >> 16) + (cksum & 0xffff);
cksum += (cksum >>16);
return (USHORT)(~cksum);
}
int main()
{
system("TITLE Forgeur de packet TCP");
WSADATA WSAData;
WSAStartup(MAKEWORD(2,0), &WSAData);
SOCKET socket;
socket = WSASocket(AF_INET, SOCK_RAW, IPPROTO_RAW, NULL, 0,0);
if (socket == INVALID_SOCKET)
{
fprintf(stderr, "erreur lors de la cr?ation du raw socket : %d\n", WSAGetLastError());
WSACleanup();
exit(-1);
}
int optval = 1;
if (setsockopt(socket, IPPROTO_IP, 2, (char *)&optval, sizeof(optval)) == SOCKET_ERROR)
{
fprintf(stderr, "erreur lors de l'appel ? setsockopt : %d\n", WSAGetLastError());
WSACleanup();
exit(-1);
}
//-----------------------------------remplissage en-tête de l'ip------------------------------------
unsigned short packet_size, ip_version, ip_len; /* taille de notre paquet, IP version, longueur */
struct iphdr *ip; /* notre structure IP */
/* taille de notre paquet */
packet_size = sizeof(struct iphdr) + sizeof(struct tcphdr);
/* on alloue un espace m?moire pour notre structure IP */
ip = (struct iphdr *)malloc(sizeof(struct iphdr));
/* On l'initialise ? 0 */
memset(ip, 0x0, sizeof(struct iphdr));
/* longueur de l'en t?te IP */
ip_len = sizeof(struct iphdr) / sizeof(unsigned long);
/* IP version */
ip_version = 4;
/* on remplie la structure IP */
ip->verlen = (ip_version << 4) | ip_len;
ip->tos = 0;
ip->tot_len = htons (sizeof (struct iphdr) + sizeof (struct tcphdr));
ip->id = 1;
ip->offset = 0;
ip->ttl = 255;
ip->protocol = IPPROTO_TCP;
ip->saddr = inet_addr("192.168.1.81"); /* adresse IP source */
ip->daddr = inet_addr("192.168.1.1"); /* adresse IP de destination */
ip->checksum = 0; /* on initialise le champ checksum de notre structure IP ? 0 avant l'appel de la fonction calculant le checksum */
ip->checksum = cksum((unsigned short *)ip, sizeof(struct iphdr));
//----------------------------------remplissage en-tête tcp-------------------------------------------
struct tcphdr *tcp; /* notre structure TCP */
/* maintenant passons ? la structure TCP */
/* on alloue de la m?moire pour celle ci */
tcp = (struct tcphdr *)malloc(sizeof(struct tcphdr));
memset(tcp, 0x0, sizeof(struct tcphdr));
/* on la remplie */
tcp->sport = htons(1500); /* port source */
tcp->dport = htons(80) ; /* port de destination */
tcp->seqnum = htonl(1337); /* num?ro de s?quence */
tcp->acknum = htonl(1337); /* ack number */
tcp->dataoffset = (5) << 4; /* d?calage */
tcp->flags = 0x02; /* 0x02 = flag syn */
tcp->windows = htons(1337); /* fen?tre */
tcp->checksum = 0; /* checksum */
tcp->urgpointer = 0; /* options */
//---------------------remplissage de la structure pseudo hdr pour calculer le checksum de notre packet tcp-----------------------
struct pseudohdr *psdheader; /* pseudo header */
/* allocation m?moire pour notre pseudo header */
psdheader = (struct pseudohdr *)malloc(sizeof(struct pseudohdr));
memset(psdheader, 0x0, sizeof(struct pseudohdr));
/* on remplie notre structure */
psdheader->saddr = inet_addr("192.168.1.81"); /* adresse source */
psdheader->daddr = inet_addr("192.168.1.1"); /* adresse de destination */
psdheader->useless = 0; /* null */
psdheader->protocol = IPPROTO_TCP; /* protocol */
psdheader->length = htons(sizeof(struct tcphdr)); /* longueur de notre structure TCP_HDR */
psdheader->TCP = *tcp; /* structure TCP_HDR */
/* Maintenant nous calculons le checksum pour notre paquet */
tcp->checksum =cksum((unsigned short *)psdheader, sizeof(struct pseudohdr));
char *ptr = NULL, packet[32]; /* notre paquet, 32 = sizeof(struct icmphdr) + sizeof(struct iphdr) */
ZeroMemory(packet, sizeof(packet));
ptr = packet;
memcpy(ptr, ip, sizeof(struct iphdr));
ptr += sizeof(struct iphdr);
memcpy(ptr, tcp, sizeof(struct tcphdr));
ptr += sizeof(struct tcphdr);
//-------------------------------------------------envoi du packet----------------------------------------
struct sockaddr_in sin; /* notre structure sockaddr_in qui contiendra l'adresse de destination */
/* on rempli notre structure sockaddr_in */
sin.sin_family = AF_INET;
sin.sin_addr.s_addr = inet_addr("192.168.1.1"); // Adresse de destination
/* hop, nous envoyons notre paquet ? destination */
if(sendto(socket, packet, sizeof(packet), 0x0, (struct sockaddr *)&sin, sizeof(struct sockaddr_in)) == SOCKET_ERROR)
{
fprintf(stderr, "Erreur lors de l'appel de la fonction sendto. Code erreur : %d\n", WSAGetLastError());
}
free(ip);
free(tcp);
WSACleanup();
system("pause");
return 0;} |
Partager