Code:为了方便广大VB爱好者也能向C语言一样能截获IP包,本人特地写了以下的源代码,以供VB开发者参考。
以下是在VB中截获WIN2000下TCP/IP包的源代码,在VB6.0,win2000下测试通过,需要注意的地方是,1.必须和本地的一块网卡,2.每次获取数据后必须有一段延时。3.数据取到之后放在Buff的数组中。4.把以下的代码放在一个模块中就可以了。
’-----------------------------代码开始--------------------------------------------------
Declare Function bind Lib "ws2_32.dll" (ByVal s As Long, addr As
SOCK_ADDR, ByVal namelen As Long) As Long
Declare Function closesocket Lib "ws2_32.dll" (ByVal s As Long) As
Long
Declare Function connect Lib "ws2_32.dll" (ByVal s As Long, name As
SOCK_ADDR, ByVal namelen As Integer) As Long
Declare Function inet_addr Lib "ws2_32.dll" (ByVal cp As String) As
Long
Declare Function htons Lib "ws2_32.dll" (ByVal hostshort As Integer)
As Integer
Declare Function recv Lib "ws2_32.dll" (ByVal s As Long, buffer As
Any, ByVal length As Long, ByVal flags As Long) As Long
Declare Function send Lib "ws2_32.dll" (ByVal s As Long, buffer As
Any, ByVal length As Long, ByVal flags As Long) As Long
Declare Function shutdown Lib "ws2_32.dll" (ByVal s As Long, ByVal
how As Long) As Long
Declare Function ioctlsocket Lib "ws2_32.dll" (ByVal s As Long,
ByVal v As Long, ut As Long) As Long
Declare Function socket Lib "ws2_32.dll" (ByVal af As Long, ByVal
type_specification As Long, ByVal protocol As Long) As Long
Declare Function WSACancelBlockingCall Lib "ws2_32.dll" () As Long
Declare Function WSACleanup Lib "ws2_32.dll" () As Long
Declare Function WSAGetLastError Lib "ws2_32.dll" () As Long
Declare Function WSAStartup Lib "ws2_32.dll" (ByVal wVersionRequired
As Integer, wsData As WSA_DATA) As Long
Declare Function WSASocketA Lib "ws2_32.dll" (ByVal af As Long,
ByVal type1 As Long, ByVal protocol As Long, lpProtocolInfo As Long,
g As Long, ByVal dwFlags As Long)
Declare Function WSAIoctl Lib "ws2_32.dll" (ByVal s As Long, ByVal
dwIoControlCode As Long, lpvInBuffer As Long, ByVal cbInBuffer As
Long, lpvOutBuffer As Long, ByVal cbOutBuffer As Long,
lpcbBytesReturned As Long, lpOverlapped As Long, lpCompletionRoutine
As Long) As Long Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory"
(Destination As Any, Source As Any, ByVal length As Long)
Public Declare Sub Sleep Lib "kernel32" (ByVal dwMilliseconds As
Long)
Public Const WSADESCRIPTION_LEN = 256
Public Const WSASYS_STATUS_LEN = 128
Type WSA_DATA
wVersion As Integer
wHighVersion As Integer
strDescription(WSADESCRIPTION_LEN + 1) As Byte
strSystemStatus(WSASYS_STATUS_LEN + 1) As Byte
iMaxSockets As Integer
iMaxUdpDg As Integer
lpVendorInfo As Long
End Type
Type IN_ADDR
S_addr As Long
End Type
Type SOCK_ADDR
sin_family As Integer
sin_port As Integer
sin_addr As IN_ADDR
sin_zero(0 To 7) As Byte
End Type Type IPHeader
lenver As Byte
tos As Byte
len As Integer
ident As Integer
flags As Integer
ttl As Byte
proto As Byte
checksum As Integer
sourceIP As Long
destIP As Long
End Type
Const AF_INET = 2
Const SOCK_RAW = 3
Const IPPROTO_IP = 0
Const IPPROTO_TCP = 6
Const IPPROTO_UDP = 17
Const MAX_PACK_LEN = 65535
Const SOCKET_ERROR = -1&
Private mwsaData As WSA_DATA
Private m_hSocket As Long Private msaLocalAddr As SOCK_ADDR
Private msaRemoteAddr As SOCK_ADDR Sub Main()
Dim nResult As Long
nResult = WSAStartup(&H202, mwsaData)
If nResult <> WSANOERROR Then
MsgBox "Error en WSAStartup"
Exit Sub
End If
m_hSocket = socket(AF_INET, SOCK_RAW, IPPROTO_IP)
If (m_hSocket = INVALID_SOCKET) Then
MsgBox "Error in socket"
Exit Sub
End If
msaLocalAddr.sin_family = AF_INET
msaLocalAddr.sin_port = 0
msaLocalAddr.sin_addr.S_addr = inet_addr("192.168.1.125")
’这里需要你自己的网卡的IP地址
nResult = bind(m_hSocket, msaLocalAddr, Len(msaLocalAddr))
If (nResult = SOCKET_ERROR) Then
MsgBox "Error in bind"
Exit Sub
End If
Dim InParamBuffer As Long
Dim BytesRet As Long
BytesRet = 0
InParamBuffer = 1
nResult = ioctlsocket(m_hSocket, &H98000001, 1)
If nResult <> 0 Then
MsgBox "ioctlsocket"
Exit Sub
End If Dim strData As String
Dim nReceived As Long ’截获来的数据放在BUFF里面
Dim Buff(0 To MAX_PACK_LEN) As Byte
Dim IPH As IPHeader
Do Until False ’这个例子里,一直获取
DoEvents
nResult = recv(m_hSocket, Buff(0), MAX_PACK_LEN, 0)
If nResult = SOCKET_ERROR Then
MsgBox "Error in RecvData::recv"
Exit Do
End If
CopyMemory IPH, Buff(0), Len(IPH) ’为了访问方便
Select Case IPH.proto
Case IPPROTO_TCP
’frmHookTcpip.Text1.SelText = HexIp2DotIp(IPH.sourceIP)
’frmHookTcpip.Text1.SelText = " -----> "
’frmHookTcpip.Text1.SelText = HexIp2DotIp(IPH.destIP)
’frmHookTcpip.Text1.SelText = vbCrLf
Debug.Print HexIp2DotIp(IPH.sourceIP) & " -----> " &
HexIp2DotIp(IPH.destIP)
End Select
Loop
nResult = shutdown(m_hSocket, 2)
nResult = closesocket(m_hSocket)
nResult = WSACancelBlockingCall
nResult = WSACleanup
End Sub Function HexIp2DotIp(ByVal ip As Long) As String
Dim s As String, p1 As String, p2 As String, p3 As String, p4 As
String
s = Right("00000000" & Hex(ip), 8)
p1 = Val("&h" & Mid(s, 1, 2))
p2 = Val("&h" & Mid(s, 3, 2))
p3 = Val("&h" & Mid(s, 5, 2))
p4 = Val("&h" & Mid(s, 7, 2))
HexIp2DotIp = p4 & "." & p3 & "." & p2 & "." & p1
End Function
’-----------------------------代码结束--------------------------------------------------
以下是在VB中截获WIN2000下TCP/IP包的源代码,在VB6.0,win2000下测试通过,需要注意的地方是,1.必须和本地的一块网卡,2.每次获取数据后必须有一段延时。3.数据取到之后放在Buff的数组中。4.把以下的代码放在一个模块中就可以了。
’-----------------------------代码开始--------------------------------------------------
Declare Function bind Lib "ws2_32.dll" (ByVal s As Long, addr As
SOCK_ADDR, ByVal namelen As Long) As Long
Declare Function closesocket Lib "ws2_32.dll" (ByVal s As Long) As
Long
Declare Function connect Lib "ws2_32.dll" (ByVal s As Long, name As
SOCK_ADDR, ByVal namelen As Integer) As Long
Declare Function inet_addr Lib "ws2_32.dll" (ByVal cp As String) As
Long
Declare Function htons Lib "ws2_32.dll" (ByVal hostshort As Integer)
As Integer
Declare Function recv Lib "ws2_32.dll" (ByVal s As Long, buffer As
Any, ByVal length As Long, ByVal flags As Long) As Long
Declare Function send Lib "ws2_32.dll" (ByVal s As Long, buffer As
Any, ByVal length As Long, ByVal flags As Long) As Long
Declare Function shutdown Lib "ws2_32.dll" (ByVal s As Long, ByVal
how As Long) As Long
Declare Function ioctlsocket Lib "ws2_32.dll" (ByVal s As Long,
ByVal v As Long, ut As Long) As Long
Declare Function socket Lib "ws2_32.dll" (ByVal af As Long, ByVal
type_specification As Long, ByVal protocol As Long) As Long
Declare Function WSACancelBlockingCall Lib "ws2_32.dll" () As Long
Declare Function WSACleanup Lib "ws2_32.dll" () As Long
Declare Function WSAGetLastError Lib "ws2_32.dll" () As Long
Declare Function WSAStartup Lib "ws2_32.dll" (ByVal wVersionRequired
As Integer, wsData As WSA_DATA) As Long
Declare Function WSASocketA Lib "ws2_32.dll" (ByVal af As Long,
ByVal type1 As Long, ByVal protocol As Long, lpProtocolInfo As Long,
g As Long, ByVal dwFlags As Long)
Declare Function WSAIoctl Lib "ws2_32.dll" (ByVal s As Long, ByVal
dwIoControlCode As Long, lpvInBuffer As Long, ByVal cbInBuffer As
Long, lpvOutBuffer As Long, ByVal cbOutBuffer As Long,
lpcbBytesReturned As Long, lpOverlapped As Long, lpCompletionRoutine
As Long) As Long Declare Sub CopyMemory Lib "kernel32" Alias "RtlMoveMemory"
(Destination As Any, Source As Any, ByVal length As Long)
Public Declare Sub Sleep Lib "kernel32" (ByVal dwMilliseconds As
Long)
Public Const WSADESCRIPTION_LEN = 256
Public Const WSASYS_STATUS_LEN = 128
Type WSA_DATA
wVersion As Integer
wHighVersion As Integer
strDescription(WSADESCRIPTION_LEN + 1) As Byte
strSystemStatus(WSASYS_STATUS_LEN + 1) As Byte
iMaxSockets As Integer
iMaxUdpDg As Integer
lpVendorInfo As Long
End Type
Type IN_ADDR
S_addr As Long
End Type
Type SOCK_ADDR
sin_family As Integer
sin_port As Integer
sin_addr As IN_ADDR
sin_zero(0 To 7) As Byte
End Type Type IPHeader
lenver As Byte
tos As Byte
len As Integer
ident As Integer
flags As Integer
ttl As Byte
proto As Byte
checksum As Integer
sourceIP As Long
destIP As Long
End Type
Const AF_INET = 2
Const SOCK_RAW = 3
Const IPPROTO_IP = 0
Const IPPROTO_TCP = 6
Const IPPROTO_UDP = 17
Const MAX_PACK_LEN = 65535
Const SOCKET_ERROR = -1&
Private mwsaData As WSA_DATA
Private m_hSocket As Long Private msaLocalAddr As SOCK_ADDR
Private msaRemoteAddr As SOCK_ADDR Sub Main()
Dim nResult As Long
nResult = WSAStartup(&H202, mwsaData)
If nResult <> WSANOERROR Then
MsgBox "Error en WSAStartup"
Exit Sub
End If
m_hSocket = socket(AF_INET, SOCK_RAW, IPPROTO_IP)
If (m_hSocket = INVALID_SOCKET) Then
MsgBox "Error in socket"
Exit Sub
End If
msaLocalAddr.sin_family = AF_INET
msaLocalAddr.sin_port = 0
msaLocalAddr.sin_addr.S_addr = inet_addr("192.168.1.125")
’这里需要你自己的网卡的IP地址
nResult = bind(m_hSocket, msaLocalAddr, Len(msaLocalAddr))
If (nResult = SOCKET_ERROR) Then
MsgBox "Error in bind"
Exit Sub
End If
Dim InParamBuffer As Long
Dim BytesRet As Long
BytesRet = 0
InParamBuffer = 1
nResult = ioctlsocket(m_hSocket, &H98000001, 1)
If nResult <> 0 Then
MsgBox "ioctlsocket"
Exit Sub
End If Dim strData As String
Dim nReceived As Long ’截获来的数据放在BUFF里面
Dim Buff(0 To MAX_PACK_LEN) As Byte
Dim IPH As IPHeader
Do Until False ’这个例子里,一直获取
DoEvents
nResult = recv(m_hSocket, Buff(0), MAX_PACK_LEN, 0)
If nResult = SOCKET_ERROR Then
MsgBox "Error in RecvData::recv"
Exit Do
End If
CopyMemory IPH, Buff(0), Len(IPH) ’为了访问方便
Select Case IPH.proto
Case IPPROTO_TCP
’frmHookTcpip.Text1.SelText = HexIp2DotIp(IPH.sourceIP)
’frmHookTcpip.Text1.SelText = " -----> "
’frmHookTcpip.Text1.SelText = HexIp2DotIp(IPH.destIP)
’frmHookTcpip.Text1.SelText = vbCrLf
Debug.Print HexIp2DotIp(IPH.sourceIP) & " -----> " &
HexIp2DotIp(IPH.destIP)
End Select
Loop
nResult = shutdown(m_hSocket, 2)
nResult = closesocket(m_hSocket)
nResult = WSACancelBlockingCall
nResult = WSACleanup
End Sub Function HexIp2DotIp(ByVal ip As Long) As String
Dim s As String, p1 As String, p2 As String, p3 As String, p4 As
String
s = Right("00000000" & Hex(ip), 8)
p1 = Val("&h" & Mid(s, 1, 2))
p2 = Val("&h" & Mid(s, 3, 2))
p3 = Val("&h" & Mid(s, 5, 2))
p4 = Val("&h" & Mid(s, 7, 2))
HexIp2DotIp = p4 & "." & p3 & "." & p2 & "." & p1
End Function
’-----------------------------代码结束--------------------------------------------------
解决方案 »
- 使用 Forms 2.0 组件里的按钮控件,在按钮上设图标经常会莫名消失
- 收藏 不显示删除回复显示所有回复显示星级回复显示得分回复 一道Excel的算术题-符合条件,同色,否则不同色.[
- 求助vb datagrid的焦点问题
- 请问:如果在VB中获得一个EXCEL文件的实际行列数?
- 谁有VB编写华为C08程控交换机的实例?
- 无法插入空行.行必须至少有一个列值集
- 吸收该消息
- 急呀~!关于datagrid的问题~!
- 为什么删我的帖子?想找在上海的VB人交流交流,有错么?不符合CSDN版规么?还是不符合法律规定?
- VB做的程序是必须要有MSVSVB.DLL吗?
- 新手请教:多个checkbox,点其中一个点中的选中,其余不选中.是不是用checkbox控件,还是别的控件能实现这中功能?
- Msflexgrid 控件数据行合并后好象单元格不能在获得焦點了,也就是单元格不能再选中了,如何使单元格又可以被选中?
最起码这种方法不会影响其他网速度,不过我还是支持一下。
218.244.47.235是服务器
-->代表数据包方向
很奇怪的是第2个包和第1个包 第3个包和第4个包 内容是相同的,不同的只是源IP,目标IP.
tcp不可能将发来的数据直接重发回去吧!
(2005-05-02 18:31:52) 毒蛇守卫 (44948911)
192.168.1.5 -----> 218.244.47.235
port:80-3747
GET /ip.asp HTTP/1.1
Accept: */*
Accept-Language: zh-cn
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; MySign:7zd; Maxthon; .NET CLR 1.1.4322)
Host: www.temp.com
Connection: Keep-Alive
Cookie: ASPSESSIONIDAATTQSRA=LJHDKDOCPKCIPKDJONGKBNHO
218.244.47.235 -----> 192.168.1.5
port:3747-80
GET /ip.asp HTTP/1.1
Accept: */*
Accept-Language: zh-cn
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; MySign:7zd; Maxthon; .NET CLR 1.1.4322)
Host: www.temp.com
Connection: Keep-Alive
Cookie: ASPSESSIONIDAATTQSRA=LJHDKDOCPKCIPKDJONGKBNHO
218.244.47.235 -----> 192.168.1.5
port:3747-80
HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
Date: Mon, 02 May 2005 10:43:33 GMT
X-Powered-By: ASP.NET
Content-Length: 409
Content-Type: text/html
Set-Cookie: ASPSESSIONIDCARQTTQB=KHPFMPPCGOOBHJNDKBNAKKPI; path=/
Cache-control: privateookie: ASPSESSIONIDAATTQSRA=LJHDKDOCPKCIPKDJONGKBNHO
192.168.1.5 -----> 218.244.47.235
port:80-3747
HTTP/1.1 200 OK
Server: Microsoft-IIS/5.0
Date: Mon, 02 May 2005 10:43:33 GMT
X-Powered-By: ASP.NET
Content-Length: 409
Content-Type: text/html
Set-Cookie: ASPSESSIONIDCARQTTQB=KHPFMPPCGOOBHJNDKBNAKKPI; path=/
Cache-control: privateookie: ASPSESSIONIDAATTQSRA=LJHDKDOCPKCIPKDJONGKBNHO
218.244.47.235 -----> 192.168.1.5
port:3747-80
<br>匿名代理服务器或直接连接<br><br><br>直接连接服务器:222.133.61.109<br>尽可能真实:<br><br>HTTP_ACCEPT:*/*<br>HTTP_ACCEPT_LANGUAGE:zh-cn<br>HTTP_CONNECTION:Keep-Alive<br>HTTP_HOST:www.temp.com<br>HTTP_USER_AGENT:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; MySign:7zd; Maxthon; .NET CLR 1.1.4322)<br>HTTP_COOKIE:ASPSESSIONIDAATTQSRA=LJHDKDOCPKCIPKDJONGKBNHO<br>HTTP_ACCEPT_ENCODING:gzip, deflate<br>
192.168.1.5 -----> 218.244.47.235
port:80-3747
<br>匿名代理服务器或直接连接<br><br><br>直接连接服务器:222.133.61.109<br>尽可能真实:<br><br>HTTP_ACCEPT:*/*<br>HTTP_ACCEPT_LANGUAGE:zh-cn<br>HTTP_CONNECTION:Keep-Alive<br>HTTP_HOST:www.temp.com<br>HTTP_USER_AGENT:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; MySign:7zd; Maxthon; .NET CLR 1.1.4322)<br>HTTP_COOKIE:ASPSESSIONIDAATTQSRA=LJHDKDOCPKCIPKDJONGKBNHO<br>HTTP_ACCEPT_ENCODING:gzip, deflate<br>
属于IE窗口,就捕捉事件。Dim IE As InternetExplorer
Public WithEvents IEEvents As InternetExplorer
Dim 保存当前使用窗口 As Long
Private Sub 监视_Timer()
Dim 当前窗口 As Long, X As Long
当前窗口 = GetForegroundWindow()
If 当前窗口 <> 保存当前使用窗口 Then
保存当前使用窗口 = 当前窗口
Dim IE窗口 As New ShellWindows ' Windows级所有活动窗口的集合
For X = 0 To IE窗口.Count - 1
On Error GoTo ERRORSUB
Set IE = IE窗口.Item(X)
If IE.hwnd = 当前窗口 Then
On Error GoTo ERRORSUB
Set IEEvents = Nothing
Set IEEvents = IE
Exit For
End If
Next X
End If
ERRORSUB:
End Sub这样就可以捕捉到IE的事件了
Private Sub IEEvents_BeforeNavigate2(ByVal pDisp As Object, URL As Variant, _
Flags As Variant, TargetFrameName As Variant, _
PostData As Variant, Headers As Variant, _
Cancel As Boolean)
End Sub可以通过 IEEvents.Document 对象的属性获得HTML代码。
不过上面代码是随便写的,没有测试过,你自己研究一下吧。
引用Microsoft Internet Controls
加入一个TextBox控件,设置成多行Private Declare Function GetForegroundWindow Lib "user32" () As Long
Dim WithEvents IEEvents As InternetExplorer
Dim 保存当前使用窗口 As Long
Private Sub 监视_Timer()
Dim 当前窗口 As Long, X As Long
当前窗口 = GetForegroundWindow()
If 当前窗口 <> 保存当前使用窗口 Then
保存当前使用窗口 = 当前窗口
'Windows级所有活动窗口的集合
Dim IE窗口 As New ShellWindows
For X = 1 To IE窗口.Count
On Error GoTo ERRORSUB
If IE窗口.Item(X).hWnd = 当前窗口 Then
On Error GoTo ERRORSUB
Set IEEvents = Nothing
Set IEEvents = IE窗口.Item(X)
Text1.Text = IEEvents.Document.body.innerHTML
Exit For
End If
Next X
End If
ERRORSUB:
End Sub
具体的自己研究吧