static int sendEchoPacket() { if (startMode%3 == 2) /* 赛尔 */ { *(u_int16_t *)(sendPacket+0x0E) = htons(0x0106); *(u_int16_t *)(sendPacket+0x10) = 0; memset(sendPacket+0x12, 0xa5, 42); switchState(ID_WAITECHO); /* 继续等待 */ return pcap_sendpacket(hPcap, sendPacket, 60); } if (sendCount == 0) { u_char echo[] = { 0x00,0x1E,0xFF,0xFF,0x37,0x77,0x7F,0x9F,0xFF,0xFF,0xD9,0x13,0xFF,0xFF,0x37,0x77, 0x7F,0x9F,0xFF,0xFF,0xF7,0x2B,0xFF,0xFF,0x37,0x77,0x7F,0x3F,0xFF }; printf(_(">> 发送心跳包以保持在线...\n")); fillEtherAddr(0x888E01BF); memcpy(sendPacket+0x10, echo, sizeof(echo)); setTimer(echoInterval); } fillEchoPacket(sendPacket); return pcap_sendpacket(hPcap, sendPacket, 0x2D); }
static int sendStartPacket() { if (startMode%3 == 2) /* 赛尔 */ { if (sendCount == 0) { printf(_(">> 寻找服务器...\n")); memcpy(sendPacket, STANDARD_ADDR, 6); memcpy(sendPacket+0x06, localMAC, 6); *(u_int32_t *)(sendPacket+0x0C) = htonl(0x888E0101); *(u_int16_t *)(sendPacket+0x10) = 0; memset(sendPacket+0x12, 0xa5, 42); setTimer(timeout); } return pcap_sendpacket(hPcap, sendPacket, 60); } if (sendCount == 0) { printf(_(">> 寻找服务器...\n")); //fillStartPacket(); fillEtherAddr(0x888E0101); memcpy(sendPacket + 0x12, pkt1, sizeof(pkt1)); memcpy(sendPacket + 0xe2, computeV4(pad, 16), 0x80); setTimer(timeout); } return pcap_sendpacket(hPcap, sendPacket, 532); }
static int sendStartPacket() { if (startMode%3 == 2) /* 赛尔 */ { if (sendCount == 0) { printf(_(">> 寻找服务器...\n")); memcpy(sendPacket, STANDARD_ADDR, 6); memcpy(sendPacket+0x06, localMAC, 6); *(u_int32_t *)(sendPacket+0x0C) = htonl(0x888E0101); *(u_int16_t *)(sendPacket+0x10) = 0; memset(sendPacket+0x12, 0xa5, 42); setTimer(timeout); } return pcap_sendpacket(hPcap, sendPacket, 60); } if (sendCount == 0) { printf(_(">> 寻找服务器...\n")); fillStartPacket(); fillEtherAddr(0x888E0101); memcpy(sendPacket+0x12, fillBuf, fillSize); setTimer(timeout); } return pcap_sendpacket(hPcap, sendPacket, 0x3E8); }
static int sendLogoffPacket() { setTimer(0); /* 取消定时器 */ if (startMode%3 == 2) /* 赛尔 */ { *(u_int16_t *)(sendPacket+0x0E) = htons(0x0102); *(u_int16_t *)(sendPacket+0x10) = 0; memset(sendPacket+0x12, 0xa5, 42); return pcap_sendpacket(hPcap, sendPacket, 60); } fillStartPacket(); /* 锐捷的退出包与Start包类似,不过其实不这样也是没问题的 */ fillEtherAddr(0x888E0102); memcpy(sendPacket+0x12, fillBuf, fillSize); return pcap_sendpacket(hPcap, sendPacket, 0x3E8); }
static int sendChallengePacket() { int nameLen = strlen(userName); if (startMode%3 == 2) /* 赛尔 */ { if (sendCount == 0) { printf(_(">> 发送密码...\n")); *(u_int16_t *)(sendPacket+0x0E) = htons(0x0100); *(u_int16_t *)(sendPacket+0x10) = *(u_int16_t *)(sendPacket+0x14) = htons(nameLen+22); sendPacket[0x12] = 0x02; sendPacket[0x13] = capBuf[0x13]; sendPacket[0x16] = 0x04; sendPacket[0x17] = 16; memcpy(sendPacket+0x18, checkPass(capBuf[0x13], capBuf+0x18, capBuf[0x17]), 16); memcpy(sendPacket+0x28, userName, nameLen); setTimer(timeout); } return pcap_sendpacket(hPcap, sendPacket, nameLen+40); } if (sendCount == 0) { printf(_(">> 发送密码...\n")); //fillMd5Packet(capBuf+0x18); fillEtherAddr(0x888E0100); *(u_int16_t *)(sendPacket+0x14) = *(u_int16_t *)(sendPacket+0x10) = htons(nameLen+22); sendPacket[0x12] = 0x02; sendPacket[0x13] = capBuf[0x13]; sendPacket[0x16] = 0x04; sendPacket[0x17] = 16; memcpy(sendPacket+0x18, checkPass(capBuf[0x13], capBuf+0x18, capBuf[0x17]), 16); memcpy(sendPacket+0x28, userName, nameLen); memcpy(sendPacket+0x28+nameLen, pkt3, sizeof(pkt3)); memcpy(sendPacket + 0x90 + nameLen, computePwd(capBuf+0x18), 0x10); //memcpy(sendPacket + 0xa0 +nameLen, fillBuf + 0x68, fillSize-0x68); memcpy(sendPacket + 0x109 + nameLen, computeV4(capBuf+0x18, capBuf[0x17]), 0x80); //sendPacket[0x77] = 0xc7; setTimer(timeout); } return pcap_sendpacket(hPcap, sendPacket, 578); }
static int sendIdentityPacket() { int nameLen = strlen(userName); if (startMode%3 == 2) /* 赛尔 */ { if (sendCount == 0) { printf(_(">> 发送用户名...\n")); *(u_int16_t *)(sendPacket+0x0E) = htons(0x0100); *(u_int16_t *)(sendPacket+0x10) = *(u_int16_t *)(sendPacket+0x14) = htons(nameLen+30); sendPacket[0x12] = 0x02; sendPacket[0x16] = 0x01; sendPacket[0x17] = 0x01; fillCernetAddr(sendPacket); memcpy(sendPacket+0x28, "03.02.05", 8); memcpy(sendPacket+0x30, userName, nameLen); setTimer(timeout); } sendPacket[0x13] = capBuf[0x13]; return pcap_sendpacket(hPcap, sendPacket, nameLen+48); } if (sendCount == 0) { printf(_(">> 发送用户名...\n")); fillEtherAddr(0x888E0100); nameLen = strlen(userName); *(u_int16_t *)(sendPacket+0x14) = *(u_int16_t *)(sendPacket+0x10) = htons(nameLen+5); sendPacket[0x12] = 0x02; sendPacket[0x13] = capBuf[0x13]; sendPacket[0x16] = 0x01; memcpy(sendPacket+0x17, userName, nameLen); memcpy(sendPacket+0x17+nameLen, pkt2, sizeof(pkt2)); memcpy(sendPacket + 0xe7 + nameLen, computeV4(pad, 16), 0x80); setTimer(timeout); } return pcap_sendpacket(hPcap, sendPacket, 545); }