我基本上创建了一个简单的程序,它创建一个自定义UDP数据包并将其发送到目标IP地址。
这是代码UDPraw.c:
// ----rawudp.c------
// Must be run by root lol! Just datagram, no payload/data
#include <unistd.h>
#include <stdio.h>
#include <sys/socket.h>
#include <netinet/ip.h>
#include <netinet/udp.h>
// The packet length
#define PCKT_LEN 8192
// Can create separate header file (.h) for all headers' structure
// The IP header's structure
struct ipheader {
unsigned char iph_ihl:5, iph_ver:4;
unsigned char iph_tos;
unsigned short int iph_len;
unsigned short int iph_ident;
unsigned char iph_flag;
unsigned short int iph_offset;
unsigned char iph_ttl;
unsigned char iph_protocol;
unsigned short int iph_chksum;
unsigned int iph_sourceip;
unsigned int iph_destip;
};
// UDP header's structure
struct udpheader {
unsigned short int udph_srcport;
unsigned short int udph_destport;
unsigned short int udph_len;
unsigned short int udph_chksum;
};
// total udp header length: 8 bytes (=64 bits)
// Function for checksum calculation. From the RFC,
// the checksum algorithm is:
// "The checksum field is the 16 bit one's complement of the one's
// complement sum of all 16 bit words in the header. For purposes of
// computing the checksum, the value of the checksum field is zero."
unsigned short csum(unsigned short *buf, int nwords)
{ //
unsigned long sum;
for(sum=0; nwords>0; nwords--)
sum += *buf++;
sum = (sum >> 16) + (sum &0xffff);
sum += (sum >> 16);
return (unsigned short)(~sum);
}
// Source IP, source port, target IP, target port from the command line arguments
int main(int argc, char *argv[]){
int sd;
// No data/payload just datagram
char buffer[PCKT_LEN];
// Our own headers' structures
struct ipheader *ip = (struct ipheader *) buffer;
struct udpheader *udp = (struct udpheader *) (buffer + sizeof(struct ipheader));
// Source and destination addresses: IP and port
struct sockaddr_in sin, din;
int one = 1;
const int *val = &one;
memset(buffer, 0, PCKT_LEN);
if(argc != 5){
printf("- Invalid parameters!!!\n");
printf("- Usage %s <source hostname/IP> <source port> <target hostname/IP> <target port>\n", argv[0]);
exit(-1);
}
// Create a raw socket with UDP protocol
sd = socket(PF_INET, SOCK_RAW, IPPROTO_UDP);
if(sd < 0){
perror("socket() error");
// If something wrong just exit
exit(-1);
} else
printf("socket() - Using SOCK_RAW socket and UDP protocol is OK.\n");
// The source is redundant, may be used later if needed
// The address family
sin.sin_family = AF_INET;
din.sin_family = AF_INET;
// Port numbers
sin.sin_port = htons(atoi(argv[2]));
din.sin_port = htons(atoi(argv[4]));
// IP addresses
sin.sin_addr.s_addr = inet_addr(argv[1]);
din.sin_addr.s_addr = inet_addr(argv[3]);
// Fabricate the IP header or we can use the
// standard header structures but assign our own values.
ip->iph_ihl = 5;
ip->iph_ver = 4;
ip->iph_tos = 16; // Low delay
ip->iph_len = sizeof(struct ipheader) + sizeof(struct udpheader);
ip->iph_ident = htons(54321);
ip->iph_ttl = 64; // hops
ip->iph_protocol = 17; // UDP
// Source IP address, can use spoofed address here!!!
ip->iph_sourceip = inet_addr(argv[1]);
// The destination IP address
ip->iph_destip = inet_addr(argv[3]);
// Fabricate the UDP header. Source port number, redundant
udp->udph_srcport = htons(atoi(argv[2]));
// Destination port number
udp->udph_destport = htons(atoi(argv[4]));
udp->udph_len = htons(sizeof(struct udpheader));
// Calculate the checksum for integrity
ip->iph_chksum = csum((unsigned short *)buffer, sizeof(struct ipheader) + sizeof(struct udpheader));
// Inform the kernel do not fill up the packet structure. we will build our own...
if(setsockopt(sd, IPPROTO_IP, IP_HDRINCL, val, sizeof(one)) < 0){
perror("setsockopt() error");
exit(-1);
} else
printf("setsockopt() is OK.\n");
// Send loop, send for every 2 second for 100 count
printf("Trying...\n");
printf("Using raw socket and UDP protocol\n");
printf("Using Source IP: %s port: %u, Target IP: %s port: %u.\n", argv[1], atoi(argv[2]), argv[3], atoi(argv[4]));
int count;
for(count = 1; count <=20; count++){
if(sendto(sd, buffer, ip->iph_len, 0, (struct sockaddr *)&sin, sizeof(sin)) < 0){
perror("sendto() error");
exit(-1);
} else {
printf("Count #%u - sendto() is OK.\n", count);
sleep(2);
}
}
close(sd);
return 0;
}
仅供参考:我以root用户身份登录。
编译代码时,我只是听到这些警告:
custompacket.c: In function ‘main’:
custompacket.c:69:5: warning: incompatible implicit declaration of built-in function ‘memset’ [enabled by default]
custompacket.c:73:9: warning: incompatible implicit declaration of built-in function ‘exit’ [enabled by default]
custompacket.c:82:9: warning: incompatible implicit declaration of built-in function ‘exit’ [enabled by default]
custompacket.c:128:6: warning: incompatible implicit declaration of built-in function ‘exit’ [enabled by default]
custompacket.c:139:20: warning: incompatible implicit declaration of built-in function ‘strlen’ [enabled by default]
custompacket.c:143:10: warning: incompatible implicit declaration of built-in function ‘exit’ [enabled by default]
除此之外,它编译得很好。
现在我基本上做的是将程序运行为./rawtcp [source address] [source port] [destination address] [destination port]我也运行wireshark来嗅探数据包但它没有显示出来。否则,如果我做一个简单的ping。 ping echo请求和回复在wireshark中弹出。
如果你能告诉我这里做错了什么,我真的很感激。
我使用write()其他sendto()以及如何使用?
非常感谢所有回复:)
答案 0 :(得分:1)
首先,由于缺少标题导致的警告在这里大多无关紧要,但是包含正确的头文件以获得正确的函数签名总是很重要,否则在依赖默认值时可能会导致更微妙的错误隐式函数声明。
在struct ipheader中,有一些问题。首先,iph_ihl的位字段大小应为4,而不是5,因为IP报头的版本和IHL字段都是4位长。这可能只是一个错字。
其次,在结构中包含iph_flag作为8位和iph_offset作为16位。但是,这两个字段都应该适合IP头中的相同16位。 flags字段应为3位,片段偏移字段应为13位。因为在您的代码中,您将这些值保留为memset的默认归零值,您只需从结构中完全删除flags字段,然后只有16位iph_offset字段。
另一个问题是对于这种逐字节数据打包通常使用结构。 C编译器可以在结构字段之间自由添加任何填充,以实现数据对齐。因此,要以任何可靠性的方式使用结构,您必须依赖特定于编译器的扩展,特别是#pragma pack,这是GCC和Clang支持的。
/* Set alignment of all fields in the struct to 1, to pack them as tightly as
* possible with no padding. */
#pragma pack(push, 1)
struct ipheader {
/* ... */
};
struct udpheader {
/* ... */
};
/* Reset back to normal. */
#pragma pack(pop)
值得注意的是,结构中位字段的对齐/填充的确切行为也是实现定义的,但是它确实可以在我的带有GCC的Linux机器上用于您的程序,并且很可能在很多方面工作设置。
除此之外,这一行还有另一个错误:
ip->iph_len = sizeof(struct ipheader) + sizeof(struct udpheader);
与标头中的其他16位字段一样,您应该使用htons()将它们设置为在小端机器上将它们转换为big-endian:
ip->iph_len = htons(sizeof(struct ipheader) + sizeof(struct udpheader));
iph_chksum:
ip->iph_chksum = htons(csum((unsigned short *)buffer, sizeof(struct ipheader) + sizeof(struct udpheader)));
通过这些修复,数据包确实在我的机器上按预期显示在Wireshark中,但值得注意的是,您没有设置UDP标头的校验和。
对此结构方法的替代方法是使用unsigned char数组,然后使用位移和其他位操作操作手动填充字段。这样,您甚至不必使用htons来交换字节顺序,因为无论如何您将手动填写每个字节。 e.g:
unsigned char ip_header[160];
ip_header[0] = ihl & (ip_ver << 4);
ip_header[2] = (unsigned char) (ip_len >> 8);
ip_header[3] = (unsigned char) (ip_len & 0xff);
答案 1 :(得分:0)
间接解决方案是启用编译器警告-Wall -Werror。这立刻告诉你,din从未使用过,而且该变量应该是目标地址。您在sin电话中错误地使用了sendto()(来源地址)。
您应该始终使用-Wall -Werror开发代码(如果您的编译器和代码允许,可能会更多,如-Wextra)。
答案 2 :(得分:0)
您缺少包含。
要解决此问题,请添加:
#include <string.h> -> for memset, strlen
#include <stdlib.h> -> for exit