关于查看本机端口信息,可能大多数人都知道在cmd下的netstat 命令,殊不知该命令在底层也是调用相关api来实现的,
相关函数有:
GetTcpTable
GetExtendedTcpTable
GetUdpTable
GetExtendedUdpTable
这些函数就可以获取相关tcp、udp端口以及相关进程的信息。而且这些函数都是从Iphlpapi.dll里导出的。
函数的相关用法可查询msdn在掌握,下面封装一段代码,来枚举每机的所有监听端口
#include "stdafx.h" #include <winsock2.h> #include <ws2tcpip.h> #include <iphlpapi.h> #include <stdio.h> #include <Windows.h> #include <list> #pragma comment(lib, "iphlpapi.lib") #pragma comment(lib, "ws2_32.lib") using namespace std; #define MALLOC(x) HeapAlloc(GetProcessHeap(), 0, (x)) #define FREE(x) HeapFree(GetProcessHeap(), 0, (x)) BOOL GetLocalListeningPort(list<WORD> & listPort); int _tmain(int argc, _TCHAR* argv[]) { list<WORD> portArray; GetLocalListeningPort(portArray); for (list<WORD>::iterator it = portArray.begin(); it != portArray.end(); it++) { WORD port = *it; printf("listenPort:%d ", port); } return 0; } BOOL GetLocalListeningPort(list<WORD> & listPort) { PMIB_TCPTABLE pTcpTable; DWORD dwSize = 0; DWORD dwRetVal = 0; BOOL bRet = FALSE; char szLocalAddr[128]; char szBuf[128] = { 0 }; pTcpTable = (PMIB_TCPTABLE)szBuf; dwSize = 128 * sizeof(char); struct in_addr IpAddr; int i; if ((dwRetVal = GetTcpTable(pTcpTable, &dwSize, TRUE)) == ERROR_INSUFFICIENT_BUFFER) { pTcpTable = (MIB_TCPTABLE *)MALLOC(dwSize); if (pTcpTable == NULL) { printf("Error allocating memory "); return bRet; } } if ((dwRetVal = GetTcpTable(pTcpTable, &dwSize, TRUE)) == NO_ERROR) { printf("Number of entries: %d ", pTcpTable->dwNumEntries); for (i = 0; i < (int)pTcpTable->dwNumEntries; i++) { IpAddr.S_un.S_addr = (u_long)pTcpTable->table[i].dwLocalAddr; strcpy_s(szLocalAddr, sizeof (szLocalAddr), inet_ntoa(IpAddr)); printf("local info: %s:%d ", szLocalAddr, ntohs((u_short)pTcpTable->table[i].dwLocalPort)); printf(" TCP[%d] State: %ld - ", i, pTcpTable->table[i].dwState); switch (pTcpTable->table[i].dwState) { case MIB_TCP_STATE_CLOSED: printf("CLOSED "); break; case MIB_TCP_STATE_LISTEN: listPort.push_back(ntohs((u_short)pTcpTable->table[i].dwLocalPort)); printf("LISTEN "); break; case MIB_TCP_STATE_SYN_SENT: printf("SYN-SENT "); break; case MIB_TCP_STATE_SYN_RCVD: printf("SYN-RECEIVED "); break; case MIB_TCP_STATE_ESTAB: printf("ESTABLISHED "); break; case MIB_TCP_STATE_FIN_WAIT1: printf("FIN-WAIT-1 "); break; case MIB_TCP_STATE_FIN_WAIT2: printf("FIN-WAIT-2 "); break; case MIB_TCP_STATE_CLOSE_WAIT: printf("CLOSE-WAIT "); break; case MIB_TCP_STATE_CLOSING: printf("CLOSING "); break; case MIB_TCP_STATE_LAST_ACK: printf("LAST-ACK "); break; case MIB_TCP_STATE_TIME_WAIT: printf("TIME-WAIT "); break; case MIB_TCP_STATE_DELETE_TCB: printf("DELETE-TCB "); break; default: printf("UNKNOWN dwState value "); break; } } } else { printf("GetTcpTable failed with %d ", dwRetVal); goto EXIT; } bRet = TRUE; EXIT: if (pTcpTable != (PMIB_TCPTABLE)szBuf) { FREE(pTcpTable); pTcpTable = NULL; } return bRet; }
相关链接:
https://msdn.microsoft.com/en-us/library/windows/desktop/aa365930(v=vs.85).aspx
https://msdn.microsoft.com/en-us/library/windows/desktop/aa365928(v=vs.85).aspx
https://msdn.microsoft.com/en-us/library/windows/desktop/aa366026(v=vs.85).aspx
IcmpSendEcho