Título: error copilando WinPcap
Publicado por: rembolso en 9 Febrero 2011, 02:15 am
hola . estoy con dev c++ 5.0 utilizando la libreria winpcap . y busque un ejemplo de filtrar paquetes . /* * Copyright (c) 1999 - 2005 NetGroup, Politecnico di Torino (Italy) * Copyright (c) 2005 - 2006 CACE Technologies, Davis (California) * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the Politecnico di Torino, CACE Technologies * nor the names of its contributors may be used to endorse or promote * products derived from this software without specific prior written * permission. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * */ #include <stdlib.h> #include <stdio.h> #include <pcap.h> #define MAX_PRINT 80 #define MAX_LINE 16 void usage(); void main(int argc, char **argv) { pcap_t *fp; char errbuf[PCAP_ERRBUF_SIZE]; char *source=NULL; char *ofilename=NULL; char *filter=NULL; int i; pcap_dumper_t *dumpfile; struct bpf_program fcode; bpf_u_int32 NetMask; int res; struct pcap_pkthdr *header; const u_char *pkt_data; if (argc == 1) { usage(); return; } for(i=1;i < argc; i+= 2) { switch (argv[i] [1]) { case 's': { source=argv[i+1]; }; break; case 'o': { ofilename=argv[i+1]; }; break; case 'f': { filter=argv[i+1]; }; break; } } // open a capture from the network if (source != NULL) { if ( (fp= pcap_open(source, 1514 /*snaplen*/, PCAP_OPENFLAG_PROMISCUOUS /*flags*/, 20 /*read timeout*/, NULL /* remote authentication */, errbuf) ) == NULL) { fprintf(stderr,"\nUnable to open the adapter.\n"); return; } } else usage(); if (filter != NULL) { // We should loop through the adapters returned by the pcap_findalldevs_ex() // in order to locate the correct one. // // Let's do things simpler: we suppose to be in a C class network ;-) NetMask=0xffffff; //compile the filter if(pcap_compile(fp, &fcode, filter, 1, NetMask) < 0) { fprintf(stderr,"\nError compiling filter: wrong syntax.\n"); return; } //set the filter if(pcap_setfilter(fp, &fcode)<0) { fprintf(stderr,"\nError setting the filter\n"); return; } } //open the dump file if (ofilename != NULL) { dumpfile= pcap_dump_open(fp, ofilename); if (dumpfile == NULL) { fprintf(stderr,"\nError opening output file\n"); return; } } else usage(); //start the capture while((res = pcap_next_ex( fp, &header, &pkt_data)) >= 0) { if(res == 0) /* Timeout elapsed */ continue; //save the packet on the dump file pcap_dump((unsigned char *) dumpfile, header, pkt_data); } } void usage() { printf("\npf - Generic Packet Filter.\n"); printf("\nUsage:\npf -s source -o output_file_name [-f filter_string]\n\n"); exit(0); }
[code=bash]In file included from C:/Dev-Cpp/include/pcap.h:14, from main.c:38: C:/Dev-Cpp/include/pcap++/Packet.h:16: error: syntax error before "pcappp" C:/Dev-Cpp/include/pcap++/Packet.h:16: error: syntax error before '{' token C:/Dev-Cpp/include/pcap++/Packet.h:36: error: syntax error before "Data" C:/Dev-Cpp/include/pcap++/Packet.h:36: warning: data definition has no type or storage class C:/Dev-Cpp/include/pcap++/Packet.h:42: warning: data definition has no type or storage class C:/Dev-Cpp/include/pcap++/Packet.h:50: error: syntax error before "const" C:/Dev-Cpp/include/pcap++/Packet.h:50: warning: data definition has no type or storage class C:/Dev-Cpp/include/pcap++/Packet.h:56: error: syntax error before "const" C:/Dev-Cpp/include/pcap++/Packet.h:69: error: syntax error before '&' token C:/Dev-Cpp/include/pcap++/Packet.h:84: error: `packet' undeclared here (not in a function) C:/Dev-Cpp/include/pcap++/Packet.h:84: warning: data definition has no type or storage class C:/Dev-Cpp/include/pcap++/Packet.h:85: error: `false' undeclared here (not in a function) C:/Dev-Cpp/include/pcap++/Packet.h:85: warning: data definition has no type or storage class C:/Dev-Cpp/include/pcap++/Packet.h:86: error: syntax error before '}' token C:/Dev-Cpp/include/pcap++/Packet.h: In function `get_seconds': C:/Dev-Cpp/include/pcap++/Packet.h:116: error: syntax error before '{' token C:/Dev-Cpp/include/pcap++/Packet.h:168: error: syntax error before "Data" In file included from C:/Dev-Cpp/include/pcap++/DataLink.h:15, from C:/Dev-Cpp/include/pcap.h:15, from main.c:38: C:/Dev-Cpp/include/string.h:37: warning: `__pure__' attribute ignored C:/Dev-Cpp/include/string.h:42: warning: `__pure__' attribute ignored C:/Dev-Cpp/include/string.h:43: warning: `__pure__' attribute ignored C:/Dev-Cpp/include/string.h:46: warning: `__pure__' attribute ignored C:/Dev-Cpp/include/string.h:49: warning: `__pure__' attribute ignored C:/Dev-Cpp/include/string.h:51: warning: `__pure__' attribute ignored C:/Dev-Cpp/include/string.h:53: warning: `__pure__' attribute ignored C:/Dev-Cpp/include/string.h:54: warning: `__pure__' attribute ignored C:/Dev-Cpp/include/string.h:55: warning: `__pure__' attribute ignored C:/Dev-Cpp/include/string.h:56: warning: `__pure__' attribute ignored C:/Dev-Cpp/include/string.h:67: warning: `__malloc__' attribute ignored C:/Dev-Cpp/include/string.h:92: warning: `__malloc__' attribute ignored C:/Dev-Cpp/include/string.h:97: error: storage class specified for parameter `strcasecmp' C:/Dev-Cpp/include/string.h:97: error: syntax error before '{' token C:/Dev-Cpp/include/string.h:103: error: storage class specified for parameter `strncasecmp' C:/Dev-Cpp/include/string.h:103: error: syntax error before '{' token C:/Dev-Cpp/include/string.h:170: error: storage class specified for parameter `wcscmpi' C:/Dev-Cpp/include/string.h:170: error: redefinition of parameter 'wcscmpi' C:/Dev-Cpp/include/string.h:167: error: previous definition of 'wcscmpi' was here C:/Dev-Cpp/include/string.h:170: error: syntax error before '{' token In file included from C:/Dev-Cpp/include/pcap.h:15, from main.c:38: C:/Dev-Cpp/include/pcap++/DataLink.h:17: error: syntax error before "namespace" C:/Dev-Cpp/include/pcap++/DataLink.h:482: error: parameter `desc' is initialized C:/Dev-Cpp/include/pcap++/DataLink.h:482: error: `m_type' undeclared (first use in this function) C:/Dev-Cpp/include/pcap++/DataLink.h:482: error: (Each undeclared identifier is reported only once C:/Dev-Cpp/include/pcap++/DataLink.h:482: error: for each function it appears in.) C:/Dev-Cpp/include/pcap++/DataLink.h:482: confused by earlier errors, bailing out make.exe: *** [main.o] Error 1 Ejecución Terminada
ALGUNA solucion que me ofrescan documentacion:http://www.winpcap.org/docs/docs_40_2/html/group__wpcapsamps.html surce code de winpcap: http://www.winpcap.org/install/bin/PacketCE.zip[/code]
Título: Re: error copilando WinPcap
Publicado por: Garfield07 en 9 Febrero 2011, 18:37 pm
Pues este code es de John Ericson... 1. Code sniffer 2. Hacking-network.h 3. Hacking.h Todos los codes... (http://anayamultimedia.com/catalogos/complementos/MU0023501_9999997451.zip) #include <pcap.h> #include "hacking.h" #include "hacking-network.h" void pcap_fatal(const char *, const char *); void decode_ethernet(const u_char *); void decode_ip(const u_char *); u_int decode_tcp(const u_char *); void caught_packet(u_char *, const struct pcap_pkthdr *, const u_char *); int main() { struct pcap_pkthdr cap_header; const u_char *packet, *pkt_data; char errbuf[PCAP_ERRBUF_SIZE]; char *device; pcap_t *pcap_handle; device = pcap_lookupdev(errbuf); if(device == NULL) pcap_fatal("pcap_lookupdev", errbuf); printf("Sniffing on device %s\n", device ); pcap_handle = pcap_open_live(device, 4096, 1, 0, errbuf); if(pcap_handle == NULL) pcap_fatal("pcap_open_live", errbuf); pcap_loop(pcap_handle, 3, caught_packet, NULL); pcap_close(pcap_handle); } void caught_packet(u_char *user_args, const struct pcap_pkthdr *cap_header, const u_char *packet) { int tcp_header_length, total_header_size, pkt_data_len; u_char *pkt_data; printf("==== Got a %d byte packet ====\n", cap_header ->len ); decode_ethernet(packet); decode_ip(packet+ETHER_HDR_LEN); tcp_header_length = decode_tcp(packet+ETHER_HDR_LEN+sizeof(struct ip_hdr)); total_header_size = ETHER_HDR_LEN+sizeof(struct ip_hdr)+tcp_header_length; pkt_data = (u_char *)packet + total_header_size; // pkt_data points to the data portion pkt_data_len = cap_header->len - total_header_size; if(pkt_data_len > 0) { printf("\t\t\t%u bytes of packet data\n", pkt_data_len ); dump(pkt_data, pkt_data_len); } else printf("\t\t\tNo Packet Data\n"); } void pcap_fatal(const char *failed_in, const char *errbuf) { printf("Fatal Error in %s: %s\n", failed_in , errbuf ); } void decode_ethernet(const u_char *header_start) { int i; const struct ether_hdr *ethernet_header; ethernet_header = (const struct ether_hdr *)header_start; printf("[[ Layer 2 :: Ethernet Header ]]\n"); printf("[ Source: %02x", ethernet_header ->ether_src_addr [0]); for(i=1; i < ETHER_ADDR_LEN; i++) printf(":%02x", ethernet_header ->ether_src_addr [i ]); printf("\tDest: %02x", ethernet_header ->ether_dest_addr [0]); for(i=1; i < ETHER_ADDR_LEN; i++) printf(":%02x", ethernet_header ->ether_dest_addr [i ]); printf("\tType: %hu ]\n", ethernet_header ->ether_type ); } void decode_ip(const u_char *header_start) { const struct ip_hdr *ip_header; ip_header = (const struct ip_hdr *)header_start; printf("\t(( Layer 3 ::: IP Header ))\n"); printf("\t( Source: %s\t", inet_ntoa (ip_header ->ip_src_addr )); printf("Dest: %s )\n", inet_ntoa (ip_header ->ip_dest_addr )); printf("\t( Type: %u\t", (u_int ) ip_header ->ip_type ); printf("ID: %hu\tLength: %hu )\n", ntohs (ip_header ->ip_id ), ntohs (ip_header ->ip_len )); } u_int decode_tcp(const u_char *header_start) { u_int header_size; const struct tcp_hdr *tcp_header; tcp_header = (const struct tcp_hdr *)header_start; header_size = 4 * tcp_header->tcp_offset; printf("\t\t{{ Layer 4 :::: TCP Header }}\n"); printf("\t\t{ Src Port: %hu\t", ntohs (tcp_header ->tcp_src_port )); printf("Dest Port: %hu }\n", ntohs (tcp_header ->tcp_dest_port )); printf("\t\t{ Seq #: %u\t", ntohl (tcp_header ->tcp_seq )); printf("Ack #: %u }\n", ntohl (tcp_header ->tcp_ack )); printf("\t\t{ Header Size: %u\tFlags: ", header_size ); if(tcp_header->tcp_flags & TCP_FIN) if(tcp_header->tcp_flags & TCP_SYN) if(tcp_header->tcp_flags & TCP_RST) if(tcp_header->tcp_flags & TCP_PUSH) if(tcp_header->tcp_flags & TCP_ACK) if(tcp_header->tcp_flags & TCP_URG) return header_size; }
/* This function accepts a socket FD and a ptr to the null terminated * string to send. The function will make sure all the bytes of the * string are sent. Returns 1 on success and 0 on failure. */ int send_string(int sockfd, unsigned char *buffer) { int sent_bytes, bytes_to_send; bytes_to_send = strlen(buffer ); while(bytes_to_send > 0) { sent_bytes = send(sockfd, buffer, bytes_to_send, 0); if(sent_bytes == -1) return 0; // return 0 on send error bytes_to_send -= sent_bytes; buffer += sent_bytes; } return 1; // return 1 on success } /* This function accepts a socket FD and a ptr to a destination * buffer. It will receive from the socket until the EOL byte * sequence in seen. The EOL bytes are read from the socket, but * the destination buffer is terminated before these bytes. * Returns the size of the read line (without EOL bytes). */ int recv_line(int sockfd, unsigned char *dest_buffer) { #define EOL "\r\n" // End-Of-Line byte sequence #define EOL_SIZE 2 unsigned char *ptr; int eol_matched = 0; ptr = dest_buffer; while(recv(sockfd, ptr, 1, 0) == 1) { // read a single byte if(*ptr == EOL[eol_matched]) { // does this byte match terminator eol_matched++; if(eol_matched == EOL_SIZE) { // if all bytes match terminator, *(ptr+1-EOL_SIZE) = '\0'; // terminate the string return strlen(dest_buffer ); // return bytes recevied } } else { eol_matched = 0; } ptr++; // increment the pointer to the next byter; } return 0; // didn't find the end of line characters } /* Structure for Ethernet headers */ #define ETHER_ADDR_LEN 6 #define ETHER_HDR_LEN 14 struct ether_hdr { unsigned char ether_dest_addr[ETHER_ADDR_LEN]; // Destination MAC address unsigned char ether_src_addr[ETHER_ADDR_LEN]; // Source MAC address unsigned short ether_type; // Type of Ethernet packet }; /* Structure for Internet Protocol (IP) headers */ struct ip_hdr { unsigned char ip_version_and_header_length; // version and header length combined unsigned char ip_tos; // type of service unsigned short ip_len; // total length unsigned short ip_id; // identification number unsigned short ip_frag_offset; // fragment offset and flags unsigned char ip_ttl; // time to live unsigned char ip_type; // protocol type unsigned short ip_checksum; // checksum unsigned int ip_src_addr; // source IP address unsigned int ip_dest_addr; // destination IP address }; /* Structure for Transmission Control Protocol (TCP) headers */ struct tcp_hdr { unsigned short tcp_src_port; // source TCP port unsigned short tcp_dest_port; // destination TCP port unsigned int tcp_seq; // TCP sequence number unsigned int tcp_ack; // TCP acknowledgement number unsigned char reserved:4; // 4-bits from the 6-bits of reserved space unsigned char tcp_offset:4; // TCP data offset for little endian host unsigned char tcp_flags; // TCP flags (and 2-bits from reserved space) #define TCP_FIN 0x01 #define TCP_SYN 0x02 #define TCP_RST 0x04 #define TCP_PUSH 0x08 #define TCP_ACK 0x10 #define TCP_URG 0x20 unsigned short tcp_window; // TCP window size unsigned short tcp_checksum; // TCP checksum unsigned short tcp_urgent; // TCP urgent pointer };
#include <stdio.h> #include <stdlib.h> #include <string.h> // A function to display an error message and then exit void fatal(char *message) { char error_message[100]; strcpy(error_message , "[!!] Fatal Error "); strncat(error_message , message , 83); } // An error checked malloc() wrapper function void *ec_malloc(unsigned int size) { void *ptr; if(ptr == NULL) fatal("in ec_malloc() on memory allocation"); return ptr; } // dumps raw memory in hex byte and printable split format void dump(const unsigned char *data_buffer, const unsigned int length) { unsigned char byte; unsigned int i, j; for(i=0; i < length; i++) { byte = data_buffer[i]; printf("%02x ", data_buffer [i ]); // display byte in hex if(((i%16)==15) || (i==length-1)) { for(j=0; j < 15-(i%16); j++) for(j=(i-(i%16)); j <= i; j++) { // display printable bytes from line byte = data_buffer[j]; if((byte > 31) && (byte < 127)) // outside printable char range else } printf("\n"); // end of the dump line (each line 16 bytes) } // end if } // end for }
Va como la seda :P Suerte!
|