构造TCP/IP协议

ly_bbg_168888 发布于 2016/05/26 11:11
阅读 140
收藏 0

在旁路设备中抓到一个HTTP请求包,想要自己伪造一个TCP包返回,将连接重定向到自己 服务器

tcp构造有什么问题?

#define HTTP_REDIRECT "HTTP/1.1 302 Found\r\nLocation: %s\r\nConnection: close\r\n\r\n"

//tcp ,ip,eth 分别是原数据包中的数据,payload传的是HTTP请求的URL

int initnet(const struct packet_tcp* tcp,const struct packet_ip * ip,const struct packet_ethernet* eth,
const char* payload)
{
libnet_t* handle; //libnet_t句柄
int packet_size;
const char* dev = "eth0";
u_int uLen = strlen(payload);
u_long payloadLen = 0;
u_char payloadBuf[1024];
char error[LIBNET_ERRBUF_SIZE];
        std::string URL = "http://192.168.116.128";
        URL += payload;
// payloadLen = (u_long)strlen(payload);
memset(payloadBuf,0,sizeof(payloadBuf));
sprintf((char*)payloadBuf,(char*)HTTP_REDIRECT,URL.c_str());
payloadLen = (u_long)strlen((char*)payloadBuf);
// printf("%s\n",payloadBuf);
//strncpy((char*)payloadBuf,payload,payloadLen > 255 ? 255 : payloadLen);
if((handle = libnet_init(LIBNET_LINK,dev,error)) == NULL){
return -1;
}

// 构造tcp
int ret_tag = libnet_build_tcp(
    tcp->th_dport,
    tcp->th_sport,
    tcp->th_ack,
    htons(ntohs(tcp->th_seq) + uLen),
    TH_PUSH | TH_ACK,
    14600,
    0,
    0,
    LIBNET_TCP_H + payloadLen,
    (u_char*)payloadBuf,
    payloadLen,
    handle,    
    0
);
if(ret_tag == -1)
{
    return -1;
}

//构造ip
ret_tag = libnet_build_ipv4(
    LIBNET_IPV4_H + LIBNET_TCP_H + payloadLen,
    0,
    (u_short)libnet_get_prand(LIBNET_PRu16),
    0,
// (u_int8_t)libnet_get_prand(LIBNET_PR8),
    64,
    ip->ip_p,
    0,
    ip->ip_dst.s_addr,
    ip->ip_src.s_addr,
    NULL,
    0,
    handle,    
    0
);
if(ret_tag == -1){
    return -1;
}

//构造ethernet
ret_tag = libnet_build_ethernet(
    eth->ether_shost,
    eth->ether_dhost,
    eth->ether_type,
    NULL,
    0,
    handle,
    0
);
if(ret_tag == -1){
    return -1;
}
        packet_size = libnet_write(handle);
if(packet_size == -1)
{
    printf("发送构造包失败\n");
return -1;
}
libnet_destroy(handle);
printf("退出initnet:\n");
return 0;
}

加载中
返回顶部
顶部