目录
摘 要 I
Abstract II
1 绪 论 5
1.1 研究的背景及意义 5
1.2 系统目标 6
2 网络扫描技术概述 8
2.1 安全漏洞研究 8
2.2 网络扫描技术 14
3 总体设计 17
3.1 运行环境 17
3.2 模块结构 17
4 界面设计 26
4.1界面关系图或工作流图 26
4.2界面设计成果 28
4.2.1主界面 28
4.2.2子界面 28
5详细设计 34
5.1系统主要功能模块介绍 34
5.2主机扫描模块设计 34
5.3端口扫描模块设计 36
5.4NetBIOS 扫描模块设计 37
5.5 SNMP 扫描模块设计 39
5.6弱密码扫描模块设计 40
5.7嗅探器扫描模块设计 40
5.8DOS 攻击模块设计 41
5.9注入检测模块设计 42
5.10报告生成模块设计 44
6测试 45
6.1测试方案设计 45
6.1.1主机扫描功能模块测试 45
6.1.2端口扫描功能模块测试 46
6.1.3NetBIOS 扫描功能模块测试 46
6.1.4SNMP 扫描功能模块测试 46
6.1.5弱密码扫描功能模块测试 47
6.1.6嗅探器扫描功能模块测试 48
6.1.7DOS 攻击功能模块测试 48
6.1.8注入检测功能模块测试 49
6.1.9报告生成功能模块测试 51
6.2 测试结果 51
7总结与展望 52
7.1设计工作总结 52
7.2未来工作展望 52
谢 辞 53
1.1.3研究的意义
就目前主流的网络扫描器,大多数采用的是命令行界面,用户使用的门槛相对较高,可视化的图形界面旨在提供给用户一个友好的使用环境,这种用户-界面的体系结构深受广大喜爱。它不需要用户去熟记过多的参数,只需要填入相应的关键信息,通过鼠标点击选择即可完成,大大降低了操作使用的难度。
1.2系统目标
本设计的最终目标是打造一个具有多种扫描功能的网络扫描器。该扫描器具有以下功能:
(1)可视化的图形界面,旨在为用户提供友好的使用环境。
(2)实现一些基本的扫描任务,如读取到目的主机的软硬件信息,开放的端口等等。
(3)帮助用户去自动生成符合用户心理的扫描结果报告,并将扫描结果以文件的形式展现出了。
众所周知,CTabCtrl 是MFC 的选项卡控件,目的是为了集成多个功能模块, 每个功能模块都有单独的子界面,而在不同的子界面下可以插入多个控件进行操作。
管理员的目标是设计一个网络扫描器,而管理员需要设计出九个功能模块去帮助管理员完成辅助扫描的需要。本文转载自http://www.biyezuopin.vip/onews.asp?id=14728而介于 GUI 界面的需要,管理员可以利用 MFC 的选项卡控件去完成这一操作,管理员需要在主对话框中使用插入条目
InsertItem 函数去创建这些选项卡控件,使管理员能够更加方便的切换各个功能模块,然后就可以对每一个功能模块进行编辑,而对不同的功能选项卡管理员要进行操作的监听,一旦有相关事件的发生,管理员能够及时作出反馈并给出正确的操作,从而大大降低了用户的使用难度,方便用户进行可视化的合理的扫描操作。
// AllScan.cpp : implementation file
//
#include "stdafx.h"
#include "Scanner.h"
#include "AllScan.h"
#include "ScannerDlg.h"
#ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#endif
/
// CAllScan dialog
extern CScannerDlg *pDlg;
extern CHostScan *pDlgHostScan;
extern CPortScan *pDlgPortScan;
extern CWeakKeyScan *pDlgWeakKeyScan;
extern CNetBIOSScan *pDlgNetBIOSScan;
extern CSNMPScan *pDlgSNMPScan;
CAllScan::CAllScan(CWnd* pParent /*=NULL*/)
: CDialog(CAllScan::IDD, pParent)
{
//{{AFX_DATA_INIT(CAllScan)
m_iRadioReportType = -1;
m_bCheckDDOSScan = FALSE;
m_bCheckHostScan = FALSE;
m_bCheckNetBIOSScan = FALSE;
m_bCheckPortScan = FALSE;
m_bCheckSnifferScan = FALSE;
m_bCheckSNMPScan = FALSE;
m_bCheckWeakKeyScan = FALSE;
m_bCheckSQLScan = FALSE;
//}}AFX_DATA_INIT
}
void CAllScan::DoDataExchange(CDataExchange* pDX)
{
CDialog::DoDataExchange(pDX);
//{{AFX_DATA_MAP(CAllScan)
DDX_Control(pDX, IDC_IPADDRESSTarget, m_ctlTargetIP);
DDX_Radio(pDX, IDC_RADIOHtml, m_iRadioReportType);
DDX_Check(pDX, IDC_CHECKDDOSScan, m_bCheckDDOSScan);
DDX_Check(pDX, IDC_CHECKHostScan, m_bCheckHostScan);
DDX_Check(pDX, IDC_CHECKNetBIOSScan, m_bCheckNetBIOSScan);
DDX_Check(pDX, IDC_CHECKPortScan, m_bCheckPortScan);
DDX_Check(pDX, IDC_CHECKSnifferScan, m_bCheckSnifferScan);
DDX_Check(pDX, IDC_CHECKSNMPScan, m_bCheckSNMPScan);
DDX_Check(pDX, IDC_CHECKWeakKeyScan, m_bCheckWeakKeyScan);
DDX_Check(pDX, IDC_CHECKSQLScan, m_bCheckSQLScan);
//}}AFX_DATA_MAP
}
BEGIN_MESSAGE_MAP(CAllScan, CDialog)
//{{AFX_MSG_MAP(CAllScan)
ON_BN_CLICKED(IDC_BUTTONStart, OnBUTTONStart)
ON_BN_CLICKED(IDC_RADIOHtml, OnRADIOHtml)
ON_BN_CLICKED(IDC_RADIOTxt, OnRADIOTxt)
ON_BN_CLICKED(IDC_RADIOXml, OnRADIOXml)
//}}AFX_MSG_MAP
END_MESSAGE_MAP()
/
// CAllScan message handlers
void CAllScan::OnBUTTONStart()
{
// TODO: Add your control notification handler code here
/*CFile rebortFile("rebort.html",CFile::modeCreate|CFile::modeWrite);
CString strRebort;
strRebort="";
strRebort+="\n\n\n";
strRebort+="helloWord!";
strRebort+="\n";
rebortFile.Write(strRebort,strlen(strRebort));
rebortFile.Close();*/
//GetParent()->
//PostMessage(WM_COMMAND,MAKEWPARAM(IDC_BUTTONStartScan,BN_CLICKED),NULL);
//AfxGetMainWnd()->m_strTest="gg";
//(((int)pDlg->m_TabMain)).SetCurSel(2);
//pDlg->m_TabMain.SetCurSel(4);
/*((CScannerDlg *)pDlg)->m_TabMain.SetCurSel(2);
NMHDR nmhdr;
nmhdr.code=TCN_SELCHANGE;
nmhdr.hwndFrom=((CScannerDlg *)pDlg)->m_TabMain.GetSafeHwnd();
nmhdr.idFrom=IDC_TABMAIN;
//this->PostMessage(WM_COMMAND,MAKEWPARAM(IDC_TABMAIN,TCN_SELCHANGE),NULL);
::SendMessage(((CScannerDlg *)pDlg)->m_TabMain.GetSafeHwnd(),WM_NOTIFY,MAKELONG(TCN_SELCHANGE,0),(LPARAM)(&nmhdr));*/
//pDlgHostScan->SendMessage(WM_COMMAND,IDC_BUTTONStartScan,0);
UpdateData(true);
int i,iListItemCount=0,number=1;
UCHAR a,b,c,d;
HTREEITEM root,child,childTemp;
CString strIP,strTemp;
m_ctlTargetIP.GetAddress(a,b,c,d);
strIP.Format("%d.%d.%d.%d",a,b,c,d);
strReportContent="\n\n\n";
strReportContent+="\n";
strReportContent+="\n";
if(m_bCheckHostScan){
pDlgHostScan->m_ctlBeginIP.SetWindowText(strIP);
pDlgHostScan->m_ctlEndIP.SetWindowText(strIP);
UpdateData(false);
//pDlgHostScan->SendMessage(WM_COMMAND,IDC_BUTTONStartScan,0);
Sleep(3000);
UpdateData(true);
//int iCount=pDlgHostScan->m_ctlListResult.GetItemCount();
//strReportContent+=""+number;
strTemp.Format("%d"
,number);
strReportContent+=strTemp;
strReportContent+=".主机扫描\n";
number++;
strReportContent+="\n";
strReportContent+="IP 状态 操作系统 \n";
strReportContent+=""+pDlgHostScan->m_ctlListResult.GetItemText(0,1)+" ";
strReportContent+=""+pDlgHostScan->m_ctlListResult.GetItemText(0,2)+" ";
strReportContent+=""+pDlgHostScan->m_ctlListResult.GetItemText(0,3)+" \n";
strReportContent+="
";
strTemp=pDlgHostScan->m_ctlListResult.GetItemText(0,3);
//MessageBox(strTemp);
}
if(m_bCheckPortScan){
strReportContent+="\n
\n";
pDlgPortScan->m_ctlBeginIP.SetWindowText(strIP);
pDlgPortScan->m_ctlEndIP.SetWindowText(strIP);
pDlgPortScan->m_uBeginPort=0;
pDlgPortScan->m_uEndPort=1024;
UpdateData(false);
//pDlgPortScan->SendMessage(WM_COMMAND,IDC_BUTTONStart,0);
strTemp.Format("%d"
,number);
strReportContent+=strTemp;
strReportContent+=".端口扫描\n";
number++;
root=pDlgPortScan->m_ctlTreeResult.GetRootItem();
strTemp=pDlgPortScan->m_ctlTreeResult.GetItemText(root);
strReportContent+="\n"
;
strReportContent+="- "
+strTemp+"\n";
child=pDlgPortScan->m_ctlTreeResult.GetChildItem(root);
if(child==NULL){
strReportContent+="无开放端口
";
}else{
strTemp=pDlgPortScan->m_ctlTreeResult.GetItemText(child);
//strReportContent+="";
strReportContent+="\n- "
+strTemp+"\n";
while((child=pDlgPortScan->m_ctlTreeResult.GetNextSiblingItem(child))!=NULL)
strReportContent+="- "
+pDlgPortScan->m_ctlTreeResult.GetItemText(child)+"";
strReportContent+="\n";
}
strReportContent+="\n";
}
if(m_bCheckWeakKeyScan){
strReportContent+="
\n";
pDlgWeakKeyScan->m_ctlIP.SetWindowText(strIP);
UpdateData(false);
pDlgWeakKeyScan->SendMessage(WM_COMMAND,IDC_BUTTONStart,0);
strTemp.Format("%d"
,number);
strReportContent+=strTemp;
strReportContent+=".弱密码扫描\n";
number++;
strReportContent+="用户名:"+pDlgWeakKeyScan->m_strUsername+"
";
strReportContent+="密码:"+pDlgWeakKeyScan->m_strResult+"
";
}
if(m_bCheckNetBIOSScan){
strReportContent+="\n
\n";
pDlgNetBIOSScan->m_ctlIP.SetWindowText(strIP);
UpdateData(false);
pDlgNetBIOSScan->SendMessage(WM_COMMAND,0);
strTemp.Format("%d"
,number);
strReportContent+=strTemp;
strReportContent+=".NetBIOS扫描\n";
number++;
root=pDlgNetBIOSScan->m_ctlTreeResult.GetRootItem();
strTemp=pDlgNetBIOSScan->m_ctlTreeResult.GetItemText(root);
strReportContent+="\n"
;
strReportContent+="- "
+strTemp+"\n";
child=pDlgNetBIOSScan->m_ctlTreeResult.GetChildItem(root);
strTemp=pDlgNetBIOSScan->m_ctlTreeResult.GetItemText(child);
strReportContent=="- "
+strTemp+"\n"
;
child=pDlgNetBIOSScan->m_ctlTreeResult.GetNextSiblingItem(child);
strTemp=pDlgNetBIOSScan->m_ctlTreeResult.GetItemText(child);
strReportContent+="- "
+strTemp+"\n";//MAC
childTemp=child=pDlgNetBIOSScan->m_ctlTreeResult.GetNextSiblingItem(child);
strTemp=pDlgNetBIOSScan->m_ctlTreeResult.GetItemText(child);
strReportContent+="- "
+strTemp+"\n";//时间
CString strName[7]={"NetBIOSScanSubShareSub","NetBIOSScanSubGroupSup","NetBIOSScanSubOSSup","NetBIOSScanSubServiceSub",
"NetBIOSScanSubUserSub","NetBIOSScanSubSessionSub","NetBIOSScanSubConnectSub"};
i=0;
while((childTemp=child=pDlgNetBIOSScan->m_ctlTreeResult.GetNextSiblingItem(childTemp))!=NULL){
strTemp=pDlgNetBIOSScan->m_ctlTreeResult.GetItemText(child);
strReportContent+="- +strName[i]+"')\">"+strTemp+"\n";//共享文件夹
child=pDlgNetBIOSScan->m_ctlTreeResult.GetChildItem(child);
strTemp=pDlgNetBIOSScan->m_ctlTreeResult.GetItemText(child);
strReportContent+="
+strName[i]+"\">- "
+strTemp+"
";
i++;
while((child=pDlgNetBIOSScan->m_ctlTreeResult.GetChildItem(child))!=NULL){
strTemp=pDlgNetBIOSScan->m_ctlTreeResult.GetItemText(child);
strReportContent+="- "
+strTemp+"\n";
}
strReportContent+="\n";
}
strReportContent+="";
}
if(m_bCheckSNMPScan){
strReportContent+="\n\n";
}
strReportContent+="\n";
CFile rebortFile("rebort.html",CFile::modeCreate|CFile::modeWrite);
rebortFile.Write(strReportContent,strlen(strReportContent));
rebortFile.Close();
}
BOOL CAllScan::OnInitDialog()
{
CDialog::OnInitDialog();
// TODO: Add extra initialization here
//GetParent()->GetParent()->
m_iRadioReportType=0;
UpdateData(false);
return TRUE; // return TRUE unless you set the focus to a control
// EXCEPTION: OCX Property Pages should return FALSE
}
void CAllScan::OnRADIOHtml()
{
// TODO: Add your control notification handler code here
m_iRadioReportType=0;
}
void CAllScan::OnRADIOTxt()
{
// TODO: Add your control notification handler code here
m_iRadioReportType=1;
}
void CAllScan::OnRADIOXml()
{
// TODO: Add your control notification handler code here
m_iRadioReportType=2;
}