Coding a SYN Scanner guide ( source included )

Thu Mar 29 05:13:07 EEST 2007

V13 wrote:
> On Wednesday 28 March 2007 19:52, - wrote:
>   
>> Το παρων μακροσκελες guide πραγματευεται την δημιουργια
>> ενος SYN port scanner ( source included ) καθως και την αναλυση των
>> επιμερους σταδιων που χρειαζονται για τον προγραμματισμο του.
>>
>> http://rapidshare.com/files/23172011/Coding-a-Syn-Scanner.rar.html
>>
>> Μερικα απο αυτα ειναι:
>>
>> --Raw Sockets
>> --Libpcap / Sniffing
>> --Tcp/ip header analysis
>> --Το ίδιο το SYN Scanning
>>
>> Aυτα. Enjoy teh 1368 lines of it. Περιμενω feedback. ( στο mail που
>> αναφερω στον οδηγο )
>>     
>
>   Poly kalo! Eisagogi se diktya kai sto pcap me ena poly kalo paradeigma... 
> Eyge! Giati den to stelneis gia na mpei san arthro sto magaz?
>
>   Oson afora ton link layer header, paliotera poy'xa piasei kati tetoia ekana 
> to eksis:
>
> pcap_device.datalink_type=pcap_datalink(pcap_device.handle);
>
> switch(pcap_device.datalink_type)
> {
>   case    DLT_NULL:
>     pcap_device.header_offset=4;
>     break;
>   case    DLT_LOOP:
>     pcap_device.header_offset=4;
>     break;
>   case    DLT_EN10MB:
>     pcap_device.header_offset=14;
>     break;
>   case    DLT_RAW:
>     pcap_device.header_offset=0;
>     break;
>   case    DLT_LINUX_SLL:
>     pcap_device.header_offset=16;
>     break;
>   default:
>     ......
> }
>
>   An anoikseis me tin pcap to 'any' interface, tote ayto exei san link type to 
> DLT_LINUX_SLL.
>
>   Epeisis, to na xrisimopoieis etsi ta structs mallon problimata tha soy 
> dimioyrgisei logo alignment kai reordering. Des to __attribute__((packed)) 
> toy gcc. P.x. gia to IP:
>
> ----
> struct pseudo_hdr {
>         u_int32_t src;          /* 32bit source ip address*/
>         u_int32_t dst;          /* 32bit destination ip address */      
>         u_char mbz;             /* 8 reserved bits (all 0)      */
>         u_char proto;           /* protocol field of ip header */
>         u_int16_t len;          /* tcp length (both header and data */
> } __attribute__((packed));
> ----
>
>   Des tin eksodo apo to parakato programma:
> ----
> #include <stdio.h>
>
> struct A { int a; char b; int c;};
>
> struct B { int a; char b; int c; } __attribute__((packed));
>
> int main()
> {
>         printf("%d\n%d\n", sizeof(struct A), sizeof(struct B));
> }
> ----
>
> v13 at hell:/tmp$ ./a
> 12
> 9
>
>    Opos blepeis, logo alignment, to proto struct epiase 12 bytes giati to c 
> egine align sta 32bit (4 byte), opote kai to c ksekinoyse apo to +2*4. Ayto 
> mporeis na to deis kanontas compile me to -Wpadded:
>
> v13 at hell:/tmp$ gcc -Wpadded a.c -o a  
> a.c:3: warning: padding struct to align ‘c’
>
>   Eimai sxedon sigoyros oti to gcc mporei kai na allaksei th seira ton 
> metabliton poy briskontai mesa se ana struct alla den ksero pos 
> to 'diorthoneis' ayto... Isos kapois allos na mporei na boithisei.
>
>   
>> ithilgore
>>     
> <<V13>>
>   

thanx ! tetoiou eidous feedback perimenw. 
implicit reordering mias struct den nomizw na ginetai kai sumfwna me to 
C standard upo kanonikes sun8hkes den 8a prepei na ginetai
Twra gia to packing ston sugekrimeno kwdika mono gia ka8ara optimization 
skopus (  < size )  tha eixe isws nohma.
To pseudo header allwste xrhsimopoieitai mono sto checksuming kai me ena 
sizeof upologizetai pada swsta to mege8os.
Ta upoloipa headers einai adistoixa twn klassikwn <netinet/ip.h> 
<netinet/tcp.h>. Padws nice for pointing out .

(to ar8ro to steila sto magaz btw molis prin )

ithilgore

>
>   