Binary Tides » C

Raw Sockets C Source Code on Linux

Wed, 06 May 2009 04:55:00 +0000

The structure of IP Header as given by RFC 791 is :

0                   1                   2                   3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Version|  IHL  |Type of Service|          Total Length         |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|         Identification        |Flags|      Fragment Offset    |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|  Time to Live |    Protocol   |         Header Checksum       |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                       Source Address                          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                    Destination Address                        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                    Options                    |    Padding    |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

The structure of a TCP header as given by RFC 793 :

0                   1                   2                   3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|          Source Port          |       Destination Port        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                        Sequence Number                        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                    Acknowledgment Number                      |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|  Data |           |U|A|P|R|S|F|                               |
| Offset| Reserved  |R|C|S|S|Y|I|            Window             |
|       |           |G|K|H|T|N|N|                               |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|           Checksum            |         Urgent Pointer        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                    Options                    |    Padding    |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                             data                              |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

To create a raw socket :

int s = socket (PF_INET, SOCK_RAW, IPPROTO_TCP);

Another option to make sure the kernel uses the raw headers :

 {
  int one = 1;
  const int *val = &one;
  if (setsockopt (s, IPPROTO_IP, IP_HDRINCL, val, sizeof (one)) < 0)
   printf ("Warning: Cannot set HDRINCL!\n");
 }

Below is an example code which constructs a raw TCP packet :
Code :

/*
 Raw Sockets with LINUX
*/
#include
#include //Provides declarations for tcp header
#include //Provides declarations for ip header

//Checksum calculation function
unsigned short csum (unsigned short *buf, int nwords)
{
 unsigned long sum;

 for (sum = 0; nwords > 0; nwords--)
  sum += *buf++;

 sum = (sum >> 16) + (sum & 0xffff);
 sum += (sum >> 16);

 return ~sum;
}

int main (void)
{
 //Create a raw socket
 int s = socket (PF_INET, SOCK_RAW, IPPROTO_TCP);
 //Datagram to represent the packet
 char datagram[4096];
 //IP header
 struct iphdr *iph = (struct iphdr *) datagram;
 //TCP header
 struct tcphdr *tcph = (struct tcphdr *) (datagram + sizeof (struct ip));
 struct sockaddr_in sin;

 sin.sin_family = AF_INET;
 sin.sin_port = htons(40);
 sin.sin_addr.s_addr = inet_addr ("60.61.62.63");

 memset (datagram, 0, 4096); /* zero out the buffer */

 //Fill in the IP Header
 iph->ihl = 5;
 iph->version = 4;
 iph->tos = 0;
 iph->tot_len = sizeof (struct ip) + sizeof (struct tcphdr);
 iph->id = htonl (54321); //Id of this packet
 iph->frag_off = 0;
 iph->ttl = 255;
 iph->protocol = 6;
 iph->check = 0;  //Set to 0 before calculating checksum
 iph->saddr = inet_addr ("1.2.3.4"); //Spoof the source ip address
 iph->daddr = sin.sin_addr.s_addr;

 //TCP Header
 tcph->source = htons (1234);
 tcph->dest = htons (85);
 tcph->seq = random ();
 tcph->ack_seq = 0;
 tcph->doff = 0;  /* first and only tcp segment */
 tcph->syn = 1;
 tcph->window = htonl (65535); /* maximum allowed window size */
 tcph->check = 0;/* if you set a checksum to zero, your kernel's IP stack
    should fill in the correct checksum during transmission */
 tcph->urg_ptr = 0;
 //Now the IP checksum
 iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1);

 //IP_HDRINCL to tell the kernel that headers are included in the packet
 {
  int one = 1;
  const int *val = &one;
  if (setsockopt (s, IPPROTO_IP, IP_HDRINCL, val, sizeof (one)) < 0)
   printf ("Warning: Cannot set HDRINCL!\n");
 }

 while (1)
 {
  //Send the packet
  if (sendto (s,  /* our socket */
     datagram, /* the buffer containing headers and data */
     iph->tot_len, /* total length of our datagram */
     0,  /* routing flags, normally always 0 */
     (struct sockaddr *) &sin, /* socket addr, just like in */
     sizeof (sin)) < 0)  /* a normal send() */
   printf ("error\n");
  else
   printf (".");
 }

 return 0;
}

Remember to run the above code with root privileges. Raw sockets require root privileges

User wireshark to check the output.

TCP Connect Port Scanner Source Code in C with Winsock

Thu, 30 Apr 2009 10:16:00 +0000

TCP connect() scanning is the most basic form of TCP scanning. The program performs a connect() command on those ports of the target machine which are to be checked. If the port is open then the connect() command will succeed and a connection will be established. If the port is closed the connect() function would simply timeout in the connection attempt.

The simple steps would be :
1. Start a loop for the port number range to be scanned.
2. Create a Socket inside the loop.
3. Call the connect function using the socket and the port number to connect to the host.
4. If connect returns SOCKET_ERROR then the connection failed hence port closed, otherwise connection established and port open.

The following code does the same. It should be noted that it scans only TCP ports. For a linux version of the same code view this post.

Code :

/*
 TCP Connect portscanner with winsock
*/

#include
#include
#pragma comment(lib, "ws2_32.lib"); //To link the winsock library  

int main(int argc, char **argv)
{
 WSADATA firstsock;
 SOCKET s;
 struct hostent *host;
 int err,i, startport , endport;
 struct sockaddr_in sa; //this stores the destination address
 char hostname[100];

 strncpy((char *)&sa,"",sizeof sa);
 sa.sin_family = AF_INET; //this line must be like this coz internet

 //Initialise winsock
 if (WSAStartup(MAKEWORD(2,0),&firstsock) != 0)  //CHECKS FOR WINSOCK VERSION 2.0
 {
  fprintf(stderr,"WSAStartup() failed"); //print formatted data specify stream and options
  exit(EXIT_FAILURE);        //or exit(1);
 } 

 printf("Enter hostname or ip to scan : ");
 gets(hostname);

 printf("Enter starting port : ");
 scanf("%d" , &startport);

 printf("Enter ending port : ");
 scanf("%d" , &endport);

 if(isdigit(hostname[0]))
 {
  printf("Doing inet_addr...");
  sa.sin_addr.s_addr = inet_addr(hostname); //get ip into s_addr
  printf("Done\n");
 }
 else if( (host=gethostbyname(hostname)) != 0)
 {
  printf("Doing gethostbyname()...");
  strncpy((char *)&sa.sin_addr , (char *)host->h_addr_list[0] , sizeof sa.sin_addr);
  printf("Done\n");
 }
 else
 {
    printf("Error resolving hostname");
       exit(EXIT_FAILURE);
 }

 //Start the portscan loop
 printf("Starting the scan loop...\n");
 for(i = startport ; i<= endport ; i++)
 {

  s = socket(AF_INET , SOCK_STREAM , 0); //make net a valid socket handle
  if(s < 0)  //if not a socket
  {
   perror("\nSocket creation failed");  // perror function prints an error message to stderr
   exit(EXIT_FAILURE);       //or exit(0);
  }

  sa.sin_port = htons(i);
  //connect to the server with that socket
  err = connect(s , (struct sockaddr *)&sa , sizeof sa);

  if(err == SOCKET_ERROR) //connection not accepted
  {
   printf("%s %-5d Winsock Error Code : %d\n" , hostname , i , WSAGetLastError());
   fflush(stdout);
  }
  else  //connection accepted
  {
   printf("%s %-5d accepted            \n" , hostname , i);
   if( shutdown( s ,SD_BOTH ) == SOCKET_ERROR )
   {
    perror("\nshutdown");// perror function prints an error message to stderr
    exit(EXIT_FAILURE);
   }
  }
  closesocket(s);   //closes the net socket
 }

 fflush(stdout); //clears the contents of a buffer or flushes a stream
 return(0);
}

The above can be compiled with vc++ 6.0 for example. Simply create a project and add this file to the project and click run.

TCP Connect Port Scanner with Linux Sockets (BSD)

Tue, 28 Apr 2009 17:24:00 +0000

TCP Connect Port Scanner works by trying to establish a connection with every port that is being scanned. If a connectio is established then the port is open otherwise closed.

The steps are simple :

1. Create a socket
2. Run a Loop to connect with each port on the remote system ; if connection established then port open otherwise closed.

Code :

#include
#include
#include
#include
#include
#include

int main(int argc , char **argv)
{
 struct hostent *host;
 int err, i , net ,start , end;
 char hostname[100];
 struct sockaddr_in sa;
 //Get the hostname to scan
 printf("Enter hostname or IP : ");
 gets(hostname);
 //Get start port number
 printf("\nEnter start port number : ");
 scanf("%d" , &start);
 //Get end port number
 printf("\nEnter end port number : ");
 scanf("%d" , &end);

 //Initialise the sockaddr_in structure
 strncpy((char*)&sa , "" , sizeof sa);
 sa.sin_family = AF_INET;

 if(isdigit(hostname[0]))
 {
  printf("Doing inet_addr...");
  sa.sin_addr.s_addr = inet_addr(hostname);
  printf("Done\n");
 }
 else if((host = gethostbyname(hostname))!=0)
 {
  printf("Doing gethostbyname...");
  strncpy((char*)&sa.sin_addr , (char*)host->h_addr , sizeof sa.sin_addr);
  printf("Done\n");
 }
 else
 {
  herror(hostname);
  exit(2);
 }
 //Start the port scan loop
 printf("Starting the portscan loop : \n");
 for(i=start ; i<=end ; i++)
 {
  //Fill in the port number
  sa.sin_port = htons(i);
  //Create a socket of type internet
  net = socket(AF_INET , SOCK_STREAM , 0);
  //Check whether socket created fine or not
  if(net < 0)
  {
   perror("\nSocket");
   exit(1);
  }
  //Connect using that socket and sockaddr structure
  err = connect(net , (struct sockaddr*)&sa , sizeof sa);

  if(err<0)
  {
   printf("%s %-5d %s\r" , hostname , i, strerror(errno));
   fflush(stdout);
  }
  else
  {
   printf("%s %-5d accepted. \n",  hostname , i);
   //Now shutdown the read and write operations on this socket
   if(shutdown(net , SHUT_RDWR) < 0)
   {
    //Print error with error message mapped from err_no
    perror("\nShutdown");
    exit(1);
   }
  }
  close(net);
 }
 printf("\r");
 fflush(stdout);
 return(0);
}

C Packet Sniffer Code with Libpcap and Linux Sockets (BSD)

Tue, 28 Apr 2009 13:51:00 +0000

Libpcap is a packe capture library which can be used to sniff packets or network traffic over a network interface. Pcap Documentation gives a description of the methods and data structures available in the libpcap library.

To install libpcap on your linux distro you can either download the source from the website and compile it and install. Or if you are on a distro like ubuntu then it can be installed from synaptic package manager. In the list of packages in Synaptic Package Manager look for 2 packages named as libpcap0.8 and libpcap0.8-dev. Install both of them.

To start with the C program the simple steps would be :

1. Find all available devices – find_alldevs()

find_alldevs() is the function which can be used to get a list of all available network devices or interfaces present on the machine or which can be opened by pcap_open_live() for sniffing purpose.

The prototype is as :

int pcap_findalldevs(pcap_if_t **alldevsp, char *errbuf)

where alldevsp is a pointer to an array of of pcap_if_t structures and errbuf is a character pointer and will contain any error message that occured during the function call.

2. Select a device for sniffing data – pcap_open_live()

pcap_open_live() is the function to get a packet capture descriptor or a handle to a device which has been opened up for sniffing. The protoype is as :

pcap_t *pcap_open_live(const char *device, int snaplen,int promisc, int to_ms, char *errbuf)

device – is the name of the device as obtained from the call to pcap_findalldevs.
snaplen – is the maximum amount of data to be captured. 65536 should be sufficient length.
promisc – 0 or 1 to indicate whether to open the device in promiscuous mode.
to_ms – the timeout in milliseconds , 0 for no timeout
errbuf – buffer to contain any error message

It returns a device handler in the form of the structure pcap_t which can be used by pcap_loop() to capture data from.

3. Start sniffing the device – pcap_loop()
4. Process the sniffed packet – user defined callback method

Code :


 /*
 Packet sniffer using libpcap library
*/
#include
#include
#include
#include //Provides declarations for icmp header
#include //Provides declarations for udp header
#include //Provides declarations for tcp header
#include //Provides declarations for ip header

void process_packet(u_char *args, const struct pcap_pkthdr *header, const u_char *packet);
void process_ip_packet(unsigned char* , int);
void print_ip_header(unsigned char* , int);
void print_tcp_header(unsigned char* buffer , int size);
void print_udp_header(unsigned char* , int);

FILE *logfile;
struct sockaddr_in source,dest;

int main()
{
 pcap_if_t alldevsp[100] , *device;
 pcap_t *handle; //Handle of the device that shall be sniffed

 char errbuf[100] , *devname , **devs;
 int count = 1 , n;
 //First get the list of available devices
 printf("Finding available devices ... ");
 if(pcap_findalldevs(&alldevsp, errbuf))
 {
  printf("Error finding devices : %s" , errbuf);
  exit(1);
 }
 printf("Done");
 //Print the available devices
 printf("\nAvailable Devices are :\n");
 device = alldevsp;
 while(device != NULL)
 {
  *(devs + count) = device->name;
  printf("%d. %s - %s\n", count++ , device->name , device->description);
  device = device->next;

 }
 //Ask user which device to sniff
 printf("Enter the number of the device you want to sniff : ");
 scanf("%d" , &n);
 devname = *(devs + count - 1);
 //Open the device for sniffing
 printf("Opening device for sniffing ... ");
 handle = pcap_open_live("eth0" , 65536 , 1 , 0 , errbuf);
 if (handle == NULL) {
  fprintf(stderr, "Couldn't open device eth0 : %s\n" , errbuf);
  exit(1);
 }
 printf("Done\n");

 logfile=fopen("log.txt","w");
 if(logfile==NULL) printf("Unable to create file.");

 //Put the device in sniff loop
 pcap_loop(handle , -1 , process_packet , NULL);
 return 0;
}

void process_packet(u_char *args, const struct pcap_pkthdr *header, const u_char *packet)
{
 int size = header->len;
 struct ether_header *ethh;
 ethh = (struct ether_header *)packet;
 //Print the ethernet header in the log file

 if(ntohs(ethh->ether_type) == ETHERTYPE_IP)
 {

  process_ip_packet(packet + sizeof *ethh , size - sizeof ethh);
  printf("%d" , sizeof *ethh);
  fflush(stdout);
 }
 return 0;
}

void process_ip_packet(unsigned char* buffer, int size)
{
 //Get the IP Header part of this packet
 struct iphdr *iph = (struct iphdr*)buffer;
 switch (iph->protocol) //Check the Protocol and do accordingly...
 {
  case 1:  //ICMP Protocol
   //PrintIcmpPacket(Buffer,Size);
   break;
  case 2:  //IGMP Protocol
   break;
  case 6:  //TCP Protocol
   print_tcp_packet(buffer , size);
   break;
  case 17: //UDP Protocol
   print_udp_packet(buffer , size);
   break;
  default: //Some Other Protocol like ARP etc.
   break;
 }
}

void print_ip_header(unsigned char* Buffer, int Size)
{
 unsigned short iphdrlen;

 struct iphdr *iph = (struct iphdr *)Buffer;
 iphdrlen =iph->ihl*4;

 memset(&source, 0, sizeof(source));
 source.sin_addr.s_addr = iph->saddr;

 memset(&dest, 0, sizeof(dest));
 dest.sin_addr.s_addr = iph->daddr;

 fprintf(logfile,"\n");
 fprintf(logfile,"IP Header\n");
 fprintf(logfile,"   |-IP Version        : %d\n",(unsigned int)iph->version);
 fprintf(logfile,"   |-IP Header Length  : %d DWORDS or %d Bytes\n",(unsigned int)iph->ihl,((unsigned int)(iph->ihl))*4);
 fprintf(logfile,"   |-Type Of Service   : %d\n",(unsigned int)iph->tos);
 fprintf(logfile,"   |-IP Total Length   : %d  Bytes(Size of Packet)\n",ntohs(iph->tot_len));
 fprintf(logfile,"   |-Identification    : %d\n",ntohs(iph->id));
 //fprintf(logfile,"   |-Reserved ZERO Field   : %d\n",(unsigned int)iphdr->ip_reserved_zero);
 //fprintf(logfile,"   |-Dont Fragment Field   : %d\n",(unsigned int)iphdr->ip_dont_fragment);
 //fprintf(logfile,"   |-More Fragment Field   : %d\n",(unsigned int)iphdr->ip_more_fragment);
 fprintf(logfile,"   |-TTL      : %d\n",(unsigned int)iph->ttl);
 fprintf(logfile,"   |-Protocol : %d\n",(unsigned int)iph->protocol);
 fprintf(logfile,"   |-Checksum : %d\n",ntohs(iph->check));
 fprintf(logfile,"   |-Source IP        : %s\n",inet_ntoa(source.sin_addr));
 fprintf(logfile,"   |-Destination IP   : %s\n",inet_ntoa(dest.sin_addr));
}

void print_tcp_packet(unsigned char* Buffer, int Size)
{
 unsigned short iphdrlen;

 struct iphdr *iph = (struct iphdr *)Buffer;
 iphdrlen = iph->ihl*4;

 struct tcphdr *tcph=(struct tcphdr*)(Buffer + iphdrlen);

 fprintf(logfile,"\n\n***********************TCP Packet*************************\n"); 

 print_ip_header(Buffer,Size);

 fprintf(logfile,"\n");
 fprintf(logfile,"TCP Header\n");
 fprintf(logfile,"   |-Source Port      : %u\n",ntohs(tcph->source));
 fprintf(logfile,"   |-Destination Port : %u\n",ntohs(tcph->dest));
 fprintf(logfile,"   |-Sequence Number    : %u\n",ntohl(tcph->seq));
 fprintf(logfile,"   |-Acknowledge Number : %u\n",ntohl(tcph->ack_seq));
 fprintf(logfile,"   |-Header Length      : %d DWORDS or %d BYTES\n" ,(unsigned int)tcph->doff,(unsigned int)tcph->doff*4);
 //fprintf(logfile,"   |-CWR Flag : %d\n",(unsigned int)tcph->cwr);
 //fprintf(logfile,"   |-ECN Flag : %d\n",(unsigned int)tcph->ece);
 fprintf(logfile,"   |-Urgent Flag          : %d\n",(unsigned int)tcph->urg);
 fprintf(logfile,"   |-Acknowledgement Flag : %d\n",(unsigned int)tcph->ack);
 fprintf(logfile,"   |-Push Flag            : %d\n",(unsigned int)tcph->psh);
 fprintf(logfile,"   |-Reset Flag           : %d\n",(unsigned int)tcph->rst);
 fprintf(logfile,"   |-Synchronise Flag     : %d\n",(unsigned int)tcph->syn);
 fprintf(logfile,"   |-Finish Flag          : %d\n",(unsigned int)tcph->fin);
 fprintf(logfile,"   |-Window         : %d\n",ntohs(tcph->window));
 fprintf(logfile,"   |-Checksum       : %d\n",ntohs(tcph->check));
 fprintf(logfile,"   |-Urgent Pointer : %d\n",tcph->urg_ptr);
 fprintf(logfile,"\n");
 fprintf(logfile,"                        DATA Dump                         ");
 fprintf(logfile,"\n");

 fprintf(logfile,"IP Header\n");
 PrintData(Buffer,iphdrlen);

 fprintf(logfile,"TCP Header\n");
 PrintData(Buffer+iphdrlen,tcph->doff*4);

 fprintf(logfile,"Data Payload\n");
 PrintData(Buffer + iphdrlen + tcph->doff*4 , (Size - tcph->doff*4-iph->ihl*4) );

 fprintf(logfile,"\n###########################################################");
}

void print_udp_packet(unsigned char *Buffer , int Size)
{

 unsigned short iphdrlen;

 struct iphdr *iph = (struct iphdr *)Buffer;
 iphdrlen = iph->ihl*4;

 struct udphdr *udph = (struct udphdr*)(Buffer + iphdrlen);

 fprintf(logfile,"\n\n***********************UDP Packet*************************\n");

 print_ip_header(Buffer,Size);   

 fprintf(logfile,"\nUDP Header\n");
 fprintf(logfile,"   |-Source Port      : %d\n" , ntohs(udph->source));
 fprintf(logfile,"   |-Destination Port : %d\n" , ntohs(udph->dest));
 fprintf(logfile,"   |-UDP Length       : %d\n" , ntohs(udph->len));
 fprintf(logfile,"   |-UDP Checksum     : %d\n" , ntohs(udph->check));

 fprintf(logfile,"\n");
 fprintf(logfile,"IP Header\n");
 PrintData(Buffer , iphdrlen);

 fprintf(logfile,"UDP Header\n");
 PrintData(Buffer+iphdrlen , sizeof udph);

 fprintf(logfile,"Data Payload\n");
 PrintData(Buffer + iphdrlen + sizeof udph ,( Size - sizeof udph - iph->ihl * 4 ));

 fprintf(logfile,"\n###########################################################");
}

void print_icmp_packet(unsigned char* Buffer , int Size)
{
 unsigned short iphdrlen;

 struct iphdr *iph = (struct iphdr *)Buffer;
 iphdrlen = iph->ihl*4;

 struct icmphdr *icmph = (struct icmphdr *)(Buffer + iphdrlen);

 fprintf(logfile,"\n\n***********************ICMP Packet*************************\n"); 

 print_ip_header(Buffer , Size);

 fprintf(logfile,"\n");

 fprintf(logfile,"ICMP Header\n");
 fprintf(logfile,"   |-Type : %d",(unsigned int)(icmph->type));

 if((unsigned int)(icmph->type) == 11)
  fprintf(logfile,"  (TTL Expired)\n");
 else if((unsigned int)(icmph->type) == ICMP_ECHOREPLY)
  fprintf(logfile,"  (ICMP Echo Reply)\n");
 fprintf(logfile,"   |-Code : %d\n",(unsigned int)(icmph->code));
 fprintf(logfile,"   |-Checksum : %d\n",ntohs(icmph->checksum));
 //fprintf(logfile,"   |-ID       : %d\n",ntohs(icmph->id));
 //fprintf(logfile,"   |-Sequence : %d\n",ntohs(icmph->sequence));
 fprintf(logfile,"\n");

 fprintf(logfile,"IP Header\n");
 PrintData(Buffer,iphdrlen);

 fprintf(logfile,"UDP Header\n");
 PrintData(Buffer + iphdrlen , sizeof icmph);

 fprintf(logfile,"Data Payload\n");
 PrintData(Buffer + iphdrlen + sizeof icmph , (Size - sizeof icmph - iph->ihl * 4));

 fprintf(logfile,"\n###########################################################");
}

void PrintData (unsigned char* data , int Size)
{
 int i,j;
 for(i=0 ; i < Size ; i++)
 {
  if( i!=0 && i%16==0)   //if one line of hex printing is complete...
  {
   fprintf(logfile,"         ");
   for(j=i-16 ; j=32 && data[j]<=128)
     fprintf(logfile,"%c",(unsigned char)data[j]); //if its a number or alphabet

    else fprintf(logfile,"."); //otherwise print a dot
   }
   fprintf(logfile,"\n");
  } 

  if(i%16==0) fprintf(logfile,"   ");
  fprintf(logfile," %02X",(unsigned int)data[i]);

  if( i==Size-1)  //print the last spaces
  {
   for(j=0;j<15-i%16;j++) fprintf(logfile,"   "); //extra spaces

   fprintf(logfile,"         ");

   for(j=i-i%16 ; j<=i ; j++)
   {
    if(data[j]>=32 && data[j]<=128) fprintf(logfile,"%c",(unsigned char)data[j]);
    else fprintf(logfile,".");
   }
   fprintf(logfile,"\n");
  }
 }
}

Compile : gcc sniffer.c -lpcap -o sniffer
Run : sudo ./sniffer

The program requires superuser or root privileges to be able to sniff the packets.
Wireshark(previously ethereal) and tcpdump are examples of applications which use the libpcap library on linux to capture packet data.

Packet Sniffer Code in C using Linux Sockets (BSD)

Sun, 26 Apr 2009 08:50:00 +0000

To code a sniffer in C (Linux) the steps would be :

1. Create a Raw Socket.
2. Put it in a recvfrom loop.

A raw socket when put in recvfrom receives all incoming packets. The following code shows an example of such a sniffer. Note that it sniffs only incoming packets. For sniffing all traffic on a network a packet capture library like libpcap can be used.

Code : sniffer.c

#include #include #include #include //For standard things #include //Provides declarations for icmp header #include //Provides declarations for udp header #include //Provides declarations for tcp header #include //Provides declarations for ip header #include #include #include #include #include #include void ProcessPacket(unsigned char* , int); void print_ip_header(unsigned char* , int); void print_tcp_header(unsigned char* buffer , int size); void print_udp_header(unsigned char* , int); int sock_raw; FILE *logfile; int tcp=0,udp=0,icmp=0,others=0,igmp=0,total=0,i,j; struct sockaddr_in source,dest; int main() { int saddr_size , data_size; struct sockaddr_in saddr; struct in_addr in; unsigned char *buffer = (unsigned char *)malloc(65536); //Its Big! logfile=fopen("log.txt","w"); if(logfile==NULL) printf("Unable to create file."); printf("Starting...\n"); //Create a raw socket that shall sniff sock_raw = socket(AF_INET , SOCK_RAW , IPPROTO_TCP); if(sock_raw < 0) { printf("Socket Error\n"); return 1; } while(1) { saddr_size = sizeof saddr; //Receive a packet data_size = recvfrom(sock_raw , buffer , 65536 , 0 , &saddr , &saddr_size); if(data_size <0 ) { printf("Recvfrom error , failed to get packets\n"); return 1; } //Now process the packet ProcessPacket(buffer , data_size); } close(sock_raw); printf("Finished"); return 0; } void ProcessPacket(unsigned char* buffer, int size) { //Get the IP Header part of this packet struct iphdr *iph = (struct iphdr*)buffer; ++total; switch (iph->protocol) //Check the Protocol and do accordingly... { case 1: //ICMP Protocol ++icmp; //PrintIcmpPacket(Buffer,Size); break; case 2: //IGMP Protocol ++igmp; break; case 6: //TCP Protocol ++tcp; print_tcp_packet(buffer , size); break; case 17: //UDP Protocol ++udp; print_udp_packet(buffer , size); break; default: //Some Other Protocol like ARP etc. ++others; break; } printf("TCP : %d UDP : %d ICMP : %d IGMP : %d Others : %d Total : %d\r",tcp,udp,icmp,igmp,others,total); } void print_ip_header(unsigned char* Buffer, int Size) { unsigned short iphdrlen; struct iphdr *iph = (struct iphdr *)Buffer; iphdrlen =iph->ihl*4; memset(&source, 0, sizeof(source)); source.sin_addr.s_addr = iph->saddr; memset(&dest, 0, sizeof(dest)); dest.sin_addr.s_addr = iph->daddr; fprintf(logfile,"\n"); fprintf(logfile,"IP Header\n"); fprintf(logfile," |-IP Version : %d\n",(unsigned int)iph->version); fprintf(logfile," |-IP Header Length : %d DWORDS or %d Bytes\n",(unsigned int)iph->ihl,((unsigned int)(iph->ihl))*4); fprintf(logfile," |-Type Of Service : %d\n",(unsigned int)iph->tos); fprintf(logfile," |-IP Total Length : %d Bytes(Size of Packet)\n",ntohs(iph->tot_len)); fprintf(logfile," |-Identification : %d\n",ntohs(iph->id)); //fprintf(logfile," |-Reserved ZERO Field : %d\n",(unsigned int)iphdr->ip_reserved_zero); //fprintf(logfile," |-Dont Fragment Field : %d\n",(unsigned int)iphdr->ip_dont_fragment); //fprintf(logfile," |-More Fragment Field : %d\n",(unsigned int)iphdr->ip_more_fragment); fprintf(logfile," |-TTL : %d\n",(unsigned int)iph->ttl); fprintf(logfile," |-Protocol : %d\n",(unsigned int)iph->protocol); fprintf(logfile," |-Checksum : %d\n",ntohs(iph->check)); fprintf(logfile," |-Source IP : %s\n",inet_ntoa(source.sin_addr)); fprintf(logfile," |-Destination IP : %s\n",inet_ntoa(dest.sin_addr)); } void print_tcp_packet(unsigned char* Buffer, int Size) { unsigned short iphdrlen; struct iphdr *iph = (struct iphdr *)Buffer; iphdrlen = iph->ihl*4; struct tcphdr *tcph=(struct tcphdr*)(Buffer + iphdrlen); fprintf(logfile,"\n\n***********************TCP Packet*************************\n"); print_ip_header(Buffer,Size); fprintf(logfile,"\n"); fprintf(logfile,"TCP Header\n"); fprintf(logfile," |-Source Port : %u\n",ntohs(tcph->source)); fprintf(logfile," |-Destination Port : %u\n",ntohs(tcph->dest)); fprintf(logfile," |-Sequence Number : %u\n",ntohl(tcph->seq)); fprintf(logfile," |-Acknowledge Number : %u\n",ntohl(tcph->ack_seq)); fprintf(logfile," |-Header Length : %d DWORDS or %d BYTES\n" ,(unsigned int)tcph->doff,(unsigned int)tcph->doff*4); //fprintf(logfile," |-CWR Flag : %d\n",(unsigned int)tcph->cwr); //fprintf(logfile," |-ECN Flag : %d\n",(unsigned int)tcph->ece); fprintf(logfile," |-Urgent Flag : %d\n",(unsigned int)tcph->urg); fprintf(logfile," |-Acknowledgement Flag : %d\n",(unsigned int)tcph->ack); fprintf(logfile," |-Push Flag : %d\n",(unsigned int)tcph->psh); fprintf(logfile," |-Reset Flag : %d\n",(unsigned int)tcph->rst); fprintf(logfile," |-Synchronise Flag : %d\n",(unsigned int)tcph->syn); fprintf(logfile," |-Finish Flag : %d\n",(unsigned int)tcph->fin); fprintf(logfile," |-Window : %d\n",ntohs(tcph->window)); fprintf(logfile," |-Checksum : %d\n",ntohs(tcph->check)); fprintf(logfile," |-Urgent Pointer : %d\n",tcph->urg_ptr); fprintf(logfile,"\n"); fprintf(logfile," DATA Dump "); fprintf(logfile,"\n"); fprintf(logfile,"IP Header\n"); PrintData(Buffer,iphdrlen); fprintf(logfile,"TCP Header\n"); PrintData(Buffer+iphdrlen,tcph->doff*4); fprintf(logfile,"Data Payload\n"); PrintData(Buffer + iphdrlen + tcph->doff*4 , (Size - tcph->doff*4-iph->ihl*4) ); fprintf(logfile,"\n###########################################################"); } void print_udp_packet(unsigned char *Buffer , int Size) { unsigned short iphdrlen; struct iphdr *iph = (struct iphdr *)Buffer; iphdrlen = iph->ihl*4; struct udphdr *udph = (struct udphdr*)(Buffer + iphdrlen); fprintf(logfile,"\n\n***********************UDP Packet*************************\n"); print_ip_header(Buffer,Size); fprintf(logfile,"\nUDP Header\n"); fprintf(logfile," |-Source Port : %d\n" , ntohs(udph->source)); fprintf(logfile," |-Destination Port : %d\n" , ntohs(udph->dest)); fprintf(logfile," |-UDP Length : %d\n" , ntohs(udph->len)); fprintf(logfile," |-UDP Checksum : %d\n" , ntohs(udph->check)); fprintf(logfile,"\n"); fprintf(logfile,"IP Header\n"); PrintData(Buffer , iphdrlen); fprintf(logfile,"UDP Header\n"); PrintData(Buffer+iphdrlen , sizeof udph); fprintf(logfile,"Data Payload\n"); PrintData(Buffer + iphdrlen + sizeof udph ,( Size - sizeof udph - iph->ihl * 4 )); fprintf(logfile,"\n###########################################################"); } void print_icmp_packet(unsigned char* Buffer , int Size) { unsigned short iphdrlen; struct iphdr *iph = (struct iphdr *)Buffer; iphdrlen = iph->ihl*4; struct icmphdr *icmph = (struct icmphdr *)(Buffer + iphdrlen); fprintf(logfile,"\n\n***********************ICMP Packet*************************\n"); print_ip_header(Buffer , Size); fprintf(logfile,"\n"); fprintf(logfile,"ICMP Header\n"); fprintf(logfile," |-Type : %d",(unsigned int)(icmph->type)); if((unsigned int)(icmph->type) == 11) fprintf(logfile," (TTL Expired)\n"); else if((unsigned int)(icmph->type) == ICMP_ECHOREPLY) fprintf(logfile," (ICMP Echo Reply)\n"); fprintf(logfile," |-Code : %d\n",(unsigned int)(icmph->code)); fprintf(logfile," |-Checksum : %d\n",ntohs(icmph->checksum)); //fprintf(logfile," |-ID : %d\n",ntohs(icmph->id)); //fprintf(logfile," |-Sequence : %d\n",ntohs(icmph->sequence)); fprintf(logfile,"\n"); fprintf(logfile,"IP Header\n"); PrintData(Buffer,iphdrlen); fprintf(logfile,"UDP Header\n"); PrintData(Buffer + iphdrlen , sizeof icmph); fprintf(logfile,"Data Payload\n"); PrintData(Buffer + iphdrlen + sizeof icmph , (Size - sizeof icmph - iph->ihl * 4)); fprintf(logfile,"\n###########################################################"); } void PrintData (unsigned char* data , int Size) { for(i=0 ; i < Size ; i++) { if( i!=0 && i%16==0) //if one line of hex printing is complete... { fprintf(logfile," "); for(j=i-16 ; j=32 && data[j]<=128) fprintf(logfile,"%c",(unsigned char)data[j]); //if its a number or alphabet else fprintf(logfile,"."); //otherwise print a dot } fprintf(logfile,"\n"); } if(i%16==0) fprintf(logfile," "); fprintf(logfile," %02X",(unsigned int)data[i]); if( i==Size-1) //print the last spaces { for(j=0;j<15-i%16;j++) fprintf(logfile," "); //extra spaces fprintf(logfile," "); for(j=i-i%16 ; j<=i ; j++) { if(data[j]>=32 && data[j]<=128) fprintf(logfile,"%c",(unsigned char)data[j]); else fprintf(logfile,"."); } fprintf(logfile,"\n"); } } }

Compile : gcc sniffer.c

The program must be run as root user or superuser privileges. e.g. sudo ./a.out in ubuntu
The program creates raw sockets which require root access.

Raw Sockets – Packets with Winpcap

Sun, 13 Jan 2008 09:56:00 +0000

A previous post mentions how to send raw packets using winsock api on windows xp. Winpcap is a packet driver useful for packet capturing and sending raw packets on the windows platform.

Raw means we have to cook the whole packet ourselves. A TCP packet for example consists of:
1. Ethernet header
2. IP header
3. TCP header
4. The data supposed to be send

Each header has its own job to do in the whole transmission process.

Code :

u_char packet[65536]; char *dump = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";

Winpcap gives us one function called pcap_sendpacket() to throw the packet on the network adapter which forwards it. We have to responsibly construct the ethernet , ip and tcp headers and attach the data.

1. Ethernet header looks like

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Ethernet destination address (first 32 bits) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Ethernet dest (last 16 bits) |Ethernet source (first 16 bits)| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Ethernet source address (last 32 bits) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type code | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Ethernet destination address is the mac-address of the primary gateway of the network interface being used.
Ethernet source is the mac-address of the network interface itself.
Type field determines the type of the packet e.g. IP , ARP etc.

Now our first task is to get the source and destination mac address.
Winpcap gives the ip-addresses of all available network interfaces that can be used.

now if srcip has the source ip in in_addr or long format then we can get the mac-address of this ip address using the function

GetMacAddress(s_mac , srcip); printf("Selected device has mac address : %.2X-%.2X-%.2X-%.2X-%.2X-%.2X",s_mac[0],s_mac[1],s_mac[2],s_mac[3],s_mac[4],s_mac[5]);

GetMacAddress is like :

void GetMacAddress(unsigned char *mac , in_addr destip) { DWORD ret; in_addr srcip; ULONG MacAddr[2]; ULONG PhyAddrLen = 6; /* default to length of six bytes */ srcip.s_addr=0; //Now print the Mac address also ret = SendArp(destip , srcip , MacAddr , &PhyAddrLen); if(PhyAddrLen) { BYTE *bMacAddr = (BYTE *) & MacAddr; for (int i = 0; i < (int) PhyAddrLen; i++) mac[i] = (char)bMacAddr[i]; } }

SendArp is the method that is used to retrieve the “mac-address of a IP” ;simple!
The above demonstration is mostly self-explaining. We got the mac-address of the network interface we want to use. Next we need the IP address of the primary gateway of this interface and then it mac-address.

GetGateway gets the gateway :

void GetGateway(struct in_addr ip , char *sgatewayip , int *gatewayip) { char pAdapterInfo[5000]; PIP_ADAPTER_INFO AdapterInfo; ULONG OutBufLen = sizeof(pAdapterInfo) ; GetAdaptersInfo((PIP_ADAPTER_INFO) pAdapterInfo, &OutBufLen); for(AdapterInfo = (PIP_ADAPTER_INFO)pAdapterInfo; AdapterInfo ; AdapterInfo = AdapterInfo->Next) { if(ip.s_addr == inet_addr(AdapterInfo->IpAddressList.IpAddress.String)) strcpy(sgatewayip , AdapterInfo->GatewayList.IpAddress.String); } *gatewayip = inet_addr(sgatewayip); }

GetAdaptersInfo is the function that retrieves a lot of information about a adapter.
This and SendArp are inside iphlpapi.dll ; IP helper api which we shall load and get the function pointers inside!

Buzz!

void loadiphlpapi() { HINSTANCE hDll = LoadLibrary("iphlpapi.dll"); GetAdaptersInfo = (pgetadaptersinfo)GetProcAddress(hDll,"GetAdaptersInfo"); if(GetAdaptersInfo==NULL) printf("Error in iphlpapi.dll%d",GetLastError()); SendArp = (psendarp)GetProcAddress(hDll,"SendARP"); if(SendArp==NULL) printf("Error in iphlpapi.dll%d",GetLastError()); }

So by now the source-ip , its mac-address , primary-gateway-mac should be into their respective variables. So now we have enough information to build our ethernet header.

Enjoy!

ETHER_HDR *ehdr; memcpy(ehdr->source , s_mac , 6); //Source Mac address memcpy(ehdr->dest,d_mac,6); //Destination MAC address ehdr->type = htons(0x0800); //IP Frames

Next comes the IP Header

RFC 791 gives the structure of an IP header as:

0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Version| IHL |Type of Service| Total Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identification |Flags| Fragment Offset | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Time to Live | Protocol | Header Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Destination Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Options | Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

and our structure for this header :

typedef struct ip_hdr { unsigned char ip_header_len:4; // 4-bit header length (in 32-bit words) normally=5 (Means 20 Bytes may be 24 also) unsigned char ip_version :4; // 4-bit IPv4 version unsigned char ip_tos; // IP type of service unsigned short ip_total_length; // Total length unsigned short ip_id; // Unique identifier unsigned char ip_frag_offset :5; // Fragment offset field unsigned char ip_more_fragment :1; unsigned char ip_dont_fragment :1; unsigned char ip_reserved_zero :1; unsigned char ip_frag_offset1; //fragment offset unsigned char ip_ttl; // Time to live unsigned char ip_protocol; // Protocol(TCP,UDP etc) unsigned short ip_checksum; // IP checksum unsigned int ip_srcaddr; // Source address unsigned int ip_destaddr; // Source address } IPV4_HDR, *PIPV4_HDR, FAR * LPIPV4_HDR , IPHeader;

and then the TCP Header

0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Acknowledgment Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Data | |U|A|P|R|S|F| | | Offset| Reserved |R|C|S|S|Y|I| Window | | | |G|K|H|T|N|N| | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Checksum | Urgent Pointer | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Options | Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | data | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

and our structure for this header :

// TCP header typedef struct tcp_header { unsigned short source_port; // source port unsigned short dest_port; // destination port unsigned int sequence; // sequence number - 32 bits unsigned int acknowledge; // acknowledgement number - 32 bits unsigned char ns :1; //Nonce Sum Flag Added in RFC 3540. unsigned char reserved_part1:3; //according to rfc unsigned char data_offset:4; /*The number of 32-bit words in the TCP header. This indicates where the data begins. The length of the TCP header is always a multiple of 32 bits.*/ unsigned char fin :1; //Finish Flag unsigned char syn :1; //Synchronise Flag unsigned char rst :1; //Reset Flag unsigned char psh :1; //Push Flag unsigned char ack :1; //Acknowledgement Flag unsigned char urg :1; //Urgent Flag unsigned char ecn :1; //ECN-Echo Flag unsigned char cwr :1; //Congestion Window Reduced Flag //////////////////////////////// unsigned short window; // window unsigned short checksum; // checksum unsigned short urgent_pointer; // urgent pointer } TCP_HDR , *PTCP_HDR , FAR * LPTCP_HDR , TCPHeader , TCP_HEADER;

Now the headers can be build easily :

// ******************* IP Header ***************** iphdr = (PIPV4_HDR)(packet + sizeof(ETHER_HDR)); iphdr->ip_version = 4; iphdr->ip_header_len = 5; //In double words thats 4 bytes iphdr->ip_tos = 0; iphdr->ip_total_length = htons (sizeof(IPV4_HDR) + sizeof(TCP_HDR) + strlen(dump)); iphdr->ip_id = htons(2); iphdr->ip_frag_offset = 0; iphdr->ip_reserved_zero=0; iphdr->ip_dont_fragment=1; iphdr->ip_more_fragment=0; iphdr->ip_frag_offset1 = 0; iphdr->ip_ttl = 3; iphdr->ip_protocol = IPPROTO_TCP; iphdr->ip_srcaddr = inet_addr("1.2.3.4"); //srcip.s_addr; iphdr->ip_destaddr = inet_addr("1.2.3.5"); iphdr->ip_checksum =0; iphdr->ip_checksum = in_checksum((unsigned short*)iphdr, sizeof(IPV4_HDR)); // ******************* TCP Header ***************** tcphdr = (PTCP_HDR)(packet + sizeof(ETHER_HDR) + sizeof(IPV4_HDR)); tcphdr->source_port = htons(SOURCE_PORT); tcphdr->dest_port = htons(80); tcphdr->sequence=0; tcphdr->acknowledge=0; tcphdr->reserved_part1=0; tcphdr->data_offset=5; tcphdr->fin=0; tcphdr->syn=1; tcphdr->rst=0; tcphdr->psh=0; tcphdr->ack=0; tcphdr->urg=0; tcphdr->ecn=0; tcphdr->cwr=0; tcphdr->window = htons(64240); tcphdr->checksum=0; tcphdr->urgent_pointer = 0;

almost done

data = (char*)(packet + sizeof(ETHER_HDR) + sizeof(IPV4_HDR) + sizeof(TCP_HDR)); strcpy(data,dump); pcap_sendpacket(fp , packet , sizeof(ETHER_HDR) + sizeof(IPV4_HDR) + sizeof(TCP_HDR) + strlen(dump));

Thats should send the packet. Use Ethereal to check whether the packet was successfully transmitted. The above was an example of a TCP packet, similarly UDP ICMP or any other packet can be build.

Source Code :
Download

Permutations of a String

Sun, 18 Mar 2007 12:11:00 +0000

If the length of a string is n and the total number of places is r then the number of possible permutations is nPr or n!/(n-r)! . That is ofcourse a very simple mathematical relation. Only loops would not be a good idea to generate the permutations when n , r are both unbounded and variable. Recursion helps.

The following program does the task :

#include #include #include void permute(char *str,int l,int pos,int r); void swap(char &a,char &b); void print_string(char *str,int r); int main() { char str[10]=""; int l,r; printf("Enter The String : "); gets(str); l=strlen(str); printf("Enter The Number Of Places To permute on : "); scanf("%d",&r); printf("The Following Permuations are possible : \n\n"); permute(str,l,1,r); getch(); return 0; } void permute(char *str,int l,int pos,int r) { //If lock position is on the next character //than the limit if(pos==r+1) { print_string(str,r); //print - these are the elements// printf(" "); return; //and return// } //true subscript of character in array is pos-1// for(int i=pos-1;i<=l-1;i++) { //swap the first letter with all next letters str[pos-1]=str[pos-1]+str[i]-(str[i]=str[pos-1]); permute(str,l,pos+1,r); //restore the swap{swap : a=a+b-(b=a)} str[pos-1]=str[pos-1]+str[i]-(str[i]=str[pos-1]); } } void print_string(char *str,int r) { for(int i=0;i
An Output like this comes :

Enter The String : abcdef Enter The Number Of Places To permute on : 4 The Following Permuations are possible : abcd abce abcf abdc abde abdf abed abec abef abfd abfe abfc acbd acbe acbf acdb acde acdf aced aceb acef acfd acfe acfb adcb adce adcf adbc adbe adbf adeb adec adef adfb adfe adfc aecd aecb aecf aedc aedb aedf aebd aebc aebf aefd aefb aefc afcd afce afcb afdc afde afdb afed afec afeb afbd afbe afbc bacd bace bacf badc bade badf baed baec baef bafd bafe bafc bcad bcae bcaf bcda bcde bcdf bced bcea bcef bcfd bcfe bcfa bdca bdce bdcf bdac bdae bdaf bdea bdec bdef bdfa bdfe bdfc becd beca becf bedc beda bedf bead beac beaf befd befa befc bfcd bfce bfca bfdc bfde bfda bfed bfec bfea bfad bfae bfac cbad cbae cbaf cbda cbde cbdf cbed cbea cbef cbfd cbfe cbfa cabd cabe cabf cadb cade cadf caed caeb caef cafd cafe cafb cdab cdae cdaf cdba cdbe cdbf cdeb cdea cdef cdfb cdfe cdfa cead ceab ceaf ceda cedb cedf cebd ceba cebf cefd cefb cefa cfad cfae cfab cfda cfde cfdb cfed cfea cfeb cfbd cfbe cfba dbca dbce dbcf dbac dbae dbaf dbea dbec dbef dbfa dbfe dbfc dcba dcbe dcbf dcab dcae dcaf dcea dceb dcef dcfa dcfe dcfb dacb dace dacf dabc dabe dabf daeb daec daef dafb dafe dafc deca decb decf deac deab deaf deba debc debf defa defb defc dfca dfce dfcb dfac dfae dfab dfea dfec dfeb dfba dfbe dfbc ebcd ebca ebcf ebdc ebda ebdf ebad ebac ebaf ebfd ebfa ebfc ecbd ecba ecbf ecdb ecda ecdf ecad ecab ecaf ecfd ecfa ecfb edcb edca edcf edbc edba edbf edab edac edaf edfb edfa edfc eacd eacb eacf eadc eadb eadf eabd eabc eabf eafd eafb eafc efcd efca efcb efdc efda efdb efad efac efab efbd efba efbc fbcd fbce fbca fbdc fbde fbda fbed fbec fbea fbad fbae fbac fcbd fcbe fcba fcdb fcde fcda fced fceb fcea fcad fcae fcab fdcb fdce fdca fdbc fdbe fdba fdeb fdec fdea fdab fdae fdac fecd fecb feca fedc fedb feda febd febc feba fead feab feac facd face facb fadc fade fadb faed faec faeb fabd fabe fabc