ÇÁ·Î±×·¡¹Ö

 3200, 1/160 ȸ¿ø°¡ÀÔ  ·Î±×ÀΠ 
   ssk1547
   sniffing Áß Áú¹®ÀÖ½À´Ï´Ù..

http://www.hackerschool.org/HS_Boards/zboard.php?AllArticle=true&no=6568 [º¹»ç]


Á¦°¡ ÇΰÅÇÁ¸°Æà µµ±¸¸¦ ¸¸µé°í Àִµ¥¿ä..


sniffing À» Çϴµ¥ ´Ù¸¥°÷¿¡¼­ º¸³»´Â ÆÐŶ Á¦°¡ º¸³»´Â ÆÐŶ ´Ù º¸¿©¿ä.


±×·±µ¥ connect¸¦ ÀÌ¿ëÇؼ­ ¿¬°áÀ» ½ÃÅ°°í ÆÐŶÀ» º¸¸é

syn¿Í ack ÆÐŶ¸¸ º¸ÀÌ´õ¶ó±¸¿ä. syn+ack´Â ¾Èº¸À̱¸¿ä. Áï ÀÀ´ä ÆÐŶÀÌ ¾Èº¸ÀÌ°í, Á¦°¡ º¸³»´Â °Í¸¸ º¸¿©¿ä..


¿ÍÀ̾î»þÅ©·Î È®ÀÎÇßÀ»¶§´Â ´Ù Àß º¸À̳׿ä..


syn+ack ÀÌ ÇÊ¿äÇѵ¥ Á¦°¡ ¾îµð¼­ À߸øÇÑÁö¸¦ ¸ð¸£°Ú³×¿ä..


Á¶¾ðÁ» ÇØÁÖ¼¼¿ä ¤Ð¤Ð


   sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
   memset(&Finger_Addr, 0, sizeof(Finger_Addr));
   Finger_Addr.sin_family = AF_INET;
   Finger_Addr.sin_addr.s_addr = inet_addr(Finger_IP);
   Finger_Addr.sin_port = htons(count);

   ret = connect(sock, (struct sockaddr *) &Finger_Addr, sizeof(Finger_Addr));










sniffer = socket(AF_INET, SOCK_RAW, IPPROTO_IP);

memcpy(&dest.sin_addr.s_addr, local->h_addr_list[in], sizeof(dest.sin_addr.s_addr));
dest.sin_family = AF_INET;
dest.sin_port = 0;

mangobyte = recvfrom(sniffer, Buffer, 65536, 0, 0, 0);
  Hit : 3137     Date : 2016/12/11 03:02