VC++高级学习:监视服务器端口(2)
//接受连接请求
sc = accept(s,(struct sockaddr *)&scaddr,&caddsize);
if(sc!=INVALID_SOCKET)
{
mt = CreateThread(NULL,0,ClientThread,(LPVOID)sc,0,&tid);
if(mt==NULL)
{
printf("Thread Creat Failed! ");
break;
}
}
CloseHandle(mt);
}
closesocket(s);
WSACleanup();
return 0;
}
DWORD WINAPI ClientThread(LPVOID lpParam)
{
SOCKET ss = (SOCKET)lpParam;
SOCKET sc;
char buf[4096];
SOCKADDR_IN saddr;
long num;
DWORD val;
DWORD ret;
//如果是隐藏端口应用的话,可以在此处加一些判断
//如果是自己的包,就可以进行一些特殊处理,不是的话通过127.0.0.1进行转发
saddr.sin_family = AF_INET;
saddr.sin_addr.s_addr = inet_addr("127.0.0.1");
saddr.sin_port = htons(80);
if((sc=socket(AF_INET,SOCK_STREAM,IPPROTO_TCP))==SOCKET_ERROR)
{
printf("error!socket failed!
");
return -1;
}
val = 100;
if(setsockopt(sc,SOL_SOCKET,SO_RCVTIMEO,(char *)&val,sizeof(val))!=0)
{
ret = GetLastError();
return -1;
}
if(setsockopt(ss,SOL_SOCKET,SO_RCVTIMEO,(char *)&val,sizeof(val))!=0)
{
ret = GetLastError();
return -1;
}
if(connect(sc,(SOCKADDR *)&saddr,sizeof(saddr))!=0)
{
printf("error!socket connect failed!
");
closesocket(sc);
closesocket(ss);
return -1;
}
// 写入文件:
ofstream oFile("port80log.txt");
if(!oFile)
{
printf("cannot write to the file.
");
closesocket(ss);
closesocket(sc);
return 0 ;
}
while(1)
{
//下面的代码主要是实现通过127。0。0。1这个地址把包转发到真正的应用上,并把应答的包再转发回去。
//如果是嗅探内容的话,可以再此处进行内容分析和记录
//如果是攻击如TELNET服务器,利用其高权限登陆用户的话,可以分析其登陆用户,然后利用发送特定的包以劫持的用户身份执行。
num = recv(ss,buf,4096,0);
if(num>0)
{
oFile<<"
== DATA =========================================
";
oFile<<buf;
send(sc,buf,num,0);
}
else if(num==0)
break;
num = recv(sc,buf,4096,0);
if(num>0)
{
oFile<<"
== DATA =========================================
";
oFile<<buf;
send(ss,buf,num,0);
}
else if(num==0)
break;
}
oFile.close();
closesocket(ss);
closesocket(sc);
return 0 ;
}
