Ask Question

Name:
Title:
Your Question:

Answer Question

Name:
Your Answer:
User Submitted Source Code!


Description:
  Pankaj
Language: C/C++
Code:
#include<stdio.h> //For standard things
#include<stdlib.h>    //malloc
#include<string.h>    //memset
#include<netinet/ip_icmp.h>   //Provides declarations for icmp header
#include<netinet/udp.h>   //Provides declarations for udp header
#include<netinet/tcp.h>   //Provides declarations for tcp header
#include<netinet/ip.h>    //Provides declarations for ip header
#include<sys/socket.h>
#include<arpa/inet.h>
 
void ProcessPacket(unsigned char* , int);
void print_ip_header(unsigned char* , int);
void print_tcp_packet(unsigned char* , int);
void PrintData (unsigned char* , int);
void PrintHttp (unsigned char* data , int Size);
 
int sock_raw;
FILE *logfile , *log_http;
int tcp=0,udp=0,icmp=0,others=0,igmp=0,total=0,i,j;
struct sockaddr_in source,dest;

//char IP_src[100];
//int flg_syn;
 
int main()
{
    int saddr_size , data_size;
    struct sockaddr saddr;
    struct in_addr in;
     
    unsigned char *buffer = (unsigned char *)malloc(65536); //Its Big!
     
    logfile=fopen("log.txt","w");
    if(logfile==NULL) printf("Unable to create file.");
    printf("Starting...n");
     
     log_http=fopen("log_http.txt","w");
    if(log_http==NULL) printf("Unable to create file.");
    printf("Starting...n");
    //Create a raw socket that shall sniff
    sock_raw = socket(AF_INET , SOCK_RAW , IPPROTO_TCP);
    if(sock_raw < 0)
    {
        printf("Socket Errorn");
        return 1;
    }
    while(1)
    {
        saddr_size = sizeof saddr;
        //Receive a packet
        data_size = recvfrom(sock_raw , buffer , 65536 , 0 , &saddr , &saddr_size);
        if(data_size <0 )
        {
            printf("Recvfrom error , failed to get packetsn");
            return 1;
        }
        //Now process the packet
        ProcessPacket(buffer , data_size);
     
    }
    close(sock_raw);
    printf("Finished");
    return 0;
}
 
void ProcessPacket(unsigned char* buffer, int size)
{
    //Get the IP Header part of this packet
    struct iphdr *iph = (struct iphdr*)buffer;
    ++total;
    switch (iph->protocol) //Check the Protocol and do accordingly...
    {
        case 1: // ICMP Protocol
            ++icmp;
            
            break;
         
        case 2:  //IGMP Protocol
            ++igmp;
            break;
         
        case 6: // TCP Protocol
            ++tcp;
            print_tcp_packet(buffer , size);
            break;
         
        case 17: //UDP Protocol
            ++udp;
           
            break;
         
        default: //Some Other Protocol like ARP etc.
            ++others;
            break;
    }
    //printf("TCP : %d   UDP : %d   ICMP : %d   IGMP : %d   Others : %d   Total : %dr",tcp,udp,icmp,igmp,others,total);
}
 
void print_ip_header(unsigned char* Buffer, int Size)
{
    unsigned short iphdrlen;
         
    struct iphdr *iph = (struct iphdr *)Buffer;
    iphdrlen =iph->ihl*4;
     
    memset(&source, 0, sizeof(source));
    source.sin_addr.s_addr = iph->saddr;
     
    memset(&dest, 0, sizeof(dest));
    dest.sin_addr.s_addr = iph->daddr;
     
    fprintf(logfile,"n");
    fprintf(logfile,"IP Headern");
    fprintf(logfile,"   |-IP Version        : %dn",(unsigned int)iph->version);
    fprintf(logfile,"   |-IP Header Length  : %d DWORDS or %d Bytesn",(unsigned int)iph->ihl,((unsigned int)(iph->ihl))*4);
    fprintf(logfile,"   |-Type Of Service   : %dn",(unsigned int)iph->tos);
    fprintf(logfile,"   |-IP Total Length   : %d  Bytes(Size of Packet)n",ntohs(iph->tot_len));
    fprintf(logfile,"   |-Identification    : %dn",ntohs(iph->id));
    fprintf(logfile,"   |-TTL      : %dn",(unsigned int)iph->ttl);
    fprintf(logfile,"   |-Protocol : %dn",(unsigned int)iph->protocol);
    fprintf(logfile,"   |-Checksum : %dn",ntohs(iph->check));
    fprintf(logfile,"   |-Source IP        : %sn",inet_ntoa(source.sin_addr));
    fprintf(logfile,"   |-Destination IP   : %sn",inet_ntoa(dest.sin_addr));
    
}
 
void print_tcp_packet(unsigned char* Buffer, int Size)
{
    unsigned short iphdrlen;
//    flg_syn=0; 
    struct iphdr *iph = (struct iphdr *)Buffer;
    iphdrlen = iph->ihl*4;
     
    struct tcphdr *tcph=(struct tcphdr*)(Buffer + iphdrlen);
             
    fprintf(logfile,"nn***********************TCP Packet*************************n");   
         
    print_ip_header(Buffer,Size);
         
    fprintf(logfile,"n");
    fprintf(logfile,"TCP Headern");
    fprintf(logfile,"   |-Source Port      : %un",ntohs(tcph->source));
    fprintf(logfile,"   |-Destination Port : %un",ntohs(tcph->dest));
    fprintf(logfile,"   |-Sequence Number    : %un",ntohl(tcph->seq));
    fprintf(logfile,"   |-Acknowledge Number : %un",ntohl(tcph->ack_seq));
    fprintf(logfile,"   |-Header Length      : %d DWORDS or %d BYTESn" ,(unsigned int)tcph->doff,(unsigned int)tcph->doff*4);
    fprintf(logfile,"   |-Urgent Flag          : %dn",(unsigned int)tcph->urg);
    fprintf(logfile,"   |-Acknowledgement Flag : %dn",(unsigned int)tcph->ack);
    fprintf(logfile,"   |-Push Flag            : %dn",(unsigned int)tcph->psh);
    fprintf(logfile,"   |-Reset Flag           : %dn",(unsigned int)tcph->rst);
    fprintf(logfile,"   |-Synchronise Flag     : %dn",(unsigned int)tcph->syn);
    fprintf(logfile,"   |-Finish Flag          : %dn",(unsigned int)tcph->fin);
    fprintf(logfile,"   |-Window         : %dn",ntohs(tcph->window));
    fprintf(logfile,"   |-Checksum       : %dn",ntohs(tcph->check));
    fprintf(logfile,"   |-Urgent Pointer : %dn",tcph->urg_ptr);
    fprintf(logfile,"n");
    fprintf(logfile,"                        DATA Dump                         ");
    fprintf(logfile,"n");

    
         
    fprintf(logfile,"IP Headern");
    PrintData(Buffer,iphdrlen);
         
    fprintf(logfile,"TCP Headern");
    PrintData(Buffer+iphdrlen,tcph->doff*4);
   
   if(ntohs(tcph->source) == 80 || ntohs(tcph->dest) == 80)
    {
               fprintf(log_http,"Data Payloadn"); 
               PrintHttp(Buffer + iphdrlen + tcph->doff*4 , (Size - tcph->doff*4-iph->ihl*4) );
               printf("Http ++");
               
               
     }
     
         
    fprintf(logfile,"Data Payloadn"); 
    PrintData(Buffer + iphdrlen + tcph->doff*4 , (Size - tcph->doff*4-iph->ihl*4) );
    
    
                         
    fprintf(logfile,"n###########################################################");
}
 
 
void PrintData (unsigned char* data , int Size)
{
     
    for(i=0 ; i < Size ; i++)
    {
        if( i!=0 && i%16==0)   //if one line of hex printing is complete...
        {
            fprintf(logfile,"         ");
            for(j=i-16 ; j<i ; j++)
            {
                if(data[j]>=32 && data[j]<=128)
                    fprintf(logfile,"%c",(unsigned char)data[j]); //if its a number or alphabet
                 
                else fprintf(logfile,"."); //otherwise print a dot
            }
            fprintf(logfile,"n");
        }
         
        if(i%16==0) fprintf(logfile,"   ");
            fprintf(logfile," %02X",(unsigned int)data[i]);
                 
        if( i==Size-1)  //print the last spaces
        {
            for(j=0;j<15-i%16;j++) fprintf(logfile,"   "); //extra spaces
             
            fprintf(logfile,"         ");
             
            for(j=i-i%16 ; j<=i ; j++)
            {
                if(data[j]>=32 && data[j]<=128) fprintf(logfile,"%c",(unsigned char)data[j]);
                else fprintf(logfile,".");
            }
            fprintf(logfile,"n");
        }
    }
}

void PrintHttp (unsigned char* data , int Size)
{
     int k=0;
     
     if(/*Check for GET request.*/)
     {
           printf("nnHypertext Transfer Protocoln");
           
    
          /*
           * 
           * 
           * Print the HTTP Header
           * 
           * 
           * */
          
     
     }
}

          
Comments: