public bool StartSniffing(LivePcapDevice deviceToSniff)
{
try
{
device = deviceToSniff;
// Open the device for capturing
int readTimeoutMilliseconds = 1000;
//device.StopCaptureTimeout = new TimeSpan(0, 1, 0);
device.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds);
device.SetFilter(GetFilterExpression());
packetQueue = new Queue();
sniffingThread = new Thread(new ThreadStart(SnifferLoop));
sniffingThread.Name = "Sniffing Thread";
sniffingThread.IsBackground = true;
sniffingThread.Start();
decodingThread = new Thread(new ThreadStart(DecoderLoop));
decodingThread.Name = "Decoding Thread";
decodingThread.IsBackground = true;
decodingThread.Start();
Log("Sniffing started");
}
catch (Exception e)
{
Log(e.ToString());
return false;
}
return true;
}
public bool StartSniffing(LivePcapDevice deviceToSniff)
{
try
{
device = deviceToSniff;
// Open the device for capturing
int readTimeoutMilliseconds = 1000;
//device.StopCaptureTimeout = new TimeSpan(0, 1, 0);
device.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds);
device.SetFilter(GetFilterExpression());
packetQueue = new Queue();
sniffingThread = new Thread(new ThreadStart(SnifferLoop));
sniffingThread.Name = "Sniffing Thread";
sniffingThread.IsBackground = true;
sniffingThread.Start();
decodingThread = new Thread(new ThreadStart(DecoderLoop));
decodingThread.Name = "Decoding Thread";
decodingThread.IsBackground = true;
decodingThread.Start();
Log("Sniffing started");
}
catch (Exception e)
{
Log(e.ToString());
return(false);
}
return(true);
}
private void 开始ToolStripMenuItem_Click(object sender, EventArgs e)
{
this.停止ToolStripMenuItem.Enabled = true;
this.开始ToolStripMenuItem.Enabled = false;
//设置状态信息
StringBuilder sb = new StringBuilder();
sb.Append("当前网卡:" + SharpShark.configClass.NICName);
sb.Append(" 当前捕获模式:" + SharpShark.configClass.deviceModeDescription);
sb.Append(" 捕获正在进行……");
this.lblStatus.Text = sb.ToString();
//确定目标设备
device = utility.getLiveDevice();
device.OnPacketArrival += new PacketArrivalEventHandler(device_OnPacketArrival);
int readTimeoutMilliseconds = 1000;
//读取设备模式
device.Open(SharpShark.configClass.deviceMode, readTimeoutMilliseconds);
//设置过滤器
if (this.toolStripCmbFilter.Text != "")
{
device.Filter = this.toolStripCmbFilter.Text.ToString();
}
//设置捕获数据包存储路径
string dumpFilePath = configClass.fileStorePath;
device.DumpOpen(dumpFilePath);
device.StartCapture();
}
private void btnStart_Click(object sender, EventArgs e)
{
device = utility.getLiveDevice();
device.OnPcapStatistics +=
new StatisticsModeEventHandler(device_OnPcapStatistics);
device.Open();
device.Mode = CaptureMode.Statistics;
device.OnPacketArrival += new PacketArrivalEventHandler(arrival);
device.StartCapture();
}
private void btnStart_Click(object sender, EventArgs e)
{
device = utility.getLiveDevice();
device.OnPcapStatistics +=
new StatisticsModeEventHandler(device_OnPcapStatistics);
device.Open();
device.Mode = CaptureMode.Statistics;
device.OnPacketArrival += new PacketArrivalEventHandler(arrival);
device.StartCapture();
}
private void PcapOpen()
{
networkIndex = appSettings.netWork;
device = LivePcapDeviceList.Instance[appSettings.netWork];
// ハンドラ設定
device.OnPacketArrival += OnPacketArrival;
// デバイスオープン
int readTimeoutMilliseconds = 1000;
device.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds);
// キャプチャ開始
device.StartCapture();
}
private void ToggleCaptureLanAdapterButton_Click(object sender, EventArgs e)
{
int index = lanAdapterComboBox.SelectedIndex;
if (index == 0 || index >= lanAdapterComboBox.Items.Count) return;
CurrentPcapDevice = LanAdapterList[index - 1];
//if (CurrentPcapDevice.Started)
if (PacketCapturing)
{
toggleCaptureLanAdapterButton.Enabled = false;
//ThreadPool.QueueUserWorkItem(new WaitCallback(BackgroundStopCapture), CurrentPcapDevice);
PacketCapturing = false;
}
else
{
try
{
lanAdapterComboBox.Enabled = false;
if (!CurrentPcapDevice.Opened)
{
CurrentPcapDevice.Open(DeviceMode.Promiscuous, 1);
//CurrentPcapDevice.OnPacketArrival += new PacketArrivalEventHandler(LanAdapterOnPacketArrival);
}
}
catch (Exception ex)
{
AppendToLogTextBox(ex.ToString());
lanAdapterComboBox.Enabled = true;
return;
}
//CurrentPcapDevice.StartCapture();
PacketCapturing = true;
ThreadPool.QueueUserWorkItem(new WaitCallback(LanAdapterPacketCaptureLoop), CurrentPcapDevice);
toggleCaptureLanAdapterButton.Text = "PSPと通信停止";
}
}
private void StartFilter()
{
m_Device = null;
while (!m_bStop)
{
try
{
LivePcapDeviceList devices = null;
devices = LivePcapDeviceList.Instance;
int i = 0;
/* Scan the list printing every entry */
foreach (LivePcapDevice dev in devices)
{
if (dev.Description.ToString() == m_strNIC)
{
m_Device = devices[i];
break;
}
else
{
i++;
}
}
if (m_Device == null)
{
m_IStatusUpdate.UpdateStatus("Failed to get handle to NIC");
}
else
{
//Open the device for capturing
int readTimeoutMilliseconds = 1000;
m_Device.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds);
//Register our handler function to the 'packet arrival' event
m_Device.OnPacketArrival += new PacketArrivalEventHandler(device_OnPacketArrival);
// udpdump filter to capture only UDP/IP packets
string filter = "udp";
m_Device.SetFilter(filter);
if (m_dtBound != DateTime.MaxValue)
{
m_IStatusUpdate.UpdateStatus("Next update at " + (m_dtBound + m_spanLease).ToString());
}
else
{
m_IStatusUpdate.UpdateStatus("Started DHCP Client...");
}
// Start capture packets
m_Device.Capture();
// NO stop request...
if (!m_bStop)
{
if (m_Device != null)
{
m_Device.Close();
m_Device = null;
}
}
}
}
catch (Exception exc)
{
m_IStatusUpdate.UpdateStatus("Exception: " + exc.Message);
try
{
m_Device.Close();
}
catch (Exception)
{ }
m_Device = null;
}
Thread.Sleep(1000);
}
}
//发送ARP广播,返回192.168局域网中其他计算机的ARP相应数据包
public static ArrayList ARPBroadcast(LivePcapDevice device)
{
ArrayList tmpArrayList = new ArrayList();
PhysicalAddress localMAC = device.Interface.MacAddress;
//这是我们伪造的一个IP
IPAddress srcIP = IPAddress.Parse("192.168.3.3");
String arpFilter = "arp and ether dst " + localMAC.ToString();
//open the device with 20ms timeout
device.Open(DeviceMode.Normal, 20);
device.Filter = arpFilter;
IPAddress destIP;
SharpPcap.ARP tmpArp=new ARP();
//发送65535个数据包耗时30秒,这30秒内到达的数据包由网卡缓存
for (int i = 0; i < 256; i++)
{
for (int j = 0; j < 256; j++)
{
destIP = IPAddress.Parse("192.168." + i.ToString() + "." + j.ToString());
//request是Packet类型
var request = tmpArp.BuildRequest(destIP, localMAC, srcIP);
//发送数据包到网络中
device.SendPacket(request);
}
}
DateTime StartTime = DateTime.Now;
DateTime endTime = StartTime.AddSeconds(5);
PacketDotNet.ARPPacket arpPacket = null;
//接收5秒钟数据包,然后闪人
while (DateTime.Now <= endTime)
{
var reply = device.GetNextPacket();
if (reply == null)
continue;
var packet = PacketDotNet.Packet.ParsePacket(reply);
arpPacket = PacketDotNet.ARPPacket.GetEncapsulated(packet);
if (arpPacket == null)
{
continue;
}
else
{
//exists判断是否ARP回应包存在重复
bool exists = false;
foreach (Object obj in tmpArrayList)
{
ARPPacket tmp=(ARPPacket)obj;
if (arpPacket.SenderHardwareAddress==tmp.SenderHardwareAddress)
{
exists = true;
break;
}
}
if (exists == false)
{
tmpArrayList.Add(arpPacket);
}
}
}
device.Close();
return tmpArrayList;
}
//发送ARP广播,返回192.168局域网中其他计算机的ARP相应数据包
public static ArrayList ARPBroadcast(LivePcapDevice device)
{
ArrayList tmpArrayList = new ArrayList();
PhysicalAddress localMAC = device.Interface.MacAddress;
//这是我们伪造的一个IP
IPAddress srcIP = IPAddress.Parse("192.168.3.3");
String arpFilter = "arp and ether dst " + localMAC.ToString();
//open the device with 20ms timeout
device.Open(DeviceMode.Normal, 20);
device.Filter = arpFilter;
IPAddress destIP;
SharpPcap.ARP tmpArp = new ARP();
//发送65535个数据包耗时30秒,这30秒内到达的数据包由网卡缓存
for (int i = 0; i < 256; i++)
{
for (int j = 0; j < 256; j++)
{
destIP = IPAddress.Parse("192.168." + i.ToString() + "." + j.ToString());
//request是Packet类型
var request = tmpArp.BuildRequest(destIP, localMAC, srcIP);
//发送数据包到网络中
device.SendPacket(request);
}
}
DateTime StartTime = DateTime.Now;
DateTime endTime = StartTime.AddSeconds(5);
PacketDotNet.ARPPacket arpPacket = null;
//接收5秒钟数据包,然后闪人
while (DateTime.Now <= endTime)
{
var reply = device.GetNextPacket();
if (reply == null)
{
continue;
}
var packet = PacketDotNet.Packet.ParsePacket(reply);
arpPacket = PacketDotNet.ARPPacket.GetEncapsulated(packet);
if (arpPacket == null)
{
continue;
}
else
{
//exists判断是否ARP回应包存在重复
bool exists = false;
foreach (Object obj in tmpArrayList)
{
ARPPacket tmp = (ARPPacket)obj;
if (arpPacket.SenderHardwareAddress == tmp.SenderHardwareAddress)
{
exists = true;
break;
}
}
if (exists == false)
{
tmpArrayList.Add(arpPacket);
}
}
}
device.Close();
return(tmpArrayList);
}
private void 开始ToolStripMenuItem_Click(object sender, EventArgs e)
{
this.停止ToolStripMenuItem.Enabled = true;
this.开始ToolStripMenuItem.Enabled = false;
//设置状态信息
StringBuilder sb = new StringBuilder();
sb.Append("当前网卡:" + SharpShark.configClass.NICName);
sb.Append(" 当前捕获模式:" + SharpShark.configClass.deviceModeDescription);
sb.Append(" 捕获正在进行……");
this.lblStatus.Text = sb.ToString();
//确定目标设备
device = utility.getLiveDevice();
device.OnPacketArrival += new PacketArrivalEventHandler(device_OnPacketArrival);
int readTimeoutMilliseconds = 1000;
//读取设备模式
device.Open(SharpShark.configClass.deviceMode, readTimeoutMilliseconds);
//设置过滤器
if (this.toolStripCmbFilter.Text != "")
{
device.Filter = this.toolStripCmbFilter.Text.ToString();
}
//设置捕获数据包存储路径
string dumpFilePath = configClass.fileStorePath;
device.DumpOpen(dumpFilePath);
device.StartCapture();
}