首页 > 编程语言 > AAuto > 获取tcp,udp连接信息
2014
07-23

获取tcp,udp连接信息

AAuto代码:(部分函数仅支持VISTA以后版本,XP的未研究)

import console; 
import wsock;
import win.version

dll = raw.loadDll("Iphlpapi.dll");
GetTcpTable= dll.api("GetTcpTable","INT(struct &pTcpTable, INT &pdwSize,bool bOrder)");
GetUdpTable = dll.api("GetUdpTable","INT(struct &pUdpTable,INT &pdwSize,bool bOrder)" );
GetTcpTable2 = dll.api("GetTcpTable2","INT(struct &TcpTable,INT &SizePointer,bool Order)" ); //仅支持VISTA以后版本
GetExtendedUdpTable= dll.api("GetExtendedUdpTable","INT(struct &pUdpTable,INT &pdwSize,bool bOrder,INT ulAf,INT TableClass,INT Reserved)");

MIB_TCPROW = class  {
 INT dwState;
 INT dwLocalAddr;
 INT dwLocalPort;
 INT dwRemoteAddr;
 INT dwRemotePort;
}

MIB_TCPTABLE = class  {
	INT dwNumEntries;
	struct tcpRow[]={};
}

MIB_UDPROW = class {
	INT dwLocalAddr;
	INT dwLocalPort;
}

MIB_UDPTABLE = class {
	INT dwNumEntries;
	struct udpRow[] = {};
}

class MIB_TCPROW2 {
 	INT dwState;
 	INT dwLocalAddr;
 	INT dwLocalPort;
 	INT dwRemoteAddr;
 	INT dwRemotePort;
 	INT dwOwningPid;
 	INT dwOffloadState;
}

class MIB_TCPTABLE2  {
	INT dwNumEntries;
	struct tcpExRow[]={};
}

getTcpTable = function(){
	var re,pTcpTable,size = GetTcpTable({},0,false);
	if(re==0x7A/*_ERROR_INSUFFICIENT_BUFFER*/){
		pTcpTable = MIB_TCPTABLE();
		var count = math.ceil( (size - 4)/raw.sizeof(MIB_TCPROW()) )
		for(i=1;count;1){
			pTcpTable.tcpRow[i] = MIB_TCPROW();
		}
		re,pTcpTable,size = GetTcpTable(pTcpTable,size,true);		
	}
	return pTcpTable; 
}

getUdpTable = function(){
	var re,pUdpTable,size = GetUdpTable({},0,false);
	if(re==0x7A/*_ERROR_INSUFFICIENT_BUFFER*/){
		pUdpTable = MIB_UDPTABLE();
		//size = math.ceil( (size - 4)/raw.sizeof(MIB_UDPROW()) )
		var count = math.ceil( (size - 4)/raw.sizeof(MIB_UDPROW()) )
		for(i=1;count;1){
			pUdpTable.udpRow[i] = MIB_UDPROW();
		}
		re,pUdpTable,size = GetUdpTable(pUdpTable,size,true);
	}
	return pUdpTable; 
}

getTcpTable2 = function(){
	if(win.version.isVistaLater){
		re,pTcpTable2,size =  GetTcpTable2({},0,false);
		if(re==0x7A/*_ERROR_INSUFFICIENT_BUFFER*/){
			pTcpTable2 = MIB_TCPTABLE2();
			var count = math.ceil( (size - 4)/raw.sizeof(MIB_TCPROW2()) )
			for(i=1;count;1){
				pTcpTable2.tcpExRow[i] = MIB_TCPROW2();
			}
			re,pTcpTable2,size = GetTcpTable2(pTcpTable2,size,true)
		}
		return pTcpTable2; 
	}
}

MIB_UDPROW_OWNER_PID = class
{
	INT dwLocalAddr;
	INT dwLocalPort;
	INT dwOwningPid;
}

MIB_UDPTABLE_OWNER_PID = class {
	INT dwNumEntries;
	struct udpRowOwnerPid[] = {};
}

getExtendedUdpTable = function(){
	var re,pExtendedUdpTable,size = GetExtendedUdpTable({},0,false,0x2/*_AF_INET*/,1,0);
	if(re==0x7A/*_ERROR_INSUFFICIENT_BUFFER*/){
		pExtendedUdpTable = MIB_UDPTABLE_OWNER_PID();
		var count = math.ceil( (size - 4)/raw.sizeof(MIB_UDPROW_OWNER_PID()) )
		for(i=1;count;1){
			pExtendedUdpTable.udpRowOwnerPid[i] = MIB_UDPROW_OWNER_PID();
		}
		re,pExtendedUdpTable,size = GetExtendedUdpTable(pExtendedUdpTable,size,true,0x2/*_AF_INET*/,1,0)
	}
	return pExtendedUdpTable; 
}

var t = getExtendedUdpTable();
import process;
var prcs = process.find("nvbackend.exe")
console.varDump(t)

for(i=1;t.dwNumEntries;1){
	if(prcs.id == t.udpRowOwnerPid[i].dwOwningPid){
		console.log( wsock.inet_ntoa(t.udpRowOwnerPid[i].dwLocalAddr),wsock.htons(t.udpRowOwnerPid[i].dwLocalPort))
	}
}

C语言:(不可遍历出进程id,有时间再弄)

#include <windows.h>
#include "Iphlpapi.h"
#include <malloc.h>
#include "Winsock2.h"
#include <stdlib.h>
#include <stdio.h>

static char TcpState[][32] =
{
    "???",
    "CLOSED",
    "LISTENING",
    "SYN_SENT",
    "SEN_RECEIVED",
    "ESTABLISHED",
    "FIN_WAIT",
    "FIN_WAIT2",
    "CLOSE_WAIT",
    "CLOSING",
    "LAST_ACK",
    "TIME_WAIT"
};

DWORD EnumTCPTable()
{
    PMIB_TCPTABLE pTcpTable = NULL;
    DWORD dwSize = 0;
    DWORD dwRetVal = ERROR_SUCCESS;

    struct   in_addr rip;
    struct   in_addr lip;
    char  szrip[32] = {0};
    char  szlip[32] = {0};

    if (GetTcpTable(pTcpTable, &dwSize, TRUE) == ERROR_INSUFFICIENT_BUFFER)
    {
        pTcpTable = (MIB_TCPTABLE*) malloc ((UINT) dwSize);
    }
    else
        return dwRetVal;

    printf("Active Connections/n/n");
    printf("  Proto/t%-24s%-24s%s/n","Local Address","Foreign Address","State");
    if ((dwRetVal = GetTcpTable(pTcpTable, &dwSize, TRUE)) == NO_ERROR)
    {
        int i = 0;
        for (i = 0; i < (int) pTcpTable->dwNumEntries; i++)
        {
            rip.S_un.S_addr = pTcpTable->table[i].dwRemoteAddr;
            lip.S_un.S_addr = pTcpTable->table[i].dwLocalAddr;

            if (pTcpTable->table[i].dwState == MIB_TCP_STATE_LISTEN)
                pTcpTable->table[i].dwRemotePort = 0;

            _snprintf(szlip,sizeof(szlip),"%s:%d",inet_ntoa(lip),htons((u_short)pTcpTable->table[i].dwLocalPort));
            _snprintf(szrip,sizeof(szrip),"%s:%d",inet_ntoa(rip),htons((u_short)pTcpTable->table[i].dwRemotePort));
            printf("  TCP\t%-24s%-24s%s\n",szlip,szrip,TcpState[pTcpTable->table[i].dwState]);
        }
    }
    else
    {
        printf("/tCall to GetTcpTable failed./n");

        LPVOID lpMsgBuf;

        if (FormatMessage(
                    FORMAT_MESSAGE_ALLOCATE_BUFFER |
                    FORMAT_MESSAGE_FROM_SYSTEM |
                    FORMAT_MESSAGE_IGNORE_INSERTS,
                    NULL,
                    dwRetVal,
                    MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // Default language
                    (LPTSTR) &lpMsgBuf,
                    0,
                    NULL ))
        {
            printf("/tError: %s", lpMsgBuf);
        }
        LocalFree( lpMsgBuf );
    }
    GlobalFree(pTcpTable);
    return dwRetVal;
}


DWORD DelTCPConnect(const char *lpszLocalAddr,
                    const char * lpszRemoteAddr,
                    DWORD dwLocalPort,
                    DWORD dwRemotePort)
{
    DWORD dwRetVal = ERROR_NOT_FOUND;
    MIB_TCPROW srtTcpRow;
    srtTcpRow.dwLocalAddr = inet_addr(lpszLocalAddr);
    srtTcpRow.dwRemoteAddr = inet_addr(lpszRemoteAddr);
    srtTcpRow.dwLocalPort = htons(dwLocalPort);
    srtTcpRow.dwRemotePort = htons(dwRemotePort);
    srtTcpRow.dwState = MIB_TCP_STATE_DELETE_TCB;
    dwRetVal = SetTcpEntry(&srtTcpRow);
    if (dwRetVal != ERROR_SUCCESS)
    {
        LPVOID lpMsgBuf;
        if (FormatMessage(
                    FORMAT_MESSAGE_ALLOCATE_BUFFER |
                    FORMAT_MESSAGE_FROM_SYSTEM |
                    FORMAT_MESSAGE_IGNORE_INSERTS,
                    NULL,
                    dwRetVal,
                    MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT), // Default language
                    (LPTSTR) &lpMsgBuf,
                    0,
                    NULL ))
        {
            printf("/tError: %s", lpMsgBuf);
        }
        LocalFree( lpMsgBuf );
    }
    return dwRetVal;
}


int main()
{
    EnumTCPTable();
}
最后编辑:
作者:NINE
这个作者貌似有点懒,什么都没有留下。

留下一个回复

你的email不会被公开。