一个简单的静态web服务端程序(不断改进中)

[这个贴子最后由x86在 2005/11/30 08:55pm 第 10 次编辑] #pragma comment(lib,"Ws2_32.lib") #include #include #include #define SIO_RCVALL _WSAIOW(IOC_VENDOR,1) SOCKETTranSock[64]; structsockaddr_in client[64]; struct _SYSTEMTIME currenttime; DWORD CurrentTickCount = 0; long SynLinkTotal = 0; struct SynInfo{ unsigned long ip; DWORD arrivetickcount; struct SynInfo * next; }; char respondfilename[20] = "message.htm"; char messagehtm[20] = "messagetijiao.htm"; struct SynInfo *head; struct SynInfo *tail; struct SynInfo *fence; int WaitTime = 600; HANDLE ReadEvent = CreateEvent(NULL,TRUE,FALSE,NULL) ; HANDLE WriteEvent = CreateEvent(NULL,TRUE,FALSE,NULL); DWORDWINAPIRecv_Send_Thread( DWORD* socketindex ); DWORD WINAPI SynFloodDefend(char *temp); DWORD WINAPI CheckLinkThread() { DWORD dwResult=0; struct SynInfo *temp , *temptofree; while(TRUE) { temp = head; dwResult = WaitForSingleObject(ReadEvent,1000); if(dwResult == WAIT_TIMEOUT ) continue; ResetEvent(WriteEvent); while( temp->next != NULL) { if(CurrentTickCount >= temp->next->arrivetickcount) {temptofree = temp->next; temp->next = temptofree->next; free(temptofree); InterlockedDecrement(&SynLinkTotal);//SynLinkTotal-- printf("-1\n"); printf("%d\n",SynLinkTotal); } temp = temp->next; } SetEvent(WriteEvent); ResetEvent(ReadEvent); Sleep(1); } return 0; } DWORD WINAPI GetTime() { while(TRUE) {GetLocalTime(¤ttime); CurrentTickCount = GetTickCount(); Sleep(1); } } int main( void ) { DWORDwerror; WSADATA wsadata; SOCKETlistensocket; HOSTENT *host; HANDLE mesfp; structsockaddr_in serv_listen; charhostname[128]; DWORD index = 0; DWORD indextemp[64]; char * myip; intclen = sizeof(struct sockaddr); memset( &serv_listen , 0 , clen ); memset( &client ,0 , clen * 64 ); char messtijiao[]="" "" "欢迎来到KIKI';S WEB空间(呢称不超过10个汉字或者30字母) @_@.." "

" "

" "

" "请在这里输入你的留言(不超过400汉字或者1200字母):)
" "

" "" "

"; char mesfphtm[] = "" "" "欢迎来到KIKI';S WEB空间 @_@.." "

---

"; mesfp = CreateFile(messagehtm, GENERIC_WRITE, 0, (LPSECURITY_ATTRIBUTES)NULL, CREATE_NEW, FILE_ATTRIBUTE_NORMAL, NULL); if( mesfp != INVALID_HANDLE_VALUE ) {WriteFile(mesfp,messtijiao,strlen(messtijiao),&werror,NULL); CloseHandle(mesfp); } mesfp = CreateFile(respondfilename, GENERIC_WRITE, 0, (LPSECURITY_ATTRIBUTES)NULL, CREATE_NEW, FILE_ATTRIBUTE_NORMAL, NULL); if( mesfp != INVALID_HANDLE_VALUE ) {WriteFile(mesfp,mesfphtm,strlen(mesfphtm),&werror,NULL); CloseHandle(mesfp); } char IpDefendFileName[20] = "IpDefend.txt"; FILE *fp; fp = fopen(IpDefendFileName,"rb"); if(fp == NULL) {printf("创建ip列表文件错误!\n"); exit(0); } werror = WSAStartup( MAKEWORD(2,2) , &wsadata ); if( werror != 0 ) {printf("Load winsock dll failed!\n"); exit(0); } werror = gethostname( hostname , 20 ); if( werror == SOCKET_ERROR ) {printf( "Get host name error!\n" ); exit(0); } host=gethostbyname( hostname ); if( host == NULL ) {printf( "Get host by name failed!\n" ); exit(0); } listensocket = socket( AF_INET , SOCK_STREAM , IPPROTO_TCP ); if( listensocket == INVALID_SOCKET ) {printf( "Create listen socket error!\n" ); exit(0); } memcpy(&(serv_listen.sin_addr),host->h_addr,host->h_length); serv_listen.sin_family = AF_INET; serv_listen.sin_port = htons(81); myip = inet_ntoa(serv_listen.sin_addr); werror=bind( listensocket , (struct sockaddr*)&serv_listen , clen); if( werror == SOCKET_ERROR ) {printf( "Bind error!\n" ); exit(0); } werror = listen( listensocket , 5 ); if( werror == SOCKET_ERROR ) {printf( " Socket listen error!\n" ); exit(0); } CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)GetTime, NULL, 0, NULL ); head = (struct SynInfo*)malloc(sizeof(struct SynInfo)); head->arrivetickcount = 0xffffffff; head->ip = 0xffffffff; head->next = NULL; fence = head; CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)CheckLinkThread, NULL, 0, NULL ); CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)SynFloodDefend, (PVOID)myip, 0, NULL ); char ipdef[16]; char c; int i = 0; int defendflag = 0; while(1) {if( index == 64 ) index = 0; while( (TranSock[index] !=0xcccccccc) && (TranSock[index] !=-1) && (TranSock[index] !=0) ) { index++; if( index == 64 ) index = 0; } TranSock[index] = accept( listensocket , ( struct sockaddr * )&client[index] , &clen ); if( TranSock[index] == INVALID_SOCKET ) { printf( "Socket Accept Error: %d \n" , WSAGetLastError() ); closesocket( TranSock[index] ); TranSock[index] = 0; continue; } indextemp[index] = index; memset(ipdef,0,16); defendflag = 0; i = 0; while(c = fgetc(fp),c != EOF) { if((c>0x29 && c<0x3a) || (c == 0x2e) || (c == ';\n';) || (c == ';#';) || (c == '; ';) || (c == ';\t';)) {ipdef = c; if(c == ';\n'; || c == ';#'; || (c == '; ';) || (c == ';\t';)) {ipdef = 0; i = -1; if(strcmp(ipdef,inet_ntoa(client[index].sin_addr)) == 0) {printf("IP:%s被禁止访问!\n",ipdef); closesocket( TranSock[index] ); TranSock[index] = 0; defendflag = 1; break; } } i++; if(i == 16) i = 0; } } fseek(fp,0,0); if(defendflag == 1) continue; CreateThread( NULL, 0, (LPTHREAD_START_ROUTINE)Recv_Send_Thread, (PVOID)&indextemp[index], 0, NULL ); index++; } fclose(fp); return 0; } //++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ // //++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ DWORD WINAPI Recv_Send_Thread( DWORD* pindex ) { charrecvmem[2048]; char userid[40]; char message[1600]; charTimeFmr[] = "%d,%d/%d/%d %d:%d:%d GMT"; char MimeType[]= "%s/%s"; char outtime[50]; charType[40]; HANDLEfp; DWORDsocketindex = *( (DWORD *)pindex ); interrorcode = 0; DWORDsendbt=0; char headers[500]; charhdrFmtNor[]= "HTTP/1.0 200 OK\r\n" "Server: KIKI';s Web Server\r\n" "Date: %s\r\n" "Accept-Ranges: bytes\r\n" "Content-Length: %d\r\n" "Content-Type: %s\r\n\r\n"; charhdrFmtDown[]= "HTTP/1.0 206 Partial content\r\n" "Server: KIKI';s Web Server\r\n" "Date: %s\r\n" "Accept-Ranges: bytes\r\n" "Content-Length: %d\r\n" "Content-Type: %s\r\n\r\n"; memset( recvmem , 0 ,2048 ); errorcode = recv( TranSock[socketindex] , recvmem , 2048 , 0 ); if ( errorcode == SOCKET_ERROR || errorcode == 0 ) {printf( "Recv Error: %d\n" , WSAGetLastError() ); closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; return -1; } char a[2]; DWORD temp1,temp2; DWORD i = 0, j = 0; wsprintf( outtime , TimeFmr , currenttime.wDayOfWeek, currenttime.wDay, currenttime.wMonth , currenttime.wYear , currenttime.wHour , currenttime.wMinute , currenttime.wSecond); int readflag=0,writeflag=0; if(strlen(recvmem) < 5 ||strlen(recvmem) >=1700 ) { printf("这是一组恶意数据\n\n"); send(TranSock[socketindex],"something wrong!please check the error and retry",48,0) ; closesocket(TranSock[socketindex]); TranSock[socketindex] = 0; return -1; } if((recvmem[0] == ';G'; ) && (recvmem[1] == ';E'; ) && (recvmem[2] == ';T'; ) && (recvmem[3] == '; '; ) && (recvmem[4] == ';/'; )) {readflag = 1;} else if(recvmem[0] == ';P'; && recvmem[1] == ';O'; && recvmem[2] == ';S'; && recvmem[3] == ';T'; && recvmem[4] == '; '; && recvmem[5] == ';/'; && recvmem[6] == ';m'; && recvmem[7] == ';e'; && recvmem[8] == ';s'; && recvmem[9] == ';s'; && recvmem[10] == ';a'; && recvmem[11] == ';g'; && recvmem[12] == ';e'; && recvmem[13] == '; '; ) {writeflag = 1;} else { printf("这是一组恶意数据\n\n"); send(TranSock[socketindex],"something wrong!please check the error and retry",48,0) ; closesocket(TranSock[socketindex]); TranSock[socketindex] = 0; return -1; } if(readflag) { charsendfile[1400]; charfilename[50] = "index.htm"; chartempname[10] = "index.htm"; DWORDdwRead = 0; intlen; memset( sendfile , 0 , 1400 ); strcpy( filename , tempname ); if( recvmem[5]!=32 ) { memset(filename,0,50); for(i=5;recvmem!=32;i++) filename[i-5]=recvmem; } for( i=0 ; i<50 ; i++ ) if( (filename==';:';) || (filename==';*';) || (filename==';%';) ) {printf( "Time:%s\n%s企图请求的页面文件：%s.\n\n" , outtime , inet_ntoa(client[socketindex].sin_addr) , filename ); send(TranSock[socketindex],"对不起,您访问的页面不存在!",26,0); closesocket(TranSock[socketindex]); TranSock[socketindex] = 0; return -1; } int backcounter=0; int nextcounter=0; for( i=0 ; i<48 ; i++ ) {if((filename==';.';)&&(filename[i+1]==';.';)&&(filename[i+2]==';/';)) backcounter++; } for( i=0 ; i<50 ; i++ ) {if(filename==';/';) nextcounter++; } if(!(nextcounter-backcounter-1 >= backcounter)&&(backcounter!=0)&&(nextcounter!=0)) {printf( "Time:%s\n%s企图请求的页面文件：%s.\n\n" , outtime , inet_ntoa(client[socketindex].sin_addr) , filename ); send(TranSock[socketindex],"对不起,您访问的页面不存在!",26,0); closesocket(TranSock[socketindex]); TranSock[socketindex] = 0; return -1; } for( i=0 ; i<49 ; i++ ) if((filename==';.';)&&(filename[i+1]==';\\';)) {printf( "Time:%s\n%s企图请求的页面文件：%s.\n\n" , outtime , inet_ntoa(client[socketindex].sin_addr) , filename ); send(TranSock[socketindex],"对不起,您访问的页面不存在!",26,0); closesocket(TranSock[socketindex]); TranSock[socketindex] = 0; return -1; } for( i=0 ; i<48 ; i++ ) if((filename!=';.';)&&(filename[i+1]==';.';)&&(filename[i+2]==';/';)) {printf( "Time:%s\n%s企图请求的页面文件：%s.\n\n" , outtime , inet_ntoa(client[socketindex].sin_addr) , filename ); send(TranSock[socketindex],"对不起,您访问的页面不存在!",26,0); closesocket(TranSock[socketindex]); TranSock[socketindex] = 0; return -1; } i=0; DWORD start; char size[32]; memset(size , 0 , 32); while(i != 1024) {if(recvmem == ';=';) {i++; while(recvmem != ';-';) {size[j] = recvmem; i++; j++; } break; } else i++; } if(size[0] == 0) start = 0; else start = atol(size); fp = CreateFile(filename, GENERIC_READ, FILE_SHARE_READ, (LPSECURITY_ATTRIBUTES)NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); if( fp == INVALID_HANDLE_VALUE ) {printf( "%s open file: %s error!\n" , inet_ntoa( client[socketindex].sin_addr ) , filename ); send(TranSock[socketindex],"对不起,您访问的页面不存在!",26,0); closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; return -1; } i = GetFileSize(fp,NULL); j = i / 1400; len = strlen( filename ); if((filename[len-3]==';h';&&filename[len-2]==';t';&&filename[len-1]==';m';)||\ (filename[len-3]==';H';&&filename[len-2]==';T';&&filename[len-1]==';M';)||\ (filename[len-4]==';h';&&filename[len-3]==';t';&&filename[len-2]==';m';&&filename[len-1]==';l';)||\ (filename[len-4]==';H';&&filename[len-3]==';T';&&filename[len-2]==';M';&&filename[len-1]==';L';)||\ (filename[len-5]==';s';&&filename[len-4]==';h';&&filename[len-3]==';t';&&filename[len-2]==';m';&&filename[len-1]==';l';)||\ (filename[len-5]==';S';&&filename[len-4]==';H';&&filename[len-3]==';T';&&filename[len-2]==';M';&&filename[len-1]==';L';)) wsprintf(Type,MimeType,"text","html"); else if( (filename[len-3]==';j';&&filename[len-2]==';p';&&filename[len-1]==';g';)||\ (filename[len-3]==';J';&&filename[len-2]==';P';&&filename[len-1]==';G';)||\ (filename[len-3]==';j';&&filename[len-2]==';p';&&filename[len-1]==';e';)||\ (filename[len-3]==';J';&&filename[len-2]==';P';&&filename[len-1]==';E';)||\ (filename[len-4]==';j';&&filename[len-3]==';p';&&filename[len-2]==';e';&&filename[len-1]==';g';)||\ (filename[len-4]==';J';&&filename[len-3]==';P';&&filename[len-2]==';E';&&filename[len-1]==';G';)) wsprintf(Type,MimeType,"image","jpeg"); else if( (filename[len-3]==';g';&&filename[len-2]==';i';&&filename[len-1]==';f';)||\ (filename[len-3]==';G';&&filename[len-2]==';I';&&filename[len-1]==';F';)) wsprintf(Type,MimeType,"image","gif"); else if( (filename[len-3]==';c';&&filename[len-2]==';s';&&filename[len-1]==';s';)||\ (filename[len-3]==';C';&&filename[len-2]==';S';&&filename[len-1]==';S';)) wsprintf(Type,MimeType,"text","css"); else if( (filename[len-3]==';t';&&filename[len-2]==';x';&&filename[len-1]==';t';)||\ (filename[len-3]==';T';&&filename[len-2]==';X';&&filename[len-1]==';T';)) wsprintf(Type,MimeType,"text","plain"); else if( (filename[len-3]==';p';&&filename[len-2]==';d';&&filename[len-1]==';f';)||\ (filename[len-3]==';P';&&filename[len-2]==';D';&&filename[len-1]==';F';)) wsprintf(Type,MimeType,"application","pdf"); else if( (filename[len-3]==';s';&&filename[len-2]==';w';&&filename[len-1]==';f';)||\ (filename[len-3]==';S';&&filename[len-2]==';W';&&filename[len-1]==';F';)||\ (filename[len-3]==';c';&&filename[len-2]==';a';&&filename[len-1]==';b';)||\ (filename[len-3]==';C';&&filename[len-2]==';A';&&filename[len-1]==';B';)) wsprintf(Type,MimeType,"application","x-shockwave-flash"); else if( (filename[len-3]==';d';&&filename[len-2]==';o';&&filename[len-1]==';c';)||\ (filename[len-3]==';D';&&filename[len-2]==';O';&&filename[len-1]==';C';)||\ (filename[len-3]==';d';&&filename[len-2]==';o';&&filename[len-1]==';t';)||\ (filename[len-3]==';D';&&filename[len-2]==';O';&&filename[len-1]==';T';)) wsprintf(Type,MimeType,"application","msword"); else if( (filename[len-3]==';h';&&filename[len-2]==';l';&&filename[len-1]==';p';)||\ (filename[len-3]==';H';&&filename[len-2]==';L';&&filename[len-1]==';P';)||\ (filename[len-3]==';c';&&filename[len-2]==';h';&&filename[len-1]==';m';)||\ (filename[len-3]==';C';&&filename[len-2]==';H';&&filename[len-1]==';M';)) wsprintf(Type,MimeType,"application","mshelp"); else if( (filename[len-3]==';x';&&filename[len-2]==';l';&&filename[len-1]==';s';)||\ (filename[len-3]==';X';&&filename[len-2]==';L';&&filename[len-1]==';S';)||\ (filename[len-3]==';x';&&filename[len-2]==';l';&&filename[len-1]==';a';)||\ (filename[len-3]==';X';&&filename[len-2]==';L';&&filename[len-1]==';A';)) wsprintf(Type,MimeType,"application","msexcel"); else if( (filename[len-3]==';p';&&filename[len-2]==';p';&&filename[len-1]==';t';)||\ (filename[len-3]==';P';&&filename[len-2]==';P';&&filename[len-1]==';T';)||\ (filename[len-3]==';p';&&filename[len-2]==';p';&&filename[len-1]==';z';)||\ (filename[len-3]==';P';&&filename[len-2]==';P';&&filename[len-1]==';T';)||\ (filename[len-3]==';p';&&filename[len-2]==';p';&&filename[len-1]==';s';)||\ (filename[len-3]==';P';&&filename[len-2]==';P';&&filename[len-1]==';S';)||\ (filename[len-3]==';p';&&filename[len-2]==';o';&&filename[len-1]==';t';)||\ (filename[len-3]==';P';&&filename[len-2]==';O';&&filename[len-1]==';T';)) wsprintf(Type,MimeType,"application","mspowerpoint"); else if( (filename[len-3]==';b';&&filename[len-2]==';i';&&filename[len-1]==';n';)||\ (filename[len-3]==';B';&&filename[len-2]==';I';&&filename[len-1]==';N';)||\ (filename[len-3]==';e';&&filename[len-2]==';x';&&filename[len-1]==';e';)||\ (filename[len-3]==';E';&&filename[len-2]==';X';&&filename[len-1]==';E';)||\ (filename[len-3]==';c';&&filename[len-2]==';o';&&filename[len-1]==';m';)||\ (filename[len-3]==';C';&&filename[len-2]==';O';&&filename[len-1]==';M';)||\ (filename[len-3]==';d';&&filename[len-2]==';l';&&filename[len-1]==';l';)||\ (filename[len-3]==';D';&&filename[len-2]==';L';&&filename[len-1]==';L';)||\ (filename[len-5]==';c';&&filename[len-4]==';l';&&filename[len-3]==';a';&&filename[len-2]==';s';&&filename[len-1]==';s';)||\ (filename[len-5]==';C';&&filename[len-4]==';L';&&filename[len-3]==';A';&&filename[len-2]==';S';&&filename[len-1]==';S';)) wsprintf(Type,MimeType,"application","octet-stream"); else if( (filename[len-3]==';a';&&filename[len-2]==';v';&&filename[len-1]==';i';)||\ (filename[len-3]==';A';&&filename[len-2]==';V';&&filename[len-1]==';I';)) wsprintf(Type,MimeType,"video","x-msvideo"); else wsprintf(Type,MimeType,"*","*"); if(start == 0) wsprintf(headers, hdrFmtNor, (const char*)outtime, i ,Type); else wsprintf(headers, hdrFmtDown, (const char*)outtime, i-start ,Type); printf( "Time:%s\n%s企图请求的页面文件：%s . 使用的套接字ID:Socket[%d]\n\n" , outtime , inet_ntoa(client[socketindex].sin_addr) , filename, socketindex ); sendbt = send( TranSock[socketindex] , headers , strlen(headers) , 0 ); if(-1 == SetFilePointer(fp,start,NULL,FILE_BEGIN)) {printf("SetFilePointer Error :%d\n",GetLastError()); send(TranSock[socketindex],"对不起,服务端错误!",18,0); closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; CloseHandle(fp); return -1; } do{ BOOL fRead = ReadFile(fp, sendfile, 1400, &dwRead, NULL); if(fRead == FALSE) {printf("读取文件错误!文件名:%s\n" , filename); send(TranSock[socketindex],"对不起,您访问的页面不存在!",26,0); closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; CloseHandle(fp); return -1; } else if(fRead && dwRead) {sendbt = send( TranSock[socketindex] , sendfile , 1400 , 0 ); if( sendbt == SOCKET_ERROR ) {printf("Send Error:%d!\n",GetLastError()); closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; CloseHandle(fp); return -1; } memset(sendfile , 0 , 1400); } else { sendbt = send( TranSock[socketindex] , sendfile , j , 0 ); if( sendbt == SOCKET_ERROR ) {printf("Send Error:%d!\n",GetLastError()); closesocket( TranSock[socketindex] ); CloseHandle(fp); TranSock[socketindex] = 0; return -1; } } }while(dwRead == 1400); CloseHandle(fp); closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; } //+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ //+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ else if(writeflag) {memset(userid,0,40); memset(message,0,1600); int recvlen = strlen(recvmem); char contentlen_str[5]; memset(contentlen_str,0,5); for(i=0;i<1000;i++) {if((recvmem[i+0] == ';C';)&& (recvmem[i+1] == ';o';)&& (recvmem[i+2] == ';n';)&& (recvmem[i+3] == ';t';)&& (recvmem[i+4] == ';e';)&& (recvmem[i+5] == ';n';)&& (recvmem[i+6] == ';t';)&& (recvmem[i+7] == ';-';)&& (recvmem[i+8] == ';L';)&& (recvmem[i+9] == ';e';)&& (recvmem[i+10] == ';n';)&& (recvmem[i+11] == ';g';)&& (recvmem[i+12] == ';t';)&& (recvmem[i+13] == ';h';)&& (recvmem[i+14] == ';:';)) {i += 16; break; } if(i==999) {printf("NO find Content-Length!\n"); send(TranSock[socketindex],"something wrong!please check the error and retry",48,0) ; closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; return -1; } } while((recvmem !=';\r';) && (recvmem[i+1] != ';\n';)) {if((recvmem<0x30) || (recvmem>0x39)) {printf("Content-Length Error:%d%x\n",i,recvmem); send(TranSock[socketindex],"something wrong!please check the error and retry",48,0) ; closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; return -1; } contentlen_str[j] = recvmem; if(j>4) {printf("Content-Length Error:%d%x\n",i,recvmem); send(TranSock[socketindex],"something wrong!please check the error and retry",48,0) ; closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; return -1; } i++; j++; } DWORD content_length = atol(contentlen_str); if(content_length > 1247 ) {send(TranSock[socketindex],"Content Too Long!",17,0); closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; return -1; } DWORD content_start = recvlen - (content_length+3); content_start += 8; i = 0; while((recvmem[content_start] != ';&';)) {if(i>30) {printf("Get userid Error, too long!\n"); send(TranSock[socketindex],"something wrong!please check the error and retry",48,0) ; closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; return -1; } userid = recvmem[content_start]; content_start++; i++; } i = 0; content_start += 9; while(i <1200) {if(recvmem[content_start] == ';\r'; || (unsigned char)recvmem[content_start] == 0 ) break; message = recvmem[content_start]; content_start++; i++; } printf("user:%s\nrespond:%s\n",userid,message); char sendout[4092]; unsigned char auserid[40]; unsigned char amessage[1600]; memset(auserid,0,40); memset(amessage,0,1600); j=0; for(i=0;j = (unsigned char)userid[j]; if(auserid == 0x25) {a[0] = userid[j+1]; a[1] = userid[j+2]; if(((unsigned char)a[0]>47)&&((unsigned char)a[0]<58)) temp1=(a[0]-48)*16; else if(((unsigned char)a[0]>64)&&((unsigned char)a[0]<71)) temp1=(a[0]-55)*16; else temp1=0; if((unsigned char)a[1]>47&&(unsigned char)a[1]<58) temp2=(a[1]-48); else if((unsigned char)a[1]>64&&(unsigned char)a[1]<71) temp2=(a[1]-55); else temp2=0; temp1+=temp2; auserid =(unsigned char) temp1; j+=2; } j++; } j=0; for(i=0;j = (unsigned char)message[j]; if(amessage == 0x25) {a[0] = message[j+1]; a[1] = message[j+2]; if(((unsigned char)a[0]>47)&&((unsigned char)a[0]<58)) temp1=(a[0]-48)*16; else if(((unsigned char)a[0]>64)&&((unsigned char)a[0]<71)) temp1=(a[0]-55)*16; else temp1=0; if((unsigned char)a[1]>47&&(unsigned char)a[1]<58) temp2=(a[1]-48); else if((unsigned char)a[1]>64&&(unsigned char)a[1]<71) temp2=(a[1]-55); else temp2=0; temp1+=temp2; amessage =(unsigned char) temp1; j+=2; } j++; } for(i=0;i == ';<'; ) {auserid=';&';; j=strlen((char*)auserid)+2; while(j-1>i) {auserid[j-1]=auserid[j-3]; j--; } auserid[i+1]=';l';; auserid[i+2]=';t';; } if((char)auserid == ';>';) {auserid=';&';; j=strlen((char*)auserid)+2; while(j-1>i) {auserid[j-1]=auserid[j-3]; j--; } auserid[i+1]=';g';; auserid[i+2]=';t';; } if((char)auserid == ';+';) auserid = 0x20; } for(i=0;i == ';<'; ) {amessage=';&';; j=strlen((char*)amessage)+2; while(j-1>i) {amessage[j-1]=amessage[j-3]; j--; } amessage[i+1]=';l';; amessage[i+2]=';t';; } if((char)amessage == ';>';) {amessage=';&';; j=strlen((char*)amessage)+2; while(j-1>i) {amessage[j-1]=amessage[j-3]; j--; } amessage[i+1]=';g';; amessage[i+2]=';t';; } if((char)amessage == ';+';) amessage = 0x20; } for(i=0;i == 0xd)&&((char)amessage[i+1] == 0xa)) {amessage=';<';; amessage[i+1]=';b';; j=strlen((char*)amessage)+2; while(j-1>i+1) {amessage[j-1]=amessage[j-3]; j--; } amessage[i+2]=';r';; amessage[i+3]=';>';; } } memset(sendout,0,4096); wsprintf(sendout,"\r\n时间:%s
\r\nIP:%s
\r\n访客id:%s
\r\n访客留言:
",outtime,inet_ntoa(client[socketindex].sin_addr),(char*)auserid); strcat(sendout,(char*)amessage); strcat(sendout,"

---

\r\n\r\n\0"); fp = CreateFile(respondfilename, GENERIC_WRITE, 0, (LPSECURITY_ATTRIBUTES)NULL, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL); if( fp == INVALID_HANDLE_VALUE ) {printf( "%s open file: %s error!\n" , inet_ntoa( client[socketindex].sin_addr ) , respondfilename ); printf( "--------------------------------------------------------------------------------" ); send(TranSock[socketindex],"something wrong!please check the error and retry",48,0) ; closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; return -1; } j = strlen(sendout); DWORD total =0; BOOL flag=FALSE; while(total

---

系统将在1秒后跳转到留言页面，你也可以点击这里查看留言

---

"; errorcode = send(TranSock[socketindex] ,backstr , strlen(backstr) , 0 ); if ( errorcode == SOCKET_ERROR || errorcode == 0 ) {printf( "Respond Error: %d\n" , WSAGetLastError() ); send(TranSock[socketindex],"something wrong!please check the error and retry",48,0) ; closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; return -1; } CloseHandle(fp); closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; } return 0; } //****************************************************************** //使用原始套接字实现监听的线程,传递的参数为指向本机ip的字符指针 //****************************************************************** DWORD WINAPI SynFloodDefend( char*temp ) {SOCKETSnifferSocket; structsockaddr_in sa; charsniffmem[50]; inti = 0; DWORD flag=0; char MyIpFmr[]="%d.%d.%d.%d"; char MyIp[15]; flag = SnifferSocket = socket(AF_INET,SOCK_RAW,IPPROTO_IP); if ( flag == INVALID_SOCKET ) {printf( "socket error!\n" ); return -1; } memset(&sa , 0 , sizeof (struct sockaddr_in) ); sa.sin_addr.s_addr = inet_addr((char*)temp); sa.sin_family = AF_INET; sa.sin_port = htons(7000); flag = bind(SnifferSocket , (struct sockaddr *)&sa , sizeof(sa) ) ; if( flag == SOCKET_ERROR ) {printf( "Bind error!\n" ); return -1; } DWORD outbuf[10]; DWORD contrlflag = 1 ; DWORD dwBytesReturned = 0 ; flag = WSAIoctl( SnifferSocket, SIO_RCVALL, &contrlflag, sizeof(contrlflag), &outbuf, sizeof( outbuf ), &dwBytesReturned , NULL , NULL ); if( flag == SOCKET_ERROR ) { printf( "WSAIoctl Error!%d\n" , WSAGetLastError() ); return -1; } printf("Set OK!\n"); char ProType[15]; char ProFmr[] = "%s(%d)"; char Pro0[] = "IP"; char Pro1[] = "ICMP"; char Pro2[] = "IGMP"; char Pro6[] = "TCP"; char Pro17[] = "UDP"; char Pro255[]= "RAW"; char TimeFmr[]="时间: %d:%d:%d\n"; char TimeOut[15]; char IpFmr[]= "%d.%d.%d.%d:%d"; char sourceip[25]; char destip[25]; unsigned short int sourceport=0; unsigned short int destport=0; int overflag = 0; SetEvent(WriteEvent); DWORD dwResult=0; while(TRUE) {memset(sniffmem,0,50); memset(ProType,0,15); memset(sourceip,0,25); memset(destip,0,25); memset(MyIp,0,15); flag = recv( SnifferSocket , sniffmem , sizeof(sniffmem) , 0 ) ; wsprintf(TimeOut , TimeFmr , currenttime.wHour, currenttime.wMinute , currenttime.wSecond); wsprintf( MyIp , MyIpFmr ,(unsigned char)sniffmem[16], (unsigned char)sniffmem[17], (unsigned char)sniffmem[18], (unsigned char)sniffmem[19]); if(inet_addr((char*)temp) != inet_addr(MyIp) ) continue; else {printf( "%s" , TimeOut); sourceport = (unsigned char)sniffmem[20]; sourceport *= 0x100; sourceport += (unsigned char)sniffmem[21]; destport = (unsigned char)sniffmem[22]; destport *= 0x100; destport += (unsigned char)sniffmem[23]; wsprintf(sourceip,IpFmr,(unsigned char)sniffmem[12] , (unsigned char)sniffmem[13], (unsigned char)sniffmem[14],(unsigned char)sniffmem[15], sourceport); wsprintf(destip,IpFmr, (unsigned char)sniffmem[12+4] , (unsigned char)sniffmem[13+4], (unsigned char)sniffmem[14+4],(unsigned char)sniffmem[15+4], destport); printf("%s\t--->\t%s\n",sourceip,destip); if(sniffmem[9] == 6) wsprintf( ProType , ProFmr , Pro6 , 6 ); else if(sniffmem[9] == 17) wsprintf( ProType , ProFmr , Pro17 , 17 ); else if(sniffmem[9] == 1) wsprintf( ProType , ProFmr , Pro1 , 1 ); else if(sniffmem[9] == 0) wsprintf( ProType , ProFmr , Pro0 , 0 ); else if(sniffmem[9] == 255) wsprintf( ProType , ProFmr , Pro255 , 255 ); else if(sniffmem[9] == 2) wsprintf( ProType , ProFmr , Pro2 , 2 ); else wsprintf( ProType , ProFmr , "Unknown" , sniffmem[9] ); printf("协议类型: %s\n",ProType); if( (unsigned char)sniffmem[33] == 18 ) {printf( "一个SYN包!\n" ); dwResult = WaitForSingleObject(WriteEvent,1000); if(dwResult == WAIT_TIMEOUT ) continue; ResetEvent(ReadEvent); fence->next = (struct SynInfo*)malloc(sizeof(struct SynInfo)); fence = fence->next; fence->ip = inet_addr(sourceip); fence->arrivetickcount = CurrentTickCount + WaitTime; fence->next = NULL; InterlockedIncrement(&SynLinkTotal); //SynLinkTotal++ printf("+1\n"); printf("%d\n",SynLinkTotal); SetEvent(ReadEvent); } printf("\n"); } } closesocket(SnifferSocket); return 0; }

   我也写了个，很简单的静态的web server
   http://www.xtiger.net/product/Xtiger';s%20WebServer.rar
   也有很多毛病，大家帮帮测试一下。提提建议。谢谢！

tiger,你那个程序好象有点问题,另外能不能把你的代码帖出来哦,看看你的思路!：）
还有，你说的安全问题是指哪些？可能面对的安全问题又有哪些呢？？
对客户端提交的命令是怎么处理的？
每一种类型都有对应的处理过程么？

  在perl中基本上都是使用现成的模块实现的，代码也比较败类，等我完善了再说吧。

  安全问题是指如同IIS5闹NIMDA和REDCODE病毒的时候的漏洞，就是使用/../请求可以跳转到任意目录浏览任意文件，并可以操作cmd.exe。而我那个就能限制这些。

恩,确实这个代码也有类似的漏洞...

if(recvmem[5]!=32)
{memset(filename,0,50);
  for(i=5;recvmem!=32;i++)
filename[i-5]=recvmem;
}
这里应该对获取的文件名进行可能的处理...

#include #include #include #pragma comment(lib,"Ws2_32.lib") WSABUF recvbuf[64]; WSABUF sendbuf[64]; char* recvmem[64]; char* sendmem[64]; DWORD recveventtotal = 0; DWORD sendeventtotal = 0; DWORD index1=0; DWORD index2=0; DWORD socketindex=0; DWORD flags1=0; DWORD flags2=0; DWORD recv1bytes=0; DWORD recv2bytes=0; DWORD sendbytes=0; DWORD recvmemindex=0; DWORD sendmemindex=0; WSAEVENT recveventarray[64]; WSAEVENT sendeventarray[64]; WSAOVERLAPPED recvoverlapped[64]; WSAOVERLAPPED sendoverlapped[64]; SOCKET acceptsocket[64]; struct sockaddr_in client[64]; DWORD WINAPI Thread2(DWORD* mid) {char ServTime[]="%d,%d/%d/%d %d:%d:%d GMT"; char MimeType[]="%s/%s"; DWORD index=*((DWORD *)mid); long timenow; struct tm *currenttime; DWORD sendbt=0; char headers[500]; char nowtime[50]; char Type[40]; char hdrFmt[]= "HTTP/1.0 200 OK\r\n" "Server: KIKI';s Web Server\r\n" "Date: %s\r\n" "Accept-Ranges: bytes\r\n" "Content-Length: %d\r\n" "Content-Type: %s\r\n\r\n"; FILE *fp; char sendfile[1400]; char filename[50]="index.htm"; char tempname[10]="index.htm"; int i=0; int j=0; int k=0; int len; unsigned char c; memset(sendfile,0,1400); strcpy(filename,tempname); timenow=time(NULL); currenttime=localtime(&timenow); wsprintf(nowtime,ServTime,currenttime->tm_wday,currenttime->tm_mday,((currenttime->tm_mon)+1),((currenttime->tm_year)-100),currenttime->tm_hour,currenttime->tm_min,currenttime->tm_sec); if(recvbuf[index1-WSA_WAIT_EVENT_0].buf[5]!=32) {memset(filename,0,50); for(i=5;recvbuf[index1-WSA_WAIT_EVENT_0].buf!=32;i++) filename[i-5]=recvbuf[index1-WSA_WAIT_EVENT_0].buf; } fp=fopen(filename,"rb"); if(fp==NULL) {printf("%s open file: %s error!\n",inet_ntoa(client[index].sin_addr),filename); printf("--------------------------------------------------------------------------------"); closesocket(acceptsocket[index]); } for(i=0;i<50;i++) if((filename==';:';)||(filename==';*';)||(filename==';%';)) {printf("Time:%s\n%s企图请求的页面文件：%s.文件大小：%d字节\n\n",nowtime,inet_ntoa(client[index].sin_addr),filename,i); printf("\n--------------------------------------------------------------------------------"); closesocket(acceptsocket[index]); return -1; } k=0; i=0; while(c=fgetc(fp),!feof(fp)) i++; j=i/1400; len=strlen(filename); if((filename[len-3]==';h';&&filename[len-2]==';t';&&filename[len-1]==';m';)||\ (filename[len-3]==';H';&&filename[len-2]==';T';&&filename[len-1]==';M';)||\ (filename[len-4]==';h';&&filename[len-3]==';t';&&filename[len-2]==';m';&&filename[len-1]==';l';)||\ (filename[len-4]==';H';&&filename[len-3]==';T';&&filename[len-2]==';M';&&filename[len-1]==';L';)||\ (filename[len-5]==';s';&&filename[len-4]==';h';&&filename[len-3]==';t';&&filename[len-2]==';m';&&filename[len-1]==';l';)||\ (filename[len-5]==';S';&&filename[len-4]==';H';&&filename[len-3]==';T';&&filename[len-2]==';M';&&filename[len-1]==';L';)) wsprintf(Type,MimeType,"text","html"); else if( (filename[len-3]==';j';&&filename[len-2]==';p';&&filename[len-1]==';g';)||\ (filename[len-3]==';J';&&filename[len-2]==';P';&&filename[len-1]==';G';)||\ (filename[len-3]==';j';&&filename[len-2]==';p';&&filename[len-1]==';e';)||\ (filename[len-3]==';J';&&filename[len-2]==';P';&&filename[len-1]==';E';)||\ (filename[len-4]==';j';&&filename[len-3]==';p';&&filename[len-2]==';e';&&filename[len-1]==';g';)||\ (filename[len-4]==';J';&&filename[len-3]==';P';&&filename[len-2]==';E';&&filename[len-1]==';G';)) wsprintf(Type,MimeType,"image","jpeg"); else if( (filename[len-3]==';g';&&filename[len-2]==';i';&&filename[len-1]==';f';)||\ (filename[len-3]==';G';&&filename[len-2]==';I';&&filename[len-1]==';F';)) wsprintf(Type,MimeType,"image","gif"); else if( (filename[len-3]==';c';&&filename[len-2]==';s';&&filename[len-1]==';s';)||\ (filename[len-3]==';C';&&filename[len-2]==';S';&&filename[len-1]==';S';)) wsprintf(Type,MimeType,"text","css"); else if( (filename[len-3]==';t';&&filename[len-2]==';x';&&filename[len-1]==';t';)||\ (filename[len-3]==';T';&&filename[len-2]==';X';&&filename[len-1]==';T';)) wsprintf(Type,MimeType,"text","plain"); else if( (filename[len-3]==';p';&&filename[len-2]==';d';&&filename[len-1]==';f';)||\ (filename[len-3]==';P';&&filename[len-2]==';D';&&filename[len-1]==';F';)) wsprintf(Type,MimeType,"application","pdf"); else if( (filename[len-3]==';s';&&filename[len-2]==';w';&&filename[len-1]==';f';)||\ (filename[len-3]==';S';&&filename[len-2]==';W';&&filename[len-1]==';F';)||\ (filename[len-3]==';c';&&filename[len-2]==';a';&&filename[len-1]==';b';)||\ (filename[len-3]==';C';&&filename[len-2]==';A';&&filename[len-1]==';B';)) wsprintf(Type,MimeType,"application","x-shockwave-flash"); else if( (filename[len-3]==';d';&&filename[len-2]==';o';&&filename[len-1]==';c';)||\ (filename[len-3]==';D';&&filename[len-2]==';O';&&filename[len-1]==';C';)||\ (filename[len-3]==';d';&&filename[len-2]==';o';&&filename[len-1]==';t';)||\ (filename[len-3]==';D';&&filename[len-2]==';O';&&filename[len-1]==';T';)) wsprintf(Type,MimeType,"application","msword"); else if( (filename[len-3]==';h';&&filename[len-2]==';l';&&filename[len-1]==';p';)||\ (filename[len-3]==';H';&&filename[len-2]==';L';&&filename[len-1]==';P';)||\ (filename[len-3]==';c';&&filename[len-2]==';h';&&filename[len-1]==';m';)||\ (filename[len-3]==';C';&&filename[len-2]==';H';&&filename[len-1]==';M';)) wsprintf(Type,MimeType,"application","mshelp"); else if( (filename[len-3]==';x';&&filename[len-2]==';l';&&filename[len-1]==';s';)||\ (filename[len-3]==';X';&&filename[len-2]==';L';&&filename[len-1]==';S';)||\ (filename[len-3]==';x';&&filename[len-2]==';l';&&filename[len-1]==';a';)||\ (filename[len-3]==';X';&&filename[len-2]==';L';&&filename[len-1]==';A';)) wsprintf(Type,MimeType,"application","msexcel"); else if( (filename[len-3]==';p';&&filename[len-2]==';p';&&filename[len-1]==';t';)||\ (filename[len-3]==';P';&&filename[len-2]==';P';&&filename[len-1]==';T';)||\ (filename[len-3]==';p';&&filename[len-2]==';p';&&filename[len-1]==';z';)||\ (filename[len-3]==';P';&&filename[len-2]==';P';&&filename[len-1]==';T';)||\ (filename[len-3]==';p';&&filename[len-2]==';p';&&filename[len-1]==';s';)||\ (filename[len-3]==';P';&&filename[len-2]==';P';&&filename[len-1]==';S';)||\ (filename[len-3]==';p';&&filename[len-2]==';o';&&filename[len-1]==';t';)||\ (filename[len-3]==';P';&&filename[len-2]==';O';&&filename[len-1]==';T';)) wsprintf(Type,MimeType,"application","mspowerpoint"); else if( (filename[len-3]==';b';&&filename[len-2]==';i';&&filename[len-1]==';n';)||\ (filename[len-3]==';B';&&filename[len-2]==';I';&&filename[len-1]==';N';)||\ (filename[len-3]==';e';&&filename[len-2]==';x';&&filename[len-1]==';e';)||\ (filename[len-3]==';E';&&filename[len-2]==';X';&&filename[len-1]==';E';)||\ (filename[len-3]==';c';&&filename[len-2]==';o';&&filename[len-1]==';m';)||\ (filename[len-3]==';C';&&filename[len-2]==';O';&&filename[len-1]==';M';)||\ (filename[len-3]==';d';&&filename[len-2]==';l';&&filename[len-1]==';l';)||\ (filename[len-3]==';D';&&filename[len-2]==';L';&&filename[len-1]==';L';)||\ (filename[len-5]==';c';&&filename[len-4]==';l';&&filename[len-3]==';a';&&filename[len-2]==';s';&&filename[len-1]==';s';)||\ (filename[len-5]==';C';&&filename[len-4]==';L';&&filename[len-3]==';A';&&filename[len-2]==';S';&&filename[len-1]==';S';)) wsprintf(Type,MimeType,"application","octet-stream"); else if( (filename[len-3]==';a';&&filename[len-2]==';v';&&filename[len-1]==';i';)||\ (filename[len-3]==';A';&&filename[len-2]==';V';&&filename[len-1]==';I';)) wsprintf(Type,MimeType,"video","x-msvideo"); else wsprintf(Type,MimeType,"*","*"); wsprintf(headers, hdrFmt, (const char*)nowtime, i,Type); printf("%s",headers); printf("Time:%s\n%s请求的页面文件：%s.文件大小：%d字节\n",nowtime,inet_ntoa(client[index].sin_addr),filename,i); printf("数据发送中...\n\n"); sendbt=send(acceptsocket[index],headers,strlen(headers),0); printf("%d btyes of header have been sent!\n",sendbt); fseek(fp,0,0); for(i=0;i<=j;i++) {while(c=fgetc(fp),!feof(fp)) {sendfile[k]=c; k++; if(k==1400) {k=0; break; } } printf("socket[%d]:%d\n",index,acceptsocket[index]); if(k==0) {sendbt=send(acceptsocket[index],sendfile,1400,0); printf("%d bytes have been sent!\n"); printf("ERROR:%d\n",WSAGetLastError()); } else {sendbt=send(acceptsocket[index],sendfile,k,0); printf("%d bytes have been sent!\n"); printf("ERROR:%d\n",WSAGetLastError()); } } fclose(fp); closesocket(acceptsocket[index]); printf("\n--------------------------------------------------------------------------------"); return 0; } DWORD WINAPI Thread1() { while(1) {index1=WSAWaitForMultipleEvents(recveventtotal,recveventarray,FALSE,1000,FALSE); if(index1==WSA_WAIT_FAILED||index1==WSA_WAIT_TIMEOUT) {Sleep(1); continue;} WSAResetEvent(recveventarray[index1-WSA_WAIT_EVENT_0]); WSAGetOverlappedResult(acceptsocket[index1-WSA_WAIT_EVENT_0],&recvoverlapped[index1-WSA_WAIT_EVENT_0],&recv2bytes,FALSE,&flags1); if(recv2bytes==0) {printf("\nremote peer closed the socket!\n"); closesocket(acceptsocket[index1-WSA_WAIT_EVENT_0]); Sleep(1); continue; } printf("\nok!\n%s\n",recvbuf[index1-WSA_WAIT_EVENT_0].buf); DWORD temp=index1-WSA_WAIT_EVENT_0; flags1=0; ZeroMemory(&recvoverlapped[index1-WSA_WAIT_EVENT_0],sizeof(WSAOVERLAPPED)); recvoverlapped[index1-WSA_WAIT_EVENT_0].hEvent=recveventarray[index1-WSA_WAIT_EVENT_0]; unsigned long pk=0; ioctlsocket(acceptsocket[index1-WSA_WAIT_EVENT_0],FIONBIO,&pk); printf("socket[%d]:%d\n",index1-WSA_WAIT_EVENT_0,acceptsocket[index1-WSA_WAIT_EVENT_0]); CreateThread( NULL, 0, (LPTHREAD_START_ROUTINE)Thread2, (PVOID)&temp, 0, NULL); } } void main(void) { int werror; WSADATA wsadata; HOSTENT *host; char hostname[128]; char *hostip; struct sockaddr_in ip; struct sockaddr_in serv_listen; SOCKET listensocket; memset(&serv_listen,0,sizeof(struct sockaddr_in)); memset(&client,0,sizeof(struct sockaddr_in)*32); werror=WSAStartup(MAKEWORD(1,1),&wsadata); if(werror!=0) {printf("Load winsock dll failed!\n"); exit(0); } werror=gethostname(hostname,20); if(werror==SOCKET_ERROR) {printf("Get host name error!\n"); exit(0); } host=gethostbyname(hostname); if(host==NULL) {printf("Get host by name failed!\n"); exit(0); } ip.sin_addr.s_addr=inet_addr((char*)(host->h_addr_list[0])); hostip=inet_ntoa(ip.sin_addr); listensocket=socket(PF_INET,SOCK_STREAM,6); if(listensocket==INVALID_SOCKET) {printf("Create listen socket error!\n"); exit(0); } serv_listen.sin_addr.s_addr=inet_addr(hostip); serv_listen.sin_family=AF_INET; serv_listen.sin_port=htons(16881); werror=bind(listensocket,(struct sockaddr*)&serv_listen,sizeof(struct sockaddr)); if(werror==SOCKET_ERROR) {printf("Bind error!\n"); exit(0); } werror=listen(listensocket,5); if(werror==SOCKET_ERROR) {printf("Socket listen error!\n"); exit(0); } CreateThread( NULL, 0, (LPTHREAD_START_ROUTINE)Thread1, NULL, 0, NULL); int clen=sizeof(struct sockaddr); while(1) {acceptsocket[socketindex]=accept(listensocket,(struct sockaddr*)&client[socketindex],&clen); if(socketindex==64) {printf("Socket fulled!\n"); closesocket(acceptsocket[socketindex]); } else if(acceptsocket[socketindex] == INVALID_SOCKET ) {printf("accept failed!\n"); } else { recveventarray[recveventtotal] = WSACreateEvent(); ZeroMemory(&recvoverlapped[recveventtotal],sizeof(WSAOVERLAPPED)); recvoverlapped[recveventtotal].hEvent = recveventarray[recveventtotal]; recvmem[recvmemindex]=(char*)malloc(1024); ZeroMemory(recvmem[recvmemindex],1024); recvbuf[recvmemindex].len = 1024; recvbuf[recvmemindex].buf = recvmem[recvmemindex]; WSARecv(acceptsocket[recvmemindex],&recvbuf[recvmemindex],1,&recv1bytes,&flags1,&recvoverlapped[recveventtotal],NULL); printf("success!\n"); recveventtotal++; recvmemindex++; socketindex++; } } }

#pragma comment(lib,"Ws2_32.lib") #include #include #include #define SIO_RCVALL _WSAIOW(IOC_VENDOR,1) SOCKETTranSock[64]; structsockaddr_in client[64]; DWORDWINAPIRecv_Send_Thread( DWORD* socketindex ); DWORD WINAPI SynFloodDefend(char *temp); DWORD WINAPI SendRstThread(); void main( void ) { DWORDwerror; WSADATA wsadata; SOCKETlistensocket; HOSTENT *host; structsockaddr_in serv_listen; charhostname[128]; DWORD index=0; DWORD indextemp[64]; char * myip; intclen = sizeof(struct sockaddr); memset( &serv_listen , 0 , clen ); memset( &client ,0 , clen * 64 ); werror = WSAStartup( MAKEWORD(2,2) , &wsadata ); if( werror != 0 ) {printf("Load winsock dll failed!\n"); exit(0); } werror = gethostname( hostname , 20 ); if( werror == SOCKET_ERROR ) {printf( "Get host name error!\n" ); exit(0); } host=gethostbyname( hostname ); if( host == NULL ) {printf( "Get host by name failed!\n" ); exit(0); } listensocket = socket( AF_INET , SOCK_STREAM , IPPROTO_TCP ); if( listensocket == INVALID_SOCKET ) {printf( "Create listen socket error!\n" ); exit(0); } memcpy(&(serv_listen.sin_addr),host->h_addr,host->h_length); serv_listen.sin_family = AF_INET; serv_listen.sin_port = htons(16881); myip = inet_ntoa(serv_listen.sin_addr); werror=bind( listensocket , (struct sockaddr*)&serv_listen , clen); if( werror == SOCKET_ERROR ) {printf( "Bind error!\n" ); exit(0); } werror = listen( listensocket , 5 ); if( werror == SOCKET_ERROR ) {printf( " Socket listen error!\n" ); exit(0); } CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)SynFloodDefend, (PVOID)myip, 0, NULL ); while(1) {if( index == 64 ) index = 0; while( (TranSock[index] !=0xcccccccc) && (TranSock[index] !=-1) && (TranSock[index] !=0) ) { index++; if( index == 64 ) index = 0; } TranSock[index] = accept( listensocket , ( struct sockaddr * )&client[index] , &clen ); if( TranSock[index] == INVALID_SOCKET ) { printf( "Socket Accept Error: %d \n" , WSAGetLastError() ); closesocket( TranSock[index] ); TranSock[index] = 0; continue; } indextemp[index] = index; CreateThread( NULL, 0, (LPTHREAD_START_ROUTINE)Recv_Send_Thread, (PVOID)&indextemp[index], 0, NULL ); index++; } } DWORD WINAPI Recv_Send_Thread( DWORD* pindex ) { charrecvmem[1024]; charTimeFmr[] = "%d,%d/%d/%d %d:%d:%d GMT"; char MimeType[]="%s/%s"; char outtime[50]; charType[40]; longtimenow; structtm *currenttime; DWORDsocketindex = *( (DWORD *)pindex ); interrorcode = 0; DWORDsendbt=0; char headers[500]; charhdrFmt[]= "HTTP/1.0 200 OK\r\n" "Server: KIKI';s Web Server\r\n" "Date: %s\r\n" "Accept-Ranges: bytes\r\n" "Content-Length: %d\r\n" "Content-Type: %s\r\n\r\n"; memset( recvmem , 0 ,1024 ); errorcode = recv( TranSock[socketindex] , recvmem , 1024 , 0 ); if( errorcode == SOCKET_ERROR || errorcode == 0 ) {printf( "Recv Error: %d\n" , WSAGetLastError() ); printf("--------------------------------------------------------------------------------"); closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; return -1; } timenow = time( NULL ); currenttime = localtime( &timenow ); wsprintf( outtime , TimeFmr , currenttime->tm_wday , currenttime->tm_mday , ((currenttime->tm_mon)+1) , ((currenttime->tm_year)-100) , currenttime->tm_hour , currenttime->tm_min , currenttime->tm_sec ); printf( "%s\n" , recvmem ); FILE*fp; charsendfile[1400]; charfilename[50] = "index.htm"; chartempname[10] = "index.htm"; inti = 0; intj = 0; intk = 0; intlen; unsigned char c; memset( sendfile , 0 , 1400 ); strcpy( filename , tempname ); if( recvmem[5]!=32 ) { memset(filename,0,50); for(i=5;recvmem!=32;i++) filename[i-5]=recvmem; } fp = fopen( filename , "rb" ); if( fp == NULL ) {printf( "%s open file: %s error!\n" , inet_ntoa( client[socketindex].sin_addr ) , filename ); printf( "--------------------------------------------------------------------------------" ); closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; return -1; } for( i=0 ; i<50 ; i++ ) if( (filename==';:';) || (filename==';*';) || (filename==';%';) ) {printf( "Time:%s\n%s企图请求的页面文件：%s.文件大小：%d字节\n\n" , outtime , inet_ntoa(client[socketindex].sin_addr) , filename , i ); printf("\n--------------------------------------------------------------------------------"); closesocket(TranSock[socketindex]); TranSock[socketindex] = 0; return -1; } k = 0; i = 0; while( c=fgetc(fp) , !feof(fp) ) i++; j = i / 1400; len = strlen( filename ); if((filename[len-3]==';h';&&filename[len-2]==';t';&&filename[len-1]==';m';)||\ (filename[len-3]==';H';&&filename[len-2]==';T';&&filename[len-1]==';M';)||\ (filename[len-4]==';h';&&filename[len-3]==';t';&&filename[len-2]==';m';&&filename[len-1]==';l';)||\ (filename[len-4]==';H';&&filename[len-3]==';T';&&filename[len-2]==';M';&&filename[len-1]==';L';)||\ (filename[len-5]==';s';&&filename[len-4]==';h';&&filename[len-3]==';t';&&filename[len-2]==';m';&&filename[len-1]==';l';)||\ (filename[len-5]==';S';&&filename[len-4]==';H';&&filename[len-3]==';T';&&filename[len-2]==';M';&&filename[len-1]==';L';)) wsprintf(Type,MimeType,"text","html"); else if( (filename[len-3]==';j';&&filename[len-2]==';p';&&filename[len-1]==';g';)||\ (filename[len-3]==';J';&&filename[len-2]==';P';&&filename[len-1]==';G';)||\ (filename[len-3]==';j';&&filename[len-2]==';p';&&filename[len-1]==';e';)||\ (filename[len-3]==';J';&&filename[len-2]==';P';&&filename[len-1]==';E';)||\ (filename[len-4]==';j';&&filename[len-3]==';p';&&filename[len-2]==';e';&&filename[len-1]==';g';)||\ (filename[len-4]==';J';&&filename[len-3]==';P';&&filename[len-2]==';E';&&filename[len-1]==';G';)) wsprintf(Type,MimeType,"image","jpeg"); else if( (filename[len-3]==';g';&&filename[len-2]==';i';&&filename[len-1]==';f';)||\ (filename[len-3]==';G';&&filename[len-2]==';I';&&filename[len-1]==';F';)) wsprintf(Type,MimeType,"image","gif"); else if( (filename[len-3]==';c';&&filename[len-2]==';s';&&filename[len-1]==';s';)||\ (filename[len-3]==';C';&&filename[len-2]==';S';&&filename[len-1]==';S';)) wsprintf(Type,MimeType,"text","css"); else if( (filename[len-3]==';t';&&filename[len-2]==';x';&&filename[len-1]==';t';)||\ (filename[len-3]==';T';&&filename[len-2]==';X';&&filename[len-1]==';T';)) wsprintf(Type,MimeType,"text","plain"); else if( (filename[len-3]==';p';&&filename[len-2]==';d';&&filename[len-1]==';f';)||\ (filename[len-3]==';P';&&filename[len-2]==';D';&&filename[len-1]==';F';)) wsprintf(Type,MimeType,"application","pdf"); else if( (filename[len-3]==';s';&&filename[len-2]==';w';&&filename[len-1]==';f';)||\ (filename[len-3]==';S';&&filename[len-2]==';W';&&filename[len-1]==';F';)||\ (filename[len-3]==';c';&&filename[len-2]==';a';&&filename[len-1]==';b';)||\ (filename[len-3]==';C';&&filename[len-2]==';A';&&filename[len-1]==';B';)) wsprintf(Type,MimeType,"application","x-shockwave-flash"); else if( (filename[len-3]==';d';&&filename[len-2]==';o';&&filename[len-1]==';c';)||\ (filename[len-3]==';D';&&filename[len-2]==';O';&&filename[len-1]==';C';)||\ (filename[len-3]==';d';&&filename[len-2]==';o';&&filename[len-1]==';t';)||\ (filename[len-3]==';D';&&filename[len-2]==';O';&&filename[len-1]==';T';)) wsprintf(Type,MimeType,"application","msword"); else if( (filename[len-3]==';h';&&filename[len-2]==';l';&&filename[len-1]==';p';)||\ (filename[len-3]==';H';&&filename[len-2]==';L';&&filename[len-1]==';P';)||\ (filename[len-3]==';c';&&filename[len-2]==';h';&&filename[len-1]==';m';)||\ (filename[len-3]==';C';&&filename[len-2]==';H';&&filename[len-1]==';M';)) wsprintf(Type,MimeType,"application","mshelp"); else if( (filename[len-3]==';x';&&filename[len-2]==';l';&&filename[len-1]==';s';)||\ (filename[len-3]==';X';&&filename[len-2]==';L';&&filename[len-1]==';S';)||\ (filename[len-3]==';x';&&filename[len-2]==';l';&&filename[len-1]==';a';)||\ (filename[len-3]==';X';&&filename[len-2]==';L';&&filename[len-1]==';A';)) wsprintf(Type,MimeType,"application","msexcel"); else if( (filename[len-3]==';p';&&filename[len-2]==';p';&&filename[len-1]==';t';)||\ (filename[len-3]==';P';&&filename[len-2]==';P';&&filename[len-1]==';T';)||\ (filename[len-3]==';p';&&filename[len-2]==';p';&&filename[len-1]==';z';)||\ (filename[len-3]==';P';&&filename[len-2]==';P';&&filename[len-1]==';T';)||\ (filename[len-3]==';p';&&filename[len-2]==';p';&&filename[len-1]==';s';)||\ (filename[len-3]==';P';&&filename[len-2]==';P';&&filename[len-1]==';S';)||\ (filename[len-3]==';p';&&filename[len-2]==';o';&&filename[len-1]==';t';)||\ (filename[len-3]==';P';&&filename[len-2]==';O';&&filename[len-1]==';T';)) wsprintf(Type,MimeType,"application","mspowerpoint"); else if( (filename[len-3]==';b';&&filename[len-2]==';i';&&filename[len-1]==';n';)||\ (filename[len-3]==';B';&&filename[len-2]==';I';&&filename[len-1]==';N';)||\ (filename[len-3]==';e';&&filename[len-2]==';x';&&filename[len-1]==';e';)||\ (filename[len-3]==';E';&&filename[len-2]==';X';&&filename[len-1]==';E';)||\ (filename[len-3]==';c';&&filename[len-2]==';o';&&filename[len-1]==';m';)||\ (filename[len-3]==';C';&&filename[len-2]==';O';&&filename[len-1]==';M';)||\ (filename[len-3]==';d';&&filename[len-2]==';l';&&filename[len-1]==';l';)||\ (filename[len-3]==';D';&&filename[len-2]==';L';&&filename[len-1]==';L';)||\ (filename[len-5]==';c';&&filename[len-4]==';l';&&filename[len-3]==';a';&&filename[len-2]==';s';&&filename[len-1]==';s';)||\ (filename[len-5]==';C';&&filename[len-4]==';L';&&filename[len-3]==';A';&&filename[len-2]==';S';&&filename[len-1]==';S';)) wsprintf(Type,MimeType,"application","octet-stream"); else if( (filename[len-3]==';a';&&filename[len-2]==';v';&&filename[len-1]==';i';)||\ (filename[len-3]==';A';&&filename[len-2]==';V';&&filename[len-1]==';I';)) wsprintf(Type,MimeType,"video","x-msvideo"); else wsprintf(Type,MimeType,"*","*"); wsprintf(headers, hdrFmt, (const char*)outtime, i ,Type); printf( "Time:%s\n%s企图请求的页面文件：%s . 使用的套接字ID:Socket[%d]\n" , outtime , inet_ntoa(client[socketindex].sin_addr) , filename, socketindex ); sendbt = send( TranSock[socketindex] , headers , strlen(headers) , 0 ); fseek( fp , 0 , 0 ); for( i=0 ; i<=j ; i++ ) {while( c = fgetc(fp) , !feof(fp) ) {sendfile[k] = c; k++; if( k == 1400 ) {k=0; break; } } if( k == 0 ) {sendbt = send( TranSock[socketindex] , sendfile , 1400 , 0 ); } else {sendbt = send( TranSock[socketindex] , sendfile , k , 0 ); } } printf( "Socket[%d]数据传输完毕!\n\n" , socketindex ); fclose(fp); closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; return 0; } //****************************************************************** //使用原始套接字实现监听的线程,传递的参数为指向本机ip的字符指针 //****************************************************************** DWORD WINAPI SynFloodDefend( char*temp ) {SOCKETSnifferSocket; structsockaddr_in sa; charsniffmem[50]; inti = 0; DWORD flag=0; char MyIpFmr[]="%d.%d.%d.%d"; char MyIp[15]; flag = SnifferSocket = socket(AF_INET,SOCK_RAW,IPPROTO_IP); if ( flag == INVALID_SOCKET ) {printf( "socket error!\n" ); return -1; } memset(&sa , 0 , sizeof (struct sockaddr_in) ); sa.sin_addr.s_addr = inet_addr((char*)temp); sa.sin_family = AF_INET; sa.sin_port = htons(7000); flag = bind(SnifferSocket , (struct sockaddr *)&sa , sizeof(sa) ) ; if( flag == SOCKET_ERROR ) {printf( "Bind error!\n" ); return -1; } DWORD outbuf[10]; DWORD contrlflag = 1 ; DWORD dwBytesReturned = 0 ; flag = WSAIoctl( SnifferSocket, SIO_RCVALL, &contrlflag, sizeof(contrlflag), &outbuf, sizeof( outbuf ), &dwBytesReturned , NULL , NULL ); if( flag == SOCKET_ERROR ) { printf( "WSAIoctl Error!%d\n" , WSAGetLastError() ); return -1; } printf("Set OK!\n"); char ProType[15]; char ProFmr[] = "%s(%d)"; char Pro0[] = "IP"; char Pro1[] = "ICMP"; char Pro2[] = "IGMP"; char Pro6[] = "TCP"; char Pro17[] = "UDP"; char Pro255[]= "RAW"; char IpFmr[]= "%d.%d.%d.%d:%d"; char sourceip[25]; char destip[25]; unsigned short int sourceport=0; unsigned short int destport=0; while(TRUE) {memset(sniffmem,0,50); memset(ProType,0,15); memset(sourceip,0,25); memset(destip,0,25); memset(MyIp,0,15); recv( SnifferSocket , sniffmem , sizeof(sniffmem) , 0 ) ; wsprintf( MyIp , MyIpFmr ,(unsigned char)sniffmem[16], (unsigned char)sniffmem[17], (unsigned char)sniffmem[18], (unsigned char)sniffmem[19]); if(inet_addr((char*)temp) != inet_addr(MyIp) ) continue; else { sourceport = (unsigned char)sniffmem[20]; sourceport *= 0x100; sourceport += (unsigned char)sniffmem[21]; destport = (unsigned char)sniffmem[22]; destport *= 0x100; destport += (unsigned char)sniffmem[23]; wsprintf(sourceip,IpFmr,(unsigned char)sniffmem[12] , (unsigned char)sniffmem[13], (unsigned char)sniffmem[14],(unsigned char)sniffmem[15], sourceport); wsprintf(destip,IpFmr, (unsigned char)sniffmem[12+4] , (unsigned char)sniffmem[13+4], (unsigned char)sniffmem[14+4],(unsigned char)sniffmem[15+4], destport); printf("%s\t--->\t%s\n",sourceip,destip); if(sniffmem[9] == 6) wsprintf( ProType , ProFmr , Pro6 , 6 ); else if(sniffmem[9] == 17) wsprintf( ProType , ProFmr , Pro17 , 17 ); else if(sniffmem[9] == 1) wsprintf( ProType , ProFmr , Pro1 , 1 ); else if(sniffmem[9] == 0) wsprintf( ProType , ProFmr , Pro0 , 0 ); else if(sniffmem[9] == 255) wsprintf( ProType , ProFmr , Pro255 , 255 ); else if(sniffmem[9] == 2) wsprintf( ProType , ProFmr , Pro2 , 2 ); else wsprintf( ProType , ProFmr , "Unknown" , sniffmem[9] ); printf("协议类型: %s\n",ProType); if( (unsigned char)sniffmem[33] == 18 ) printf( "这是一个SYN包!\n" ); printf("\n"); } } closesocket(SnifferSocket); return 0; }

[这个贴子最后由x86在 2005/11/17 09:32pm 第 1 次编辑] 完成了多线程下载部分... == 18 ) {printf( "一个SYN包!\n" ); dwResult = WaitForSingleObject(WriteEvent,1000); if(dwResult == WAIT_TIMEOUT ) continue; ResetEvent(ReadEvent); fence->next = (struct SynInfo*)malloc(sizeof(struct SynInfo)); fence = fence->next; fence->ip = inet_addr(sourceip); fence->arrivetickcount = CurrentTickCount + WaitTime; fence->next = NULL; InterlockedIncrement(&SynLinkTotal); //SynLinkTotal++ printf("+1\n"); printf("%d\n",SynLinkTotal); SetEvent(ReadEvent); } printf("\n"); } } closesocket(SnifferSocket); return 0; }

#pragma comment(lib,"Ws2_32.lib") #include #include #include #define SIO_RCVALL _WSAIOW(IOC_VENDOR,1) SOCKETTranSock[64]; structsockaddr_in client[64]; struct _SYSTEMTIME currenttime; DWORD CurrentTickCount = 0; long SynLinkTotal = 0; struct SynInfo{ unsigned long ip; DWORD arrivetickcount; struct SynInfo * next; }; char respondfilename[20] = "message.htm"; struct SynInfo *head; struct SynInfo *tail; struct SynInfo *fence; int WaitTime = 600; HANDLE ReadEvent = CreateEvent(NULL,TRUE,FALSE,NULL) ; HANDLE WriteEvent = CreateEvent(NULL,TRUE,FALSE,NULL); DWORDWINAPIRecv_Send_Thread( DWORD* socketindex ); DWORD WINAPI SynFloodDefend(char *temp); DWORD WINAPI SendRstThread(); DWORD WINAPI CheckLinkThread() { DWORD dwResult=0; struct SynInfo *temp , *temptofree; while(TRUE) { temp = head; dwResult = WaitForSingleObject(ReadEvent,1000); if(dwResult == WAIT_TIMEOUT ) continue; ResetEvent(WriteEvent); while( temp->next != NULL) { if(CurrentTickCount >= temp->next->arrivetickcount) {temptofree = temp->next; temp->next = temptofree->next; free(temptofree); InterlockedDecrement(&SynLinkTotal);//SynLinkTotal-- printf("-1\n"); printf("%d\n",SynLinkTotal); } temp = temp->next; } SetEvent(WriteEvent); ResetEvent(ReadEvent); Sleep(1); } return 0; } DWORD WINAPI GetTime() { while(TRUE) {GetLocalTime(¤ttime); CurrentTickCount = GetTickCount(); Sleep(1); } } void main( void ) { DWORDwerror; WSADATA wsadata; SOCKETlistensocket; HOSTENT *host; structsockaddr_in serv_listen; charhostname[128]; DWORD index = 0; DWORD indextemp[64]; char * myip; intclen = sizeof(struct sockaddr); memset( &serv_listen , 0 , clen ); memset( &client ,0 , clen * 64 ); werror = WSAStartup( MAKEWORD(2,2) , &wsadata ); if( werror != 0 ) {printf("Load winsock dll failed!\n"); exit(0); } werror = gethostname( hostname , 20 ); if( werror == SOCKET_ERROR ) {printf( "Get host name error!\n" ); exit(0); } host=gethostbyname( hostname ); if( host == NULL ) {printf( "Get host by name failed!\n" ); exit(0); } listensocket = socket( AF_INET , SOCK_STREAM , IPPROTO_TCP ); if( listensocket == INVALID_SOCKET ) {printf( "Create listen socket error!\n" ); exit(0); } memcpy(&(serv_listen.sin_addr),host->h_addr,host->h_length); serv_listen.sin_family = AF_INET; serv_listen.sin_port = htons(81); myip = inet_ntoa(serv_listen.sin_addr); werror=bind( listensocket , (struct sockaddr*)&serv_listen , clen); if( werror == SOCKET_ERROR ) {printf( "Bind error!\n" ); exit(0); } werror = listen( listensocket , 5 ); if( werror == SOCKET_ERROR ) {printf( " Socket listen error!\n" ); exit(0); } CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)GetTime, NULL, 0, NULL ); head = (struct SynInfo*)malloc(sizeof(struct SynInfo)); head->arrivetickcount = 0xffffffff; head->ip = 0xffffffff; head->next = NULL; fence = head; CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)CheckLinkThread, NULL, 0, NULL ); CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)SynFloodDefend, (PVOID)myip, 0, NULL ); while(1) {if( index == 64 ) index = 0; while( (TranSock[index] !=0xcccccccc) && (TranSock[index] !=-1) && (TranSock[index] !=0) ) { index++; if( index == 64 ) index = 0; } TranSock[index] = accept( listensocket , ( struct sockaddr * )&client[index] , &clen ); if( TranSock[index] == INVALID_SOCKET ) { printf( "Socket Accept Error: %d \n" , WSAGetLastError() ); closesocket( TranSock[index] ); TranSock[index] = 0; continue; } indextemp[index] = index; CreateThread( NULL, 0, (LPTHREAD_START_ROUTINE)Recv_Send_Thread, (PVOID)&indextemp[index], 0, NULL ); index++; } } DWORD WINAPI Recv_Send_Thread( DWORD* pindex ) { CHARrecvmem[2048]; char userid[256]; char message[2048]; charTimeFmr[] = "%d,%d/%d/%d %d:%d:%d GMT"; char MimeType[]="%s/%s"; char outtime[50]; charType[40]; HANDLEfp; DWORDsocketindex = *( (DWORD *)pindex ); interrorcode = 0; DWORDsendbt=0; char headers[500]; charhdrFmtNor[]= "HTTP/1.0 200 OK\r\n" "Server: KIKI';s Web Server\r\n" "Date: %s\r\n" "Accept-Ranges: bytes\r\n" "Content-Length: %d\r\n" "Content-Type: %s\r\n\r\n"; charhdrFmtDown[]= "HTTP/1.0 206 Partial content\r\n" "Server: KIKI';s Web Server\r\n" "Date: %s\r\n" "Accept-Ranges: bytes\r\n" "Content-Length: %d\r\n" "Content-Type: %s\r\n\r\n"; memset( recvmem , 0 ,2048 ); errorcode = recv( TranSock[socketindex] , recvmem , 2048 , 0 ); if ( errorcode == SOCKET_ERROR || errorcode == 0 ) {printf( "Recv Error: %d\n" , WSAGetLastError() ); closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; return -1; } wsprintf( outtime , TimeFmr , currenttime.wDayOfWeek, currenttime.wDay, currenttime.wMonth , currenttime.wYear , currenttime.wHour , currenttime.wMinute , currenttime.wSecond); DWORDi = 0; DWORD j = 0; int readflag=0,writeflag=0; for(i=0;i<2048;i++) printf( "%x " , recvmem ); printf("\n"); printf("%s\n",recvmem); if(strlen(recvmem) < 5 ||strlen(recvmem) >=2048 ) { printf("这是一组恶意数据\n\n"); closesocket(TranSock[socketindex]); TranSock[socketindex] = 0; return -1; } if((recvmem[0] == ';G'; ) && (recvmem[1] == ';E'; ) && (recvmem[2] == ';T'; ) && (recvmem[3] == '; '; ) && (recvmem[4] == ';/'; )) {readflag = 1;} else if(recvmem[0] == ';P'; && recvmem[1] == ';O'; && recvmem[2] == ';S'; && recvmem[3] == ';T'; && recvmem[4] == '; '; && recvmem[5] == ';/'; && recvmem[6] == ';m'; && recvmem[7] == ';e'; && recvmem[8] == ';s'; && recvmem[9] == ';s'; && recvmem[10] == ';a'; && recvmem[11] == ';g'; && recvmem[12] == ';e'; && recvmem[13] == '; '; ) {writeflag = 1;} else { printf("这是一组恶意数据\n\n"); closesocket(TranSock[socketindex]); TranSock[socketindex] = 0; return -1; } if(readflag) { charsendfile[1400]; charfilename[50] = "index.htm"; chartempname[10] = "index.htm"; DWORDdwRead = 0; intlen; memset( sendfile , 0 , 1400 ); strcpy( filename , tempname ); if( recvmem[5]!=32 ) { memset(filename,0,50); for(i=5;recvmem!=32;i++) filename[i-5]=recvmem; } for( i=0 ; i<50 ; i++ ) if( (filename==';:';) || (filename==';*';) || (filename==';%';) ) {printf( "Time:%s\n%s企图请求的页面文件：%s.\n\n" , outtime , inet_ntoa(client[socketindex].sin_addr) , filename ); printf("\n--------------------------------------" "------------------------------------------"); closesocket(TranSock[socketindex]); TranSock[socketindex] = 0; return -1; } i=0; DWORD start; char size[32]; memset(size,0,32); while(i != 1024) {if(recvmem == ';=';) {i++; while(recvmem!=';-';) {size[j] = recvmem; i++; j++; } break; } else i++; } if(size[0] == 0) start = 0; else start = atol(size); printf("range:%d\n",start); fp = CreateFile(filename, GENERIC_READ, FILE_SHARE_READ, (LPSECURITY_ATTRIBUTES)NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL); if( fp == INVALID_HANDLE_VALUE ) {printf( "%s open file: %s error!\n" , inet_ntoa( client[socketindex].sin_addr ) , filename ); printf( "--------------------------------------------------------------------------------" ); closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; return -1; } i = GetFileSize(fp,NULL); j = i / 1400; len = strlen( filename ); if((filename[len-3]==';h';&&filename[len-2]==';t';&&filename[len-1]==';m';)||\ (filename[len-3]==';H';&&filename[len-2]==';T';&&filename[len-1]==';M';)||\ (filename[len-4]==';h';&&filename[len-3]==';t';&&filename[len-2]==';m';&&filename[len-1]==';l';)||\ (filename[len-4]==';H';&&filename[len-3]==';T';&&filename[len-2]==';M';&&filename[len-1]==';L';)||\ (filename[len-5]==';s';&&filename[len-4]==';h';&&filename[len-3]==';t';&&filename[len-2]==';m';&&filename[len-1]==';l';)||\ (filename[len-5]==';S';&&filename[len-4]==';H';&&filename[len-3]==';T';&&filename[len-2]==';M';&&filename[len-1]==';L';)) wsprintf(Type,MimeType,"text","html"); else if( (filename[len-3]==';j';&&filename[len-2]==';p';&&filename[len-1]==';g';)||\ (filename[len-3]==';J';&&filename[len-2]==';P';&&filename[len-1]==';G';)||\ (filename[len-3]==';j';&&filename[len-2]==';p';&&filename[len-1]==';e';)||\ (filename[len-3]==';J';&&filename[len-2]==';P';&&filename[len-1]==';E';)||\ (filename[len-4]==';j';&&filename[len-3]==';p';&&filename[len-2]==';e';&&filename[len-1]==';g';)||\ (filename[len-4]==';J';&&filename[len-3]==';P';&&filename[len-2]==';E';&&filename[len-1]==';G';)) wsprintf(Type,MimeType,"image","jpeg"); else if( (filename[len-3]==';g';&&filename[len-2]==';i';&&filename[len-1]==';f';)||\ (filename[len-3]==';G';&&filename[len-2]==';I';&&filename[len-1]==';F';)) wsprintf(Type,MimeType,"image","gif"); else if( (filename[len-3]==';c';&&filename[len-2]==';s';&&filename[len-1]==';s';)||\ (filename[len-3]==';C';&&filename[len-2]==';S';&&filename[len-1]==';S';)) wsprintf(Type,MimeType,"text","css"); else if( (filename[len-3]==';t';&&filename[len-2]==';x';&&filename[len-1]==';t';)||\ (filename[len-3]==';T';&&filename[len-2]==';X';&&filename[len-1]==';T';)) wsprintf(Type,MimeType,"text","plain"); else if( (filename[len-3]==';p';&&filename[len-2]==';d';&&filename[len-1]==';f';)||\ (filename[len-3]==';P';&&filename[len-2]==';D';&&filename[len-1]==';F';)) wsprintf(Type,MimeType,"application","pdf"); else if( (filename[len-3]==';s';&&filename[len-2]==';w';&&filename[len-1]==';f';)||\ (filename[len-3]==';S';&&filename[len-2]==';W';&&filename[len-1]==';F';)||\ (filename[len-3]==';c';&&filename[len-2]==';a';&&filename[len-1]==';b';)||\ (filename[len-3]==';C';&&filename[len-2]==';A';&&filename[len-1]==';B';)) wsprintf(Type,MimeType,"application","x-shockwave-flash"); else if( (filename[len-3]==';d';&&filename[len-2]==';o';&&filename[len-1]==';c';)||\ (filename[len-3]==';D';&&filename[len-2]==';O';&&filename[len-1]==';C';)||\ (filename[len-3]==';d';&&filename[len-2]==';o';&&filename[len-1]==';t';)||\ (filename[len-3]==';D';&&filename[len-2]==';O';&&filename[len-1]==';T';)) wsprintf(Type,MimeType,"application","msword"); else if( (filename[len-3]==';h';&&filename[len-2]==';l';&&filename[len-1]==';p';)||\ (filename[len-3]==';H';&&filename[len-2]==';L';&&filename[len-1]==';P';)||\ (filename[len-3]==';c';&&filename[len-2]==';h';&&filename[len-1]==';m';)||\ (filename[len-3]==';C';&&filename[len-2]==';H';&&filename[len-1]==';M';)) wsprintf(Type,MimeType,"application","mshelp"); else if( (filename[len-3]==';x';&&filename[len-2]==';l';&&filename[len-1]==';s';)||\ (filename[len-3]==';X';&&filename[len-2]==';L';&&filename[len-1]==';S';)||\ (filename[len-3]==';x';&&filename[len-2]==';l';&&filename[len-1]==';a';)||\ (filename[len-3]==';X';&&filename[len-2]==';L';&&filename[len-1]==';A';)) wsprintf(Type,MimeType,"application","msexcel"); else if( (filename[len-3]==';p';&&filename[len-2]==';p';&&filename[len-1]==';t';)||\ (filename[len-3]==';P';&&filename[len-2]==';P';&&filename[len-1]==';T';)||\ (filename[len-3]==';p';&&filename[len-2]==';p';&&filename[len-1]==';z';)||\ (filename[len-3]==';P';&&filename[len-2]==';P';&&filename[len-1]==';T';)||\ (filename[len-3]==';p';&&filename[len-2]==';p';&&filename[len-1]==';s';)||\ (filename[len-3]==';P';&&filename[len-2]==';P';&&filename[len-1]==';S';)||\ (filename[len-3]==';p';&&filename[len-2]==';o';&&filename[len-1]==';t';)||\ (filename[len-3]==';P';&&filename[len-2]==';O';&&filename[len-1]==';T';)) wsprintf(Type,MimeType,"application","mspowerpoint"); else if( (filename[len-3]==';b';&&filename[len-2]==';i';&&filename[len-1]==';n';)||\ (filename[len-3]==';B';&&filename[len-2]==';I';&&filename[len-1]==';N';)||\ (filename[len-3]==';e';&&filename[len-2]==';x';&&filename[len-1]==';e';)||\ (filename[len-3]==';E';&&filename[len-2]==';X';&&filename[len-1]==';E';)||\ (filename[len-3]==';c';&&filename[len-2]==';o';&&filename[len-1]==';m';)||\ (filename[len-3]==';C';&&filename[len-2]==';O';&&filename[len-1]==';M';)||\ (filename[len-3]==';d';&&filename[len-2]==';l';&&filename[len-1]==';l';)||\ (filename[len-3]==';D';&&filename[len-2]==';L';&&filename[len-1]==';L';)||\ (filename[len-5]==';c';&&filename[len-4]==';l';&&filename[len-3]==';a';&&filename[len-2]==';s';&&filename[len-1]==';s';)||\ (filename[len-5]==';C';&&filename[len-4]==';L';&&filename[len-3]==';A';&&filename[len-2]==';S';&&filename[len-1]==';S';)) wsprintf(Type,MimeType,"application","octet-stream"); else if( (filename[len-3]==';a';&&filename[len-2]==';v';&&filename[len-1]==';i';)||\ (filename[len-3]==';A';&&filename[len-2]==';V';&&filename[len-1]==';I';)) wsprintf(Type,MimeType,"video","x-msvideo"); else wsprintf(Type,MimeType,"*","*"); if(start == 0) wsprintf(headers, hdrFmtNor, (const char*)outtime, i ,Type); else wsprintf(headers, hdrFmtDown, (const char*)outtime, i-start ,Type); printf( "Time:%s\n%s企图请求的页面文件：%s . 使用的套接字ID:Socket[%d]\n" , outtime , inet_ntoa(client[socketindex].sin_addr) , filename, socketindex ); sendbt = send( TranSock[socketindex] , headers , strlen(headers) , 0 ); if(-1 == SetFilePointer(fp,start,NULL,FILE_BEGIN)) {printf("SetFilePointer Error :%d\n",GetLastError()); closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; CloseHandle(fp); return -1; } do{ BOOL fRead = ReadFile(fp, sendfile, 1400, &dwRead, NULL); if(fRead == FALSE) {printf("读取文件错误!文件名:%s\n" , filename); closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; CloseHandle(fp); return -1; } else if(fRead && dwRead) {sendbt = send( TranSock[socketindex] , sendfile , 1400 , 0 ); if( sendbt == SOCKET_ERROR ) {printf("Send Error:%d!\n",GetLastError()); closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; CloseHandle(fp); return -1; } memset(sendfile , 0 , 1400); } else { sendbt = send( TranSock[socketindex] , sendfile , j , 0 ); if( sendbt == SOCKET_ERROR ) {printf("Send Error:%d!\n",GetLastError()); closesocket( TranSock[socketindex] ); CloseHandle(fp); TranSock[socketindex] = 0; return -1; } } }while(dwRead == 1400); printf( "Socket[%d]数据传输完毕!\n\n" , socketindex ); CloseHandle(fp); closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; } //+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ //+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ else if(writeflag) {memset(userid,0,256); memset(message,0,2048); int recvlen = strlen(recvmem); char contentlen_str[5]; memset(contentlen_str,0,5); for(i=0;i<1000;i++) {if((recvmem[i+0] == ';C';)&& (recvmem[i+1] == ';o';)&& (recvmem[i+2] == ';n';)&& (recvmem[i+3] == ';t';)&& (recvmem[i+4] == ';e';)&& (recvmem[i+5] == ';n';)&& (recvmem[i+6] == ';t';)&& (recvmem[i+7] == ';-';)&& (recvmem[i+8] == ';L';)&& (recvmem[i+9] == ';e';)&& (recvmem[i+10] == ';n';)&& (recvmem[i+11] == ';g';)&& (recvmem[i+12] == ';t';)&& (recvmem[i+13] == ';h';)&& (recvmem[i+14] == ';:';)) {i += 16; break; } } while((recvmem !=';\r';) && (recvmem[i+1] != ';\n';)) {if((recvmem<0x30) || (recvmem>0x39)) {printf("Content-Length Error:%d%x\n",i,recvmem); closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; return -1; } contentlen_str[j] = recvmem; i++; j++; } DWORD content_length = atol(contentlen_str); if(content_length > 1024 ) {send(TranSock[socketindex],"Too Long!",9,0); closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; return -1; } DWORD content_start = recvlen - (content_length+3); content_start += 8; i = 0; while((recvmem[content_start] != ';&';)&& (i <256)) {userid = recvmem[content_start]; content_start++; i++; } i = 0; content_start += 9; while(i <2048) {if(recvmem[content_start] == ';\r'; || (unsigned char)recvmem[content_start] == 0 ) break; message = recvmem[content_start]; content_start++; i++; } printf("user:%s\nrespond:%s\n",userid,message); char sendout[3072]; unsigned char auserid[128]; unsigned char amessage[1024]; memset(auserid,0,128); memset(amessage,0,1024); char a[2]; DWORD temp1,temp2; j=0; for(i=0;j = (unsigned char)userid[j]; if(auserid == 0x25) {a[0] = userid[j+1]; a[1] = userid[j+2]; if(((unsigned char)a[0]>47)&&((unsigned char)a[0]<58)) temp1=(a[0]-48)*16; else if(((unsigned char)a[0]>64)&&((unsigned char)a[0]<71)) temp1=(a[0]-55)*16; else temp1=0; if((unsigned char)a[1]>47&&(unsigned char)a[1]<58) temp2=(a[1]-48); else if((unsigned char)a[1]>64&&(unsigned char)a[1]<71) temp2=(a[1]-55); else temp2=0; temp1+=temp2; auserid =(unsigned char) temp1; j+=2; } j++; } j=0; for(i=0;j = (unsigned char)message[j]; if(amessage == 0x25) {a[0] = message[j+1]; a[1] = message[j+2]; if(((unsigned char)a[0]>47)&&((unsigned char)a[0]<58)) temp1=(a[0]-48)*16; else if(((unsigned char)a[0]>64)&&((unsigned char)a[0]<71)) temp1=(a[0]-55)*16; else temp1=0; if((unsigned char)a[1]>47&&(unsigned char)a[1]<58) temp2=(a[1]-48); else if((unsigned char)a[1]>64&&(unsigned char)a[1]<71) temp2=(a[1]-55); else temp2=0; temp1+=temp2; amessage =(unsigned char) temp1; j+=2; } j++; } for(i=0;i == ';<'; || (char)auserid == ';>'; || (char)auserid == ';/'; || (char)auserid == ';+';) auserid = 0x20; printf("%x ",auserid); } printf("\n"); for(i=0;i == ';<'; || (char)amessage == ';>'; || (char)amessage == ';/'; || (char)amessage == ';+';) amessage = 0x20; printf("%x ",amessage); } wsprintf(sendout,"\r\n时间:%s
\r\nIP:%s
\r\n访客id:%s
\r\n访客留言:%s


\r\n\r\n\0",outtime,inet_ntoa(client[socketindex].sin_addr),(char*)auserid,(char*)amessage); fp = CreateFile( respondfilename, GENERIC_WRITE, 0, (LPSECURITY_ATTRIBUTES)NULL, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL); if( fp == INVALID_HANDLE_VALUE ) {printf( "%s open file: %s error!\n" , inet_ntoa( client[socketindex].sin_addr ) , respondfilename ); printf( "--------------------------------------------------------------------------------" ); closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; return -1; } i = GetFileSize(fp , NULL); if(-1 == SetFilePointer(fp,i,NULL,FILE_BEGIN)) {printf("SetFilePointer Error :%d\n",GetLastError()); closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; CloseHandle(fp); return -1; } BOOL flag = WriteFile(fp,sendout,strlen(sendout),&i,NULL); if( flag = FALSE) {printf("WRITE ERROR:%d\n",GetLastError()); send(TranSock[socketindex] ,"回复错误!" , 9 , 0 ); CloseHandle(fp); closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; return -1; } char *backstr ="点击查看留言"; errorcode = send(TranSock[socketindex] ,backstr , strlen(backstr) , 0 ); if ( errorcode == SOCKET_ERROR || errorcode == 0 ) {printf( "Respond Error: %d\n" , WSAGetLastError() ); closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; return -1; } CloseHandle(fp); closesocket( TranSock[socketindex] ); TranSock[socketindex] = 0; } return 0; } //****************************************************************** //使用原始套接字实现监听的线程,传递的参数为指向本机ip的字符指针 //****************************************************************** DWORD WINAPI SynFloodDefend( char*temp ) {SOCKETSnifferSocket; structsockaddr_in sa; charsniffmem[50]; inti = 0; DWORD flag=0; char MyIpFmr[]="%d.%d.%d.%d"; char MyIp[15]; flag = SnifferSocket = socket(AF_INET,SOCK_RAW,IPPROTO_IP); if ( flag == INVALID_SOCKET ) {printf( "socket error!\n" ); return -1; } memset(&sa , 0 , sizeof (struct sockaddr_in) ); sa.sin_addr.s_addr = inet_addr((char*)temp); sa.sin_family = AF_INET; sa.sin_port = htons(7000); flag = bind(SnifferSocket , (struct sockaddr *)&sa , sizeof(sa) ) ; if( flag == SOCKET_ERROR ) {printf( "Bind error!\n" ); return -1; } DWORD outbuf[10]; DWORD contrlflag = 1 ; DWORD dwBytesReturned = 0 ; flag = WSAIoctl( SnifferSocket, SIO_RCVALL, &contrlflag, sizeof(contrlflag), &outbuf, sizeof( outbuf ), &dwBytesReturned , NULL , NULL ); if( flag == SOCKET_ERROR ) { printf( "WSAIoctl Error!%d\n" , WSAGetLastError() ); return -1; } printf("Set OK!\n"); char ProType[15]; char ProFmr[] = "%s(%d)"; char Pro0[] = "IP"; char Pro1[] = "ICMP"; char Pro2[] = "IGMP"; char Pro6[] = "TCP"; char Pro17[] = "UDP"; char Pro255[]= "RAW"; char TimeFmr[]="时间: %d:%d:%d\n"; char TimeOut[15]; char IpFmr[]= "%d.%d.%d.%d:%d"; char sourceip[25]; char destip[25]; unsigned short int sourceport=0; unsigned short int destport=0; int overflag = 0; SetEvent(WriteEvent); DWORD dwResult=0; while(TRUE) {memset(sniffmem,0,50); memset(ProType,0,15); memset(sourceip,0,25); memset(destip,0,25); memset(MyIp,0,15); flag = recv( SnifferSocket , sniffmem , sizeof(sniffmem) , 0 ) ; /*if( flag == SOCKET_ERROR || flag == 0 ) {printf( "Raw Recv Error: %d\n" , WSAGetLastError() ); continue; }*/ wsprintf(TimeOut , TimeFmr , currenttime.wHour, currenttime.wMinute , currenttime.wSecond); wsprintf( MyIp , MyIpFmr ,(unsigned char)sniffmem[16], (unsigned char)sniffmem[17], (unsigned char)sniffmem[18], (unsigned char)sniffmem[19]); if(inet_addr((char*)temp) != inet_addr(MyIp) ) continue; else {printf( "%s" , TimeOut); sourceport = (unsigned char)sniffmem[20]; sourceport *= 0x100; sourceport += (unsigned char)sniffmem[21]; destport = (unsigned char)sniffmem[22]; destport *= 0x100; destport += (unsigned char)sniffmem[23]; wsprintf(sourceip,IpFmr,(unsigned char)sniffmem[12] , (unsigned char)sniffmem[13], (unsigned char)sniffmem[14],(unsigned char)sniffmem[15], sourceport); wsprintf(destip,IpFmr, (unsigned char)sniffmem[12+4] , (unsigned char)sniffmem[13+4], (unsigned char)sniffmem[14+4],(unsigned char)sniffmem[15+4], destport); printf("%s\t--->\t%s\n",sourceip,destip); if(sniffmem[9] == 6) wsprintf( ProType , ProFmr , Pro6 , 6 ); else if(sniffmem[9] == 17) wsprintf( ProType , ProFmr , Pro17 , 17 ); else if(sniffmem[9] == 1) wsprintf( ProType , ProFmr , Pro1 , 1 ); else if(sniffmem[9] == 0) wsprintf( ProType , ProFmr , Pro0 , 0 ); else if(sniffmem[9] == 255) wsprintf( ProType , ProFmr , Pro255 , 255 ); else if(sniffmem[9] == 2) wsprintf( ProType , ProFmr , Pro2 , 2 ); else wsprintf( ProType , ProFmr , "Unknown" , sniffmem[9] ); printf("协议类型: %s\n",ProType); if( (unsigned char)sniffmem[33] == 18 ) {printf( "一个SYN包!\n" ); dwResult = WaitForSingleObject(WriteEvent,1000); if(dwResult == WAIT_TIMEOUT ) continue; ResetEvent(ReadEvent); fence->next = (struct SynInfo*)malloc(sizeof(struct SynInfo)); fence = fence->next; fence->ip = inet_addr(sourceip); fence->arrivetickcount = CurrentTickCount + WaitTime; fence->next = NULL; InterlockedIncrement(&SynLinkTotal); //SynLinkTotal++ printf("+1\n"); printf("%d\n",SynLinkTotal); SetEvent(ReadEvent); } printf("\n"); } } closesocket(SnifferSocket); return 0; }