2
votes

I am going to paste here my code and errors:

#include "stdio.h"
#include "winsock2.h"

#define SIO_RCVALL _WSAIOW(IOC_VENDOR,1) //this removes the need of mstcpip.h

void StartSniffing (SOCKET Sock); //This will sniff here and there
void ProcessPacket (unsigned char* , int); //This will decide how to digest
void PrintIpHeader (unsigned char* , int);
void PrintUdpPacket (unsigned char* , int);
void ConvertToHex (unsigned char* , unsigned int);
void PrintData (unsigned char* , int);


//IP Header Structure
typedef struct ip_hdr
{
    unsigned char ip_header_len:4; // 4-bit header length (in 32-bit words) normally=5 (Means 20 Bytes may be 24 also)
    unsigned char ip_version :4; // 4-bit IPv4 version
    unsigned char ip_tos; // IP type of service
    unsigned short ip_total_length; // Total length
    unsigned short ip_id; // Unique identifier
    unsigned char ip_frag_offset :5; // Fragment offset field
    unsigned char ip_more_fragment :1;
    unsigned char ip_dont_fragment :1;
    unsigned char ip_reserved_zero :1;
    unsigned char ip_frag_offset1; //fragment offset
    unsigned char ip_ttl; // Time to live
    unsigned char ip_protocol; // Protocol(TCP,UDP etc)
    unsigned short ip_checksum; // IP checksum
    unsigned int ip_srcaddr; // Source address
    unsigned int ip_destaddr; // Source address
} IPV4_HDR;


//UDP Header Structure
typedef struct udp_hdr
{
    unsigned short source_port; // Source port no.
    unsigned short dest_port; // Dest. port no.
    unsigned short udp_length; // Udp packet length
    unsigned short udp_checksum; // Udp checksum (optional)
} UDP_HDR;


//ICMP Header Structure
typedef struct icmp_hdr
{
    BYTE type; // ICMP Error type
    BYTE code; // Type sub code
    USHORT checksum;
    USHORT id;
    USHORT seq;
} ICMP_HDR;


FILE *logfile;
int tcp=0,udp=0,icmp=0,others=0,igmp=0,total=0,i,j;
struct sockaddr_in source,dest;
char hex[2];

//Its free!
IPV4_HDR *iphdr;
UDP_HDR *udpheader;


int main()
{
    SOCKET sniffer;
    struct in_addr addr;
    int in;
    char hostname[100];
    struct hostent *local;
    WSADATA wsa;

    //logfile=fopen("log.txt","w");
    //if(logfile==NULL) printf("Unable to create file.");

    //Initialise Winsock
    printf("\nInitialising Winsock...");
    if (WSAStartup(MAKEWORD(2,2), &wsa) != 0)
    {
        printf("WSAStartup() failed.\n");
        return 1;
    }

    printf("Initialised");

    //Create a RAW Socket
    printf("\nCreating RAW Socket...");
    sniffer = socket(AF_INET, SOCK_RAW, IPPROTO_IP);
    if (sniffer == INVALID_SOCKET)
    {
        printf("Failed to create raw socket.\n");
        return 1;
    }

    printf("Created.");

    //Retrieve the local hostname
    if (gethostname(hostname, sizeof(hostname)) == SOCKET_ERROR)
    {
        printf("Error : %d",WSAGetLastError());
        return 1;
    }

    printf("\nHost name : %s \n",hostname);

    //Retrieve the available IPs of the local host
    local = gethostbyname(hostname);

    printf("\nAvailable Network Interfaces : \n");
    if (local == NULL)
    {
        printf("Error : %d.\n",WSAGetLastError());
        return 1;
    }

    for (i = 0; local->h_addr_list[i] != 0; ++i)
    {
        memcpy(&addr, local->h_addr_list[i], sizeof(struct in_addr));
        printf("Interface Number : %d Address : %s\n",i,inet_ntoa(addr));
    }

    printf("Enter the interface number you would like to sniff : ");
    scanf("%d",&in);

    memset(&dest, 0, sizeof(dest));
    memcpy(&dest.sin_addr.s_addr, local->h_addr_list[in], sizeof(dest.sin_addr.s_addr));
    dest.sin_family = AF_INET;
    dest.sin_port = 0;

    printf("\nBinding socket to local system and port 0 ...");
    if (bind(sniffer,(struct sockaddr *)&dest,sizeof(dest)) == SOCKET_ERROR)
    {
        printf("bind(%s) failed.\n", inet_ntoa(addr));
        return 1;
    }

    printf("Binding successful");

    //Enable this socket with the power to sniff : SIO_RCVALL is the key Receive ALL ;)
    j=1;
    printf("\nSetting socket to sniff...");

    if (WSAIoctl(sniffer, SIO_RCVALL,&j, sizeof(j), 0, 0,(LPDWORD)&in,0, 0) == SOCKET_ERROR)
    {
        printf("WSAIoctl() failed.\n");
        return 1;
    }

    printf("Socket set.");

    //Begin
    printf("\nStarted Sniffing\n");
    printf("Packet Capture Statistics...\n");
    StartSniffing(sniffer); //Happy Sniffing
    //End

    closesocket(sniffer);
    WSACleanup();

    return 0;
}

void StartSniffing(SOCKET sniffer)
{
    unsigned char *Buffer = ( unsigned char *)malloc(65536); //Its Big!
    int mangobyte;

    if (Buffer == NULL)
    {
        printf("malloc() failed.\n");
        return;
    }

    do
    {
    mangobyte = recvfrom(sniffer,(char *)Buffer,65536,0,0,0); //Eat as much as u can
    if(mangobyte > 0) ProcessPacket(Buffer, mangobyte);
    else printf( "recvfrom() failed.\n");
    }
    while (mangobyte > 0);

    free(Buffer);
}

void ProcessPacket(unsigned char* Buffer, int Size)
{
iphdr = (IPV4_HDR *)Buffer;
++total;
switch (iphdr->ip_protocol) //Check the Protocol and do accordingly...
{
case 1: //ICMP Protocol
++icmp;
//PrintIcmpPacket(Buffer,Size);
break;

case 2: //IGMP Protocol
++igmp;
break;

case 6: //TCP Protocol
++tcp;
//PrintTcpPacket(Buffer,Size);
break;

case 17: //UDP Protocol
++udp;
PrintUdpPacket(Buffer,Size);
break;

default: //Some Other Protocol like ARP etc.
++others;
break;
}

printf("TCP : %d UDP : %d ICMP : %d IGMP : %d Others : %d Total :  %d\r",tcp,udp,icmp,igmp,others,total);

}

void PrintIpHeader (unsigned char* Buffer, int Size)
{
    unsigned short iphdrlen;
    iphdr = (IPV4_HDR *)Buffer;
    iphdrlen = iphdr->ip_header_len*4;
    memset(&source, 0, sizeof(source));
    source.sin_addr.s_addr = iphdr->ip_srcaddr;
    memset(&dest, 0, sizeof(dest));
    dest.sin_addr.s_addr = iphdr->ip_destaddr;

    fprintf(logfile,"\n");
    fprintf(logfile,"IP Header\n");
    fprintf(logfile," |-IP Version : %d\n",(unsigned int)iphdr->ip_version);
    fprintf(logfile," |-IP Header Length : %d DWORDS or %d Bytes\n",(unsigned int)iphdr->ip_header_len);
    fprintf(logfile," |-Type Of Service : %d\n",(unsigned int)iphdr->ip_tos);
    fprintf(logfile," |-IP Total Length : %d Bytes(Size of  Packet)\n",ntohs(iphdr->ip_total_length));
    fprintf(logfile," |-Identification : %d\n",ntohs(iphdr->ip_id));
    fprintf(logfile," |-Reserved ZERO Field : %d\n",(unsigned int)iphdr->ip_reserved_zero);
    fprintf(logfile," |-Dont Fragment Field : %d\n",(unsigned int)iphdr->ip_dont_fragment);
    fprintf(logfile," |-More Fragment Field : %d\n",(unsigned int)iphdr->ip_more_fragment);
    fprintf(logfile," |-TTL : %d\n",(unsigned int)iphdr->ip_ttl);
    fprintf(logfile," |-Protocol : %d\n",(unsigned int)iphdr->ip_protocol);
    fprintf(logfile," |-Checksum : %d\n",ntohs(iphdr->ip_checksum));
    fprintf(logfile," |-Source IP : %s\n",inet_ntoa(source.sin_addr));
    fprintf(logfile," |-Destination IP : %s\n",inet_ntoa(dest.sin_addr));
}



void PrintUdpPacket(unsigned char *Buffer,int Size)
{
    unsigned short iphdrlen;
    iphdr = (IPV4_HDR *)Buffer;
    iphdrlen = iphdr->ip_header_len*4;
    udpheader = (UDP_HDR *)(Buffer + iphdrlen);

    fprintf(logfile,"\n\n***********************UDP Packet*************************\n");
    PrintIpHeader(Buffer,Size);
    fprintf(logfile,"\nUDP Header\n");
    fprintf(logfile," |-Source Port : %d\n",ntohs(udpheader->source_port));
    fprintf(logfile," |-Destination Port : %d\n",ntohs(udpheader->dest_port));
    fprintf(logfile," |-UDP Length : %d\n",ntohs(udpheader->udp_length));
    fprintf(logfile," |-UDP Checksum : %d\n",ntohs(udpheader->udp_checksum));
    fprintf(logfile,"\n");
    fprintf(logfile,"IP Header\n");
    PrintData(Buffer,iphdrlen);
    fprintf(logfile,"UDP Header\n");
    PrintData(Buffer+iphdrlen,sizeof(UDP_HDR));
    fprintf(logfile,"Data Payload\n");
    PrintData(Buffer+iphdrlen+sizeof(UDP_HDR), (Size - sizeof(UDP_HDR) - iphdr->ip_header_len*4));
    fprintf(logfile,"\n###########################################################");
}

void PrintData (unsigned char* data , int Size)
{
for(i=0 ; i < Size ; i++)
{
if( i!=0 && i%16==0) //if one line of hex printing is complete...
{
    fprintf(logfile," ");
    for(j=i-16 ; j<i ; j++)
    {
    if(data[j]>=32 && data[j]<=128)
    fprintf(logfile,"%c",(unsigned char)data[j]); //if its a number or alphabet
    else fprintf(logfile,"."); //otherwise print a dot
    }
    fprintf(logfile,"\n");
}

if(i%16==0) fprintf(logfile," ");
fprintf(logfile," %02X",(unsigned int)data[i]);

if( i==Size-1) //print the last spaces
{
for(j=0;j<15-i%16;j++) fprintf(logfile," "); //extra spaces
fprintf(logfile," ");
for(j=i-i%16 ; j<=i ; j++)
{
if(data[j]>=32 && data[j]<=128) fprintf(logfile,"%c",(unsigned char)data[j]);
else fprintf(logfile,".");
}

fprintf(logfile,"\n");
}
}
}

Following are the errors

Error   1   error LNK2019: unresolved external symbol __imp__WSACleanup@0 referenced in function _main  sniffer.obj sniffer test  
Error   2   error LNK2019: unresolved external symbol __imp__closesocket@4 referenced in function _main sniffer.obj sniffer test  
Error   3   error LNK2019: unresolved external symbol __imp__WSAIoctl@36 referenced in function _main   sniffer.obj sniffer test  
Error   4   error LNK2019: unresolved external symbol __imp__bind@12 referenced in function _main   sniffer.obj sniffer test  
Error   5   error LNK2019: unresolved external symbol __imp__inet_ntoa@4 referenced in function _main   sniffer.obj sniffer test  
Error   6   error LNK2019: unresolved external symbol __imp__gethostbyname@4 referenced in function _main   sniffer.obj sniffer test  
Error   7   error LNK2019: unresolved external symbol __imp__WSAGetLastError@0 referenced in function _main sniffer.obj sniffer test  
Error   8   error LNK2019: unresolved external symbol __imp__gethostname@8 referenced in function _main sniffer.obj sniffer test  
Error   9   error LNK2019: unresolved external symbol __imp__socket@12 referenced in function _main sniffer.obj sniffer test  
Error   10  error LNK2019: unresolved external symbol __imp__WSAStartup@8 referenced in function _main  sniffer.obj sniffer test  
Error   11  error LNK2019: unresolved external symbol __imp__recvfrom@24 referenced in function "void __cdecl StartSniffing(unsigned int)" (?StartSniffing@@YAXI@Z) sniffer.obj sniffer test  
Error   12  error LNK2019: unresolved external symbol __imp__ntohs@4 referenced in function "void __cdecl PrintIpHeader(unsigned char *,int)" (?PrintIpHeader@@YAXPAEH@Z)   sniffer.obj sniffer test  
Error   13  fatal error LNK1120: 12 unresolved externals    E:\CWM\sniffer test\Debug\sniffer test.exe  sniffer test
1

1 Answers

10
votes

You're not linking with the wsock32.lib library.