hi guys
it is good idea to have a good & complete tutorial about ip & ip finding , valid or invalid ip
,internal & external ip , ip spoofing , subnet ,subnet mask & other related
material in this field .
=====================================
thanks in advance
-------------------------------------------------------------------
Full Version: Who To Determin Real Ip Address ?
Simple routine to get a host's routable IP:
| CODE |
ULONG GetHostIP(void) { char FAR name[255]; gethostname(name, 255); struct hostent FAR * pHostent; pHostent = gethostbyname(name); if(!pHostent) return 0; //all IP addresses: int i; for(i=0;i < 100;i++) { if(!pHostent->h_addr_list[i]) break; in_addr tmp; tmp.S_un.S_addr = *(DWORD *) pHostent->h_addr_list[i]; sprintf(name,"%.2u: %s\n",i,inet_ntoa(tmp)); printf(name); } //Only one ip ? if(pHostent->h_addr_list[1] == 0) { return *(ULONG *) pHostent->h_addr_list[0]; } //Choose a non-internal IP UCHAR *ip; for(i=0;pHostent->h_addr_list[i]!=0;i++) { ip = (UCHAR*) pHostent->h_addr_list[i]; if(ip[0]==10) continue; if((ip[0]==172)&&( (ip[1]>=16)&&(ip[1]<=31) )) continue; if((ip[0]==192)&&(ip[1]==168)) continue; return *(ULONG *) pHostent->h_addr_list[i]; } return 0; } |
Spoofing aint really hard, but be aware that this only works for UDP/ICMP as connection oriented protocols like TCP obviously need valid receivers and senders.
On win this goes a little like this:
| CODE |
char data[] = "test"; int datalen = (int) strlen(data); sockaddr_in to; //target to.sin_family = AF_INET; to.sin_addr.s_addr = inet_addr("192.168.1.1"); to.sin_port = 0; srand( (DWORD)time(NULL) + rand()); IPHDR IpHdr; UDPHDR UdpHdr; IpHdr.ip_vl = 0x45; //version=4, Hdr length = 5 * 32Bit IpHdr.ip_tos = 0x00; IpHdr.ip_len = htons (sizeof(IpHdr) + sizeof(UdpHdr) + datalen); IpHdr.ip_id = htons ((u_short)rand()); IpHdr.ip_off = 0; IpHdr.ip_ttl = (char) 0x40; IpHdr.ip_p = IPPROTO_UDP; IpHdr.ip_src.s_addr = randip(to.sin_addr.s_addr); // <--- produces a fake sender address by randomizing the lower 2 bytes of the receivers IP IpHdr.ip_dst.s_addr = to.sin_addr.s_addr; IpHdr.ip_sum = ip_sum ((u_short*)&IpHdr, sizeof (IpHdr)); UdpHdr.uh_sport = htons(2000+(rand()%3000)); UdpHdr.uh_dport = htons(135); UdpHdr.uh_ulen = htons ((u_short) (sizeof(UdpHdr)+datalen)); UdpHdr.uh_sum = 0; int packetlen = sizeof(IpHdr)+sizeof(UdpHdr)+datalen; char *packet = (char*) malloc(packetlen); memcpy(packet,&IpHdr,sizeof(IpHdr)); memcpy(packet+sizeof(IpHdr),&UdpHdr,sizeof(UdpHdr)); memcpy(packet+sizeof(IpHdr)+sizeof(UdpHdr),data,datalen); SOCKET udp_sock = socket(AF_INET,SOCK_RAW,IPPROTO_UDP); u_long on = 1; setsockopt(udp_sock,IPPROTO_IP,IP_HDRINCL,(char*)&on,sizeof(on)); sendto(udp_sock,packet,packetlen,0,(sockaddr *)&to,sizeof(to)); free(packet); |
Here's a simple example for the subroutines used above (made extra simple)
| CODE |
#define nospoof 2 u_long randip (u_long destip) { struct in_addr ina; char convi[16]; int a, b, c, d; ina.s_addr = destip; srand((int) time(0) + rand()); sscanf (inet_ntoa(ina), "%d.%d.%d.%d", &a, &b, &c, &d); if (nospoof < 2) b = 1+rand() % 253; if (nospoof < 3) c = 1+rand() % 253; d = 1+rand() % 253; sprintf (convi, "%d.%d.%d.%d", a, b, c, d); return inet_addr (convi); } unsigned short ip_sum (u_short *addr, int len) { int nleft = len; u_short *w = addr; int sum = 0; u_short answer = 0; while (nleft > 1) { sum += *w++; nleft -= 2; } if (nleft == 1) { *(u_char *) &answer = *(u_char *) w; sum += answer; } sum = (sum >> 16) + (sum & 0xffff); sum += (sum >> 16); answer = ~sum; return (answer); } |
The needed structures go a little like this:
| CODE |
typedef struct _ip { char ip_vl; /* header length */ /* version */ char ip_tos; /* type of service */ USHORT ip_len; /* total length */ USHORT ip_id; /* identification */ USHORT ip_off; /* fragment offset field */ char ip_ttl; /* time to live */ char ip_p; /* protocol */ USHORT ip_sum; /* checksum */ struct in_addr ip_src, ip_dst; } IPHDR; typedef struct _udphdr { u_short uh_sport; /* source port */ u_short uh_dport; /* destination port */ short uh_ulen; /* udp length */ u_short uh_sum; /* udp checksum */ } UDPHDR; |
That's all .. hope that helps a bit
usefull , thanks for your work . 
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
