原始套接字捕获的包如何提取出数据

代码如下:
#include
#include
#include
#include
#include
#include
#include
#include "arpa/inet.h"
#include "linux/sockios.h"
#include

struct ip{
unsigned int ip_length:4;
unsigned int ip_version:4;
unsigned char ip_tos;
unsigned short ip_total_length;
unsigned short ip_id;
unsigned short ip_flags;
unsigned char ip_ttl;
unsigned char ip_protocol;
unsigned short ip_cksum;
unsigned int ip_source;
};
struct tcp{
unsigned short tcp_source_port;
unsigned short tcp_dest_port;
unsigned short tcp_seqno;
unsigned int tcp_ackno;
unsigned int tcp_res1:4,
tcp_hlen:4,
tcp_fin:1,
tcp_syn:1,
tcp_rst:1,
tcp_psh:1,
tcp_ack:1,
tcp_urg:1,
tcp_res2:2;
unsigned short tcp_winsize;
unsigned short tcp_cksum;
unsigned short tcp_urgent;
};
#define INTERFACE "eth0"
int Set_Promisc(char interface, int sock);
int main()
{
int sock,bytes_recieved,fromlen;
char buffer[65535];
struct sockaddr_in from;
struct ip *ip;
struct tcp *tcp;
sock=Open_Raw_Socket();//socket(AF_INET,SOCK_RAW,IPPROTO_TCP);
//Set_Promisc(INTERFACE, sock);
while(1)
{
fromlen=sizeof(from);
bytes_recieved=recvfrom(sock,buffer,sizeof(buffer),0,(struct sockaddr
)&from,&fromlen);
ip=(struct ip *)buffer;

printf("\nApplications++++++++++++++++++++++++++++++++++++++\n");
printf("Data received ::: %s\n",buffer);

printf("Transportation++++++++++++++++++++++++++++++++++++\n");
tcp=(struct tcp *)(buffer + (4*ip->ip_length));
printf("Source port ::: %d\n",ntohs(tcp->tcp_source_port));
printf("Dest prot ::: %d\n",ntohs(tcp->tcp_dest_port));

printf("Network+++++++++++++++++++++++++++++++++++++++++++\n");
printf("source address ::: %s\n",inet_ntoa(from.sin_addr));

}}
int Open_Raw_Socket(){
int sock;
if((sock=socket(AF_INET,SOCK_RAW,IPPROTO_TCP))<0){//
perror("The raw socket was not created");
exit(0);
};
return(sock);
}

为什么我输出的buffer只有一个E?如果获取的是整个数据包的话怎么提取出数据部分,也就是发送的明文?

1个回答

Csdn user default icon
上传中...
上传图片
插入图片
抄袭、复制答案,以达到刷声望分或其他目的的行为,在CSDN问答是严格禁止的,一经发现立刻封号。是时候展现真正的技术了!