Coding a SYN Scanner guide ( source included )

Thu Mar 29 00:55:57 EEST 2007

On Wednesday 28 March 2007 19:52, - wrote:
> Το παρων μακροσκελες guide πραγματευεται την δημιουργια
> ενος SYN port scanner ( source included ) καθως και την αναλυση των
> επιμερους σταδιων που χρειαζονται για τον προγραμματισμο του.
>
> http://rapidshare.com/files/23172011/Coding-a-Syn-Scanner.rar.html
>
> Μερικα απο αυτα ειναι:
>
> --Raw Sockets
> --Libpcap / Sniffing
> --Tcp/ip header analysis
> --Το ίδιο το SYN Scanning
>
> Aυτα. Enjoy teh 1368 lines of it. Περιμενω feedback. ( στο mail που
> αναφερω στον οδηγο )

  Poly kalo! Eisagogi se diktya kai sto pcap me ena poly kalo paradeigma... 
Eyge! Giati den to stelneis gia na mpei san arthro sto magaz?

  Oson afora ton link layer header, paliotera poy'xa piasei kati tetoia ekana 
to eksis:

pcap_device.datalink_type=pcap_datalink(pcap_device.handle);

switch(pcap_device.datalink_type)
{
  case    DLT_NULL:
    pcap_device.header_offset=4;
    break;
  case    DLT_LOOP:
    pcap_device.header_offset=4;
    break;
  case    DLT_EN10MB:
    pcap_device.header_offset=14;
    break;
  case    DLT_RAW:
    pcap_device.header_offset=0;
    break;
  case    DLT_LINUX_SLL:
    pcap_device.header_offset=16;
    break;
  default:
    ......
}

  An anoikseis me tin pcap to 'any' interface, tote ayto exei san link type to 
DLT_LINUX_SLL.

  Epeisis, to na xrisimopoieis etsi ta structs mallon problimata tha soy 
dimioyrgisei logo alignment kai reordering. Des to __attribute__((packed)) 
toy gcc. P.x. gia to IP:

----
struct pseudo_hdr {
        u_int32_t src;          /* 32bit source ip address*/
        u_int32_t dst;          /* 32bit destination ip address */      
        u_char mbz;             /* 8 reserved bits (all 0)      */
        u_char proto;           /* protocol field of ip header */
        u_int16_t len;          /* tcp length (both header and data */
} __attribute__((packed));
----

  Des tin eksodo apo to parakato programma:
----
#include <stdio.h>

struct A { int a; char b; int c;};

struct B { int a; char b; int c; } __attribute__((packed));

int main()
{
        printf("%d\n%d\n", sizeof(struct A), sizeof(struct B));
}
----

v13 at hell:/tmp$ ./a
12
9

   Opos blepeis, logo alignment, to proto struct epiase 12 bytes giati to c 
egine align sta 32bit (4 byte), opote kai to c ksekinoyse apo to +2*4. Ayto 
mporeis na to deis kanontas compile me to -Wpadded:

v13 at hell:/tmp$ gcc -Wpadded a.c -o a  
a.c:3: warning: padding struct to align ‘c’

  Eimai sxedon sigoyros oti to gcc mporei kai na allaksei th seira ton 
metabliton poy briskontai mesa se ana struct alla den ksero pos 
to 'diorthoneis' ayto... Isos kapois allos na mporei na boithisei.

> ithilgore
<<V13>>