端口扫描器 - icmp数据包

时间:2017-04-18 17:21:15

标签: c# networking udp pcap.net

我写了一个UDP端口扫描程序。我将数据包发送到同一网络中的另一台设备,但这里有一点问题,如果我在不同的端口发送10个数据包(每个端口关闭),wireshark只接收一个数据包。我应该收到10个ICMP包,其类型为:3。我应该在代码中更改哪些内容才能获得这些内容?

using PcapDotNet.Core;
using PcapDotNet.Packets;
using PcapDotNet.Packets.Ethernet;
using PcapDotNet.Packets.IpV4;
using PcapDotNet.Packets.Transport;
using System;
using System.Collections.Generic;

namespace SendingASinglePacketWithSendPacket
{
class Program
{
    static void Main(string[] args)
    {
        IList<LivePacketDevice> allDevices = LivePacketDevice.AllLocalMachine;
        PacketDevice selectedDevice = allDevices[2];


        for (int i = 1; i < 10; i++)
        {
            new Sender().SendUDPandGetStatus(selectedDevice, (ushort)i);
        }


        System.Console.ReadKey();
    }
}

class Sender
{
    public void SendUDPandGetStatus(PacketDevice selectedDevice, ushort port)
    {
        using (PacketCommunicator communicator = selectedDevice.Open(100, PacketDeviceOpenAttributes.Promiscuous, -1))
        {           
            communicator.SendPacket(BuildUdpPacket(port));
        }
    }

    private static Packet BuildUdpPacket(ushort destinationPort)
    {
        EthernetLayer ethernetLayer = new EthernetLayer
        { 
            Destination = new MacAddress("14:cc:20:2c:7e:36"),
            Source = new MacAddress("9C:4E:36:17:86:48"),

            EtherType = EthernetType.None,
        };

        IpV4Layer ipV4Layer =new IpV4Layer
        {
            Source = new IpV4Address("192.168.0.104"),
            CurrentDestination = new IpV4Address("192.168.0.105"),
            Fragmentation = IpV4Fragmentation.None,
            HeaderChecksum = null, 
            Identification = 123,
            Options = IpV4Options.None,
            Ttl = 30,
            TypeOfService = 0,
        };

        UdpLayer udpLayer = new UdpLayer
        {
            SourcePort = 4050,
            DestinationPort = destinationPort,
            Checksum = null, 
            CalculateChecksumValue = true,
        };

        PacketBuilder builder = new PacketBuilder(ethernetLayer, ipV4Layer, udpLayer);
        return builder.Build(DateTime.Now);
    }
}
}

Wireshark结果: enter image description here

如果我把断点放在行上,我只会添加:

new Sender().SendUDPandGetStatus(selectedDevice, (ushort)i);

并按下F5按钮(5s间隔),得到正确的结果。

1 个答案:

答案 0 :(得分:0)

这是我在Nmap文档中找到的内容:

  

Nmap检测速率限制并相应减慢以避免   用目标机器将无用的数据包淹没网络   下降。不幸的是,每秒一个数据包的Linux风格限制   进行65,536端口扫描需要超过18个小时。超速的想法   你的UDP扫描包括并行扫描更多的主机,做一个   首先快速扫描流行的端口,从后面扫描   防火墙,并使用--host-timeout跳过慢速主机。

Documentation

相关问题
最新问题