现在有好多的嗅探器。
我看到有一个言简意赅的程序,就拿来跟大家分享。防止自己被人刺探消息。
#include
#define MAX_PACK_LEN 65535
#define MAX_HOSTNAME_LAN 255
#pragma comment (lib , "ws2_32.lib"
int main()
{
SOCKET SockRaw,Sock;
WSADATA wsaData;
int ret=0;
struct sockaddr_in sAddr,addr;
char RecvBuf[MAX_PACK_LEN];
char FAR name[MAX_HOSTNAME_LAN];
struct hostent FAR * pHostent;
char *Buf=(char *)malloc(128);
int settimeout=1000;//这里设置了一秒钟超时
WSAStartup(MAKEWORD(2,2),&wsaData);
//建立RawSocket
SockRaw=socket(AF_INET,SOCK_RAW,IPPROTO_IP);
//再建立UDP
Sock=socket(AF_INET,SOCK_DGRAM,IPPROTO_UDP);
memset(&sAddr,0,sizeof(sAddr));
memset(&addr,0,sizeof(addr));
sAddr.sin_family=AF_INET;
sAddr.sin_port=htons(5257);
addr.sin_family=AF_INET;
addr.sin_port=htons(5258);
//把IP地址指向本机
addr.sin_addr.S_un.S_addr=inet_addr("127.0.0.1"
;
memset(RecvBuf,0, sizeof(RecvBuf));
pHostent=malloc(sizeof(struct hostent));
gethostname(name, MAX_HOSTNAME_LAN);
pHostent=gethostbyname(name);
//取得自己的IP地址
memcpy(&sAddr.sin_addr.S_un.S_addr, pHostent->h_addr_list[0], pHostent-
>h_length);
free(pHostent);
//绑定一个本机的接收端口
bind(SockRaw, (struct sockaddr *)&sAddr, sizeof(sAddr));
//虚连接到本机的一个未打开的端口
connect(Sock,(struct sockaddr *)&addr,sizeof(addr));
Buf="@#$%^&*#$^%$#^#$#$#@$%";
//设置超时
setsockopt(SockRaw,SOL_SOCKET,SO_RCVTIMEO,(char *)&settimeout,sizeof(int));
//向虚连接端口发送一个数据包
send(Sock,Buf,strlen(Buf),0);
ret=recv(SockRaw,RecvBuf,sizeof(RecvBuf),0);
if(ret==SOCKET_ERROR ││ ret==0)
printf("没发现嗅探器!\n"
;
else
{
if(Buf=="@#$%^&*#$^%$#^#$#$#@$%")
printf("发现嗅探器!!!\n");
}
closesocket(Sock);
closesocket(SockRaw);
free(pHostent);
free(Buf);
WSACleanup();
return 0;
}
