error copilando WinPcap

Iniciado por rembolso, 9 Febrero 2011, 02:15 AM

0 Miembros y 1 Visitante están viendo este tema.

rembolso

hola . estoy con dev c++ 5.0 utilizando la libreria winpcap .  y busque un ejemplo de filtrar paquetes .
Código (cpp) [Seleccionar]
/*
* Copyright (c) 1999 - 2005 NetGroup, Politecnico di Torino (Italy)
* Copyright (c) 2005 - 2006 CACE Technologies, Davis (California)
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. Neither the name of the Politecnico di Torino, CACE Technologies
* nor the names of its contributors may be used to endorse or promote
* products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/


#include <stdlib.h>
#include <stdio.h>

#include <pcap.h>

#define MAX_PRINT 80
#define MAX_LINE 16


void usage();


void main(int argc, char **argv)
{
pcap_t *fp;
char errbuf[PCAP_ERRBUF_SIZE];
char *source=NULL;
char *ofilename=NULL;
char *filter=NULL;
int i;
pcap_dumper_t *dumpfile;
struct bpf_program fcode;
bpf_u_int32 NetMask;
int res;
struct pcap_pkthdr *header;
const u_char *pkt_data;

    if (argc == 1)
    {
        usage();
        return;
    }

    for(i=1;i < argc; i+= 2)
    {

        switch (argv[i] [1])
        {
            case 's':
            {
                source=argv[i+1];
            };
            break;

            case 'o':
            {
                ofilename=argv[i+1];
            };
            break;

            case 'f':
            {
                filter=argv[i+1];
            };
            break;
        }
    }

    // open a capture from the network
    if (source != NULL)
    {
        if ( (fp= pcap_open(source,
                            1514 /*snaplen*/,
                            PCAP_OPENFLAG_PROMISCUOUS /*flags*/,
                            20 /*read timeout*/,
                            NULL /* remote authentication */,
                            errbuf)
                            ) == NULL)
        {
            fprintf(stderr,"\nUnable to open the adapter.\n");
            return;
        }
    }

    else usage();

    if (filter != NULL)
    {
        // We should loop through the adapters returned by the pcap_findalldevs_ex()
        // in order to locate the correct one.
        //
        // Let's do things simpler: we suppose to be in a C class network ;-)
        NetMask=0xffffff;

        //compile the filter
        if(pcap_compile(fp, &fcode, filter, 1, NetMask) < 0)
        {
            fprintf(stderr,"\nError compiling filter: wrong syntax.\n");
            return;
        }

        //set the filter
        if(pcap_setfilter(fp, &fcode)<0)
        {
            fprintf(stderr,"\nError setting the filter\n");
            return;
        }

    }

    //open the dump file
    if (ofilename != NULL)
    {
        dumpfile= pcap_dump_open(fp, ofilename);

        if (dumpfile == NULL)
        {
            fprintf(stderr,"\nError opening output file\n");
            return;
        }
    }
    else usage();

    //start the capture
    while((res = pcap_next_ex( fp, &header, &pkt_data)) >= 0)
    {

        if(res == 0)
        /* Timeout elapsed */
        continue;

        //save the packet on the dump file
        pcap_dump((unsigned char *) dumpfile, header, pkt_data);

    }
}


void usage()
{

    printf("\npf - Generic Packet Filter.\n");
    printf("\nUsage:\npf -s source -o output_file_name [-f filter_string]\n\n");
    exit(0);
}


Código (asm) [Seleccionar]
[code=bash]In file included from C:/Dev-Cpp/include/pcap.h:14,
                 from main.c:38:
C:/Dev-Cpp/include/pcap++/Packet.h:16: error: syntax error before "pcappp"
C:/Dev-Cpp/include/pcap++/Packet.h:16: error: syntax error before '{' token

C:/Dev-Cpp/include/pcap++/Packet.h:36: error: syntax error before "Data"
C:/Dev-Cpp/include/pcap++/Packet.h:36: warning: data definition has no type or storage class
C:/Dev-Cpp/include/pcap++/Packet.h:42: warning: data definition has no type or storage class
C:/Dev-Cpp/include/pcap++/Packet.h:50: error: syntax error before "const"
C:/Dev-Cpp/include/pcap++/Packet.h:50: warning: data definition has no type or storage class
C:/Dev-Cpp/include/pcap++/Packet.h:56: error: syntax error before "const"
C:/Dev-Cpp/include/pcap++/Packet.h:69: error: syntax error before '&' token
C:/Dev-Cpp/include/pcap++/Packet.h:84: error: `packet' undeclared here (not in a function)
C:/Dev-Cpp/include/pcap++/Packet.h:84: warning: data definition has no type or storage class
C:/Dev-Cpp/include/pcap++/Packet.h:85: error: `false' undeclared here (not in a function)
C:/Dev-Cpp/include/pcap++/Packet.h:85: warning: data definition has no type or storage class
C:/Dev-Cpp/include/pcap++/Packet.h:86: error: syntax error before '}' token
C:/Dev-Cpp/include/pcap++/Packet.h: In function `get_seconds':
C:/Dev-Cpp/include/pcap++/Packet.h:116: error: syntax error before '{' token
C:/Dev-Cpp/include/pcap++/Packet.h:168: error: syntax error before "Data"

In file included from C:/Dev-Cpp/include/pcap++/DataLink.h:15,

                 from C:/Dev-Cpp/include/pcap.h:15,
                 from main.c:38:
C:/Dev-Cpp/include/string.h:37: warning: `__pure__' attribute ignored
C:/Dev-Cpp/include/string.h:42: warning: `__pure__' attribute ignored
C:/Dev-Cpp/include/string.h:43: warning: `__pure__' attribute ignored
C:/Dev-Cpp/include/string.h:46: warning: `__pure__' attribute ignored
C:/Dev-Cpp/include/string.h:49: warning: `__pure__' attribute ignored
C:/Dev-Cpp/include/string.h:51: warning: `__pure__' attribute ignored
C:/Dev-Cpp/include/string.h:53: warning: `__pure__' attribute ignored
C:/Dev-Cpp/include/string.h:54: warning: `__pure__' attribute ignored
C:/Dev-Cpp/include/string.h:55: warning: `__pure__' attribute ignored
C:/Dev-Cpp/include/string.h:56: warning: `__pure__' attribute ignored
C:/Dev-Cpp/include/string.h:67: warning: `__malloc__' attribute ignored
C:/Dev-Cpp/include/string.h:92: warning: `__malloc__' attribute ignored
C:/Dev-Cpp/include/string.h:97: error: storage class specified for parameter `strcasecmp'
C:/Dev-Cpp/include/string.h:97: error: syntax error before '{' token

C:/Dev-Cpp/include/string.h:103: error: storage class specified for parameter `strncasecmp'
C:/Dev-Cpp/include/string.h:103: error: syntax error before '{' token
C:/Dev-Cpp/include/string.h:170: error: storage class specified for parameter `wcscmpi'
C:/Dev-Cpp/include/string.h:170: error: redefinition of parameter 'wcscmpi'
C:/Dev-Cpp/include/string.h:167: error: previous definition of 'wcscmpi' was here
C:/Dev-Cpp/include/string.h:170: error: syntax error before '{' token
In file included from C:/Dev-Cpp/include/pcap.h:15,
                 from main.c:38:
C:/Dev-Cpp/include/pcap++/DataLink.h:17: error: syntax error before "namespace"
C:/Dev-Cpp/include/pcap++/DataLink.h:482: error: parameter `desc' is initialized
C:/Dev-Cpp/include/pcap++/DataLink.h:482: error: `m_type' undeclared (first use in this function)
C:/Dev-Cpp/include/pcap++/DataLink.h:482: error: (Each undeclared identifier is reported only once
C:/Dev-Cpp/include/pcap++/DataLink.h:482: error: for each function it appears in.)
C:/Dev-Cpp/include/pcap++/DataLink.h:482: confused by earlier errors, bailing out

make.exe: *** [main.o] Error 1

Ejecución Terminada

ALGUNA solucion que me ofrescan
documentacion:http://www.winpcap.org/docs/docs_40_2/html/group__wpcapsamps.html

surce code de winpcap: http://www.winpcap.org/install/bin/PacketCE.zip[/code]

Garfield07

Pues este code es de John Ericson...
1. Code sniffer
2. Hacking-network.h
3. Hacking.h
Todos los codes...

#include <pcap.h>
#include "hacking.h"
#include "hacking-network.h"

void pcap_fatal(const char *, const char *);
void decode_ethernet(const u_char *);
void decode_ip(const u_char *);
u_int decode_tcp(const u_char *);

void caught_packet(u_char *, const struct pcap_pkthdr *, const u_char *);

int main() {
struct pcap_pkthdr cap_header;
const u_char *packet, *pkt_data;
char errbuf[PCAP_ERRBUF_SIZE];
char *device;

pcap_t *pcap_handle;

device = pcap_lookupdev(errbuf);
if(device == NULL)
pcap_fatal("pcap_lookupdev", errbuf);

printf("Sniffing on device %s\n", device);

pcap_handle = pcap_open_live(device, 4096, 1, 0, errbuf);
if(pcap_handle == NULL)
pcap_fatal("pcap_open_live", errbuf);

pcap_loop(pcap_handle, 3, caught_packet, NULL);

pcap_close(pcap_handle);
}

void caught_packet(u_char *user_args, const struct pcap_pkthdr *cap_header, const u_char *packet) {
int tcp_header_length, total_header_size, pkt_data_len;
u_char *pkt_data;

printf("==== Got a %d byte packet ====\n", cap_header->len);


decode_ethernet(packet);
decode_ip(packet+ETHER_HDR_LEN);
tcp_header_length = decode_tcp(packet+ETHER_HDR_LEN+sizeof(struct ip_hdr));

total_header_size = ETHER_HDR_LEN+sizeof(struct ip_hdr)+tcp_header_length;
pkt_data = (u_char *)packet + total_header_size;  // pkt_data points to the data portion
pkt_data_len = cap_header->len - total_header_size;
if(pkt_data_len > 0) {
printf("\t\t\t%u bytes of packet data\n", pkt_data_len);
dump(pkt_data, pkt_data_len);
} else
printf("\t\t\tNo Packet Data\n");
}

void pcap_fatal(const char *failed_in, const char *errbuf) {
printf("Fatal Error in %s: %s\n", failed_in, errbuf);
exit(1);
}

void decode_ethernet(const u_char *header_start) {
int i;
const struct ether_hdr *ethernet_header;

ethernet_header = (const struct ether_hdr *)header_start;
printf("[[  Layer 2 :: Ethernet Header  ]]\n");
printf("[ Source: %02x", ethernet_header->ether_src_addr[0]);
for(i=1; i < ETHER_ADDR_LEN; i++)
printf(":%02x", ethernet_header->ether_src_addr[i]);

printf("\tDest: %02x", ethernet_header->ether_dest_addr[0]);
for(i=1; i < ETHER_ADDR_LEN; i++)
printf(":%02x", ethernet_header->ether_dest_addr[i]);
printf("\tType: %hu ]\n", ethernet_header->ether_type);
}

void decode_ip(const u_char *header_start) {
const struct ip_hdr *ip_header;

ip_header = (const struct ip_hdr *)header_start;
printf("\t((  Layer 3 ::: IP Header  ))\n");
printf("\t( Source: %s\t", inet_ntoa(ip_header->ip_src_addr));
printf("Dest: %s )\n", inet_ntoa(ip_header->ip_dest_addr));
printf("\t( Type: %u\t", (u_int) ip_header->ip_type);
printf("ID: %hu\tLength: %hu )\n", ntohs(ip_header->ip_id), ntohs(ip_header->ip_len));
}

u_int decode_tcp(const u_char *header_start) {
u_int header_size;
const struct tcp_hdr *tcp_header;

tcp_header = (const struct tcp_hdr *)header_start;
header_size = 4 * tcp_header->tcp_offset;

printf("\t\t{{  Layer 4 :::: TCP Header  }}\n");
printf("\t\t{ Src Port: %hu\t", ntohs(tcp_header->tcp_src_port));
printf("Dest Port: %hu }\n", ntohs(tcp_header->tcp_dest_port));
printf("\t\t{ Seq #: %u\t", ntohl(tcp_header->tcp_seq));
printf("Ack #: %u }\n", ntohl(tcp_header->tcp_ack));
printf("\t\t{ Header Size: %u\tFlags: ", header_size);
if(tcp_header->tcp_flags & TCP_FIN)
printf("FIN ");
if(tcp_header->tcp_flags & TCP_SYN)
printf("SYN ");
if(tcp_header->tcp_flags & TCP_RST)
printf("RST ");
if(tcp_header->tcp_flags & TCP_PUSH)
printf("PUSH ");
if(tcp_header->tcp_flags & TCP_ACK)
printf("ACK ");
if(tcp_header->tcp_flags & TCP_URG)
printf("URG ");
printf(" }\n");

return header_size;
}


/* This function accepts a socket FD and a ptr to the null terminated
* string to send.  The function will make sure all the bytes of the
* string are sent.  Returns 1 on success and 0 on failure.
*/
int send_string(int sockfd, unsigned char *buffer) {
   int sent_bytes, bytes_to_send;
   bytes_to_send = strlen(buffer);
   while(bytes_to_send > 0) {
      sent_bytes = send(sockfd, buffer, bytes_to_send, 0);
      if(sent_bytes == -1)
         return 0; // return 0 on send error
      bytes_to_send -= sent_bytes;
      buffer += sent_bytes;
   }
   return 1; // return 1 on success
}

/* This function accepts a socket FD and a ptr to a destination
* buffer.  It will receive from the socket until the EOL byte
* sequence in seen.  The EOL bytes are read from the socket, but
* the destination buffer is terminated before these bytes.
* Returns the size of the read line (without EOL bytes).
*/
int recv_line(int sockfd, unsigned char *dest_buffer) {
#define EOL "\r\n" // End-Of-Line byte sequence
#define EOL_SIZE 2
   unsigned char *ptr;
   int eol_matched = 0;

   ptr = dest_buffer;
   while(recv(sockfd, ptr, 1, 0) == 1) { // read a single byte
      if(*ptr == EOL[eol_matched]) { // does this byte match terminator
         eol_matched++;
         if(eol_matched == EOL_SIZE) { // if all bytes match terminator,
            *(ptr+1-EOL_SIZE) = '\0'; // terminate the string
            return strlen(dest_buffer); // return bytes recevied
         }
      } else {
         eol_matched = 0;
      }   
      ptr++; // increment the pointer to the next byter;
   }
   return 0; // didn't find the end of line characters
}


/* Structure for Ethernet headers */
#define ETHER_ADDR_LEN 6
#define ETHER_HDR_LEN 14

struct ether_hdr {
   unsigned char ether_dest_addr[ETHER_ADDR_LEN]; // Destination MAC address
   unsigned char ether_src_addr[ETHER_ADDR_LEN];  // Source MAC address
   unsigned short ether_type; // Type of Ethernet packet
};

/* Structure for Internet Protocol (IP) headers */
struct ip_hdr {
   unsigned char ip_version_and_header_length; // version and header length combined
   unsigned char ip_tos;          // type of service
   unsigned short ip_len;         // total length
   unsigned short ip_id;          // identification number
   unsigned short ip_frag_offset; // fragment offset and flags
   unsigned char ip_ttl;          // time to live
   unsigned char ip_type;         // protocol type
   unsigned short ip_checksum;    // checksum
   unsigned int ip_src_addr;      // source IP address
   unsigned int ip_dest_addr;     // destination IP address
};

/* Structure for Transmission Control Protocol (TCP) headers */
struct tcp_hdr {
   unsigned short tcp_src_port;   // source TCP port
   unsigned short tcp_dest_port;  // destination TCP port
   unsigned int tcp_seq;          // TCP sequence number
   unsigned int tcp_ack;          // TCP acknowledgement number
   unsigned char reserved:4;      // 4-bits from the 6-bits of reserved space
   unsigned char tcp_offset:4;    // TCP data offset for little endian host
   unsigned char tcp_flags;       // TCP flags (and 2-bits from reserved space)
#define TCP_FIN   0x01
#define TCP_SYN   0x02
#define TCP_RST   0x04
#define TCP_PUSH  0x08
#define TCP_ACK   0x10
#define TCP_URG   0x20
   unsigned short tcp_window;     // TCP window size
   unsigned short tcp_checksum;   // TCP checksum
   unsigned short tcp_urgent;     // TCP urgent pointer
};


#include <stdio.h>
#include <stdlib.h>
#include <string.h>

// A function to display an error message and then exit
void fatal(char *message) {
   char error_message[100];

   strcpy(error_message, "[!!] Fatal Error ");
   strncat(error_message, message, 83);
   perror(error_message);
   exit(-1);
}

// An error checked malloc() wrapper function
void *ec_malloc(unsigned int size) {
   void *ptr;
   ptr = malloc(size);
   if(ptr == NULL)
      fatal("in ec_malloc() on memory allocation");
   return ptr;
}

// dumps raw memory in hex byte and printable split format
void dump(const unsigned char *data_buffer, const unsigned int length) {
unsigned char byte;
unsigned int i, j;
for(i=0; i < length; i++) {
byte = data_buffer[i];
printf("%02x ", data_buffer[i]);  // display byte in hex
if(((i%16)==15) || (i==length-1)) {
for(j=0; j < 15-(i%16); j++)
printf("   ");
printf("| ");
for(j=(i-(i%16)); j <= i; j++) {  // display printable bytes from line
byte = data_buffer[j];
if((byte > 31) && (byte < 127)) // outside printable char range
printf("%c", byte);
else
printf(".");
}
printf("\n"); // end of the dump line (each line 16 bytes)
} // end if
} // end for
}



Va como la seda :P
Suerte!


* Quiero cambiar el mundo, pero estoy seguro de que no me darían el código fuente.
* No estoy tratando de destruir a Microsoft. Ese será tan solo un efecto colateral no intencionado.
* Si compila esta bien, si arranca es perfecto.

¡Wiki elhacker.net!
Un saludo