public bool StartSniffing(LivePcapDevice deviceToSniff) { try { device = deviceToSniff; // Open the device for capturing int readTimeoutMilliseconds = 1000; //device.StopCaptureTimeout = new TimeSpan(0, 1, 0); device.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds); device.SetFilter(GetFilterExpression()); packetQueue = new Queue(); sniffingThread = new Thread(new ThreadStart(SnifferLoop)); sniffingThread.Name = "Sniffing Thread"; sniffingThread.IsBackground = true; sniffingThread.Start(); decodingThread = new Thread(new ThreadStart(DecoderLoop)); decodingThread.Name = "Decoding Thread"; decodingThread.IsBackground = true; decodingThread.Start(); Log("Sniffing started"); } catch (Exception e) { Log(e.ToString()); return false; } return true; }
public bool StartSniffing(LivePcapDevice deviceToSniff) { try { device = deviceToSniff; // Open the device for capturing int readTimeoutMilliseconds = 1000; //device.StopCaptureTimeout = new TimeSpan(0, 1, 0); device.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds); device.SetFilter(GetFilterExpression()); packetQueue = new Queue(); sniffingThread = new Thread(new ThreadStart(SnifferLoop)); sniffingThread.Name = "Sniffing Thread"; sniffingThread.IsBackground = true; sniffingThread.Start(); decodingThread = new Thread(new ThreadStart(DecoderLoop)); decodingThread.Name = "Decoding Thread"; decodingThread.IsBackground = true; decodingThread.Start(); Log("Sniffing started"); } catch (Exception e) { Log(e.ToString()); return(false); } return(true); }
public string[] ProvideDeviceNames() { // Print SharpPcap version string ver = SharpPcap.Version.VersionString; Console.WriteLine("SharpPcap {0}, Example1.IfList.cs", ver); // Retrieve the device list LivePcapDeviceList devices = LivePcapDeviceList.Instance; LivePcapDevice device = null; // If no devices were found print an error if (devices.Count < 1) { //Console.WriteLine("No devices were found on this machine"); return(null); } devc = new string[150]; // Print out the available network devices int i = 0; foreach (LivePcapDevice dev in devices) { devc[i] = dev.Description; i += 1; /////////////////////Console.WriteLine("{0}\n", dev.ToString()); } return(devc); }
//配置文件不存在时,重新创建一个。默认网卡名称为找到的第一个网卡的名称 //默认路径为 C:\\SharpSharkDump public static void reCreateConfigFile() { var devices = LivePcapDeviceList.Instance; if (devices.Count < 1) { MessageBox.Show("未发现活动网卡,请检查网卡是否启用"); return; } LivePcapDevice device = devices[0];//获取第一个取得的网卡 XmlTextWriter writer = new XmlTextWriter(configFilePath, null); writer.Formatting = Formatting.Indented; //写入根元素 writer.WriteStartElement("SharpSharkConfig"); //加入子元素 writer.WriteElementString("NICName", device.Interface.FriendlyName); writer.WriteElementString("fileStorePath", "C:\\SharpSharkDump.dmp"); writer.WriteElementString("deviceModeString", "Normal"); //关闭根元素,并书写结束标签 writer.WriteEndElement(); //将XML写入文件并且关闭XmlTextWriter writer.Close(); }
private void 开始ToolStripMenuItem_Click(object sender, EventArgs e) { this.停止ToolStripMenuItem.Enabled = true; this.开始ToolStripMenuItem.Enabled = false; //设置状态信息 StringBuilder sb = new StringBuilder(); sb.Append("当前网卡:" + SharpShark.configClass.NICName); sb.Append(" 当前捕获模式:" + SharpShark.configClass.deviceModeDescription); sb.Append(" 捕获正在进行……"); this.lblStatus.Text = sb.ToString(); //确定目标设备 device = utility.getLiveDevice(); device.OnPacketArrival += new PacketArrivalEventHandler(device_OnPacketArrival); int readTimeoutMilliseconds = 1000; //读取设备模式 device.Open(SharpShark.configClass.deviceMode, readTimeoutMilliseconds); //设置过滤器 if (this.toolStripCmbFilter.Text != "") { device.Filter = this.toolStripCmbFilter.Text.ToString(); } //设置捕获数据包存储路径 string dumpFilePath = configClass.fileStorePath; device.DumpOpen(dumpFilePath); device.StartCapture(); }
public PacketSniffer(LogDelegate logDelegate) { Log = logDelegate; aborting = false; device = null; packetLock = new object(); packetAvailiable = new AutoResetEvent(false); disposed = false; }
private void btnStart_Click(object sender, EventArgs e) { device = utility.getLiveDevice(); device.OnPcapStatistics += new StatisticsModeEventHandler(device_OnPcapStatistics); device.Open(); device.Mode = CaptureMode.Statistics; device.OnPacketArrival += new PacketArrivalEventHandler(arrival); device.StartCapture(); }
// Return the first IPv4 address found for the device private PcapAddress GetIPV4Sockddr(LivePcapDevice device) { foreach (PcapAddress address in device.Addresses) { if (address.Addr.sa_family == AF_INET) { return(address); } } return(null); }
private void PcapOpen() { networkIndex = appSettings.netWork; device = LivePcapDeviceList.Instance[appSettings.netWork]; // ハンドラ設定 device.OnPacketArrival += OnPacketArrival; // デバイスオープン int readTimeoutMilliseconds = 1000; device.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds); // キャプチャ開始 device.StartCapture(); }
public void Connect(IStatusUpdate IStatusUpdate) { m_State = DHCPState.INIT; m_bStop = false; m_IStatusUpdate = IStatusUpdate; m_Instance = this; m_Device = null; m_dtBound = DateTime.MaxValue; m_FilterThread = new Thread(new ThreadStart(StartFilter)); m_FilterThread.Start(); m_TimerThread = new Thread(new ThreadStart(TimerHandler)); m_TimerThread.Start(); }
/// <summary> /// 获取用户选择的或者默认的LivePcapDevice /// </summary> /// <returns></returns> internal static LivePcapDevice getLiveDevice() { var devices = LivePcapDeviceList.Instance; LivePcapDevice device = null; if (devices.Count < 1) { MessageBox.Show("未发现活动网卡,请检查网卡是否启用"); } int index = 0; for (int i = 0; i < devices.Count; i++) { if (devices[i].Interface.FriendlyName == configClass.NICName) { index = i; break; } } device = devices[index]; return(device); }
//发送ARP广播,返回192.168局域网中其他计算机的ARP相应数据包 public static ArrayList ARPBroadcast(LivePcapDevice device) { ArrayList tmpArrayList = new ArrayList(); PhysicalAddress localMAC = device.Interface.MacAddress; //这是我们伪造的一个IP IPAddress srcIP = IPAddress.Parse("192.168.3.3"); String arpFilter = "arp and ether dst " + localMAC.ToString(); //open the device with 20ms timeout device.Open(DeviceMode.Normal, 20); device.Filter = arpFilter; IPAddress destIP; SharpPcap.ARP tmpArp=new ARP(); //发送65535个数据包耗时30秒,这30秒内到达的数据包由网卡缓存 for (int i = 0; i < 256; i++) { for (int j = 0; j < 256; j++) { destIP = IPAddress.Parse("192.168." + i.ToString() + "." + j.ToString()); //request是Packet类型 var request = tmpArp.BuildRequest(destIP, localMAC, srcIP); //发送数据包到网络中 device.SendPacket(request); } } DateTime StartTime = DateTime.Now; DateTime endTime = StartTime.AddSeconds(5); PacketDotNet.ARPPacket arpPacket = null; //接收5秒钟数据包,然后闪人 while (DateTime.Now <= endTime) { var reply = device.GetNextPacket(); if (reply == null) continue; var packet = PacketDotNet.Packet.ParsePacket(reply); arpPacket = PacketDotNet.ARPPacket.GetEncapsulated(packet); if (arpPacket == null) { continue; } else { //exists判断是否ARP回应包存在重复 bool exists = false; foreach (Object obj in tmpArrayList) { ARPPacket tmp=(ARPPacket)obj; if (arpPacket.SenderHardwareAddress==tmp.SenderHardwareAddress) { exists = true; break; } } if (exists == false) { tmpArrayList.Add(arpPacket); } } } device.Close(); return tmpArrayList; }
private void cbInterface_SelectedIndexChanged(object sender, EventArgs e) { device = LivePcapDeviceList.Instance[cbInterface.SelectedIndex]; }
private void ToggleCaptureLanAdapterButton_Click(object sender, EventArgs e) { int index = lanAdapterComboBox.SelectedIndex; if (index == 0 || index >= lanAdapterComboBox.Items.Count) return; CurrentPcapDevice = LanAdapterList[index - 1]; //if (CurrentPcapDevice.Started) if (PacketCapturing) { toggleCaptureLanAdapterButton.Enabled = false; //ThreadPool.QueueUserWorkItem(new WaitCallback(BackgroundStopCapture), CurrentPcapDevice); PacketCapturing = false; } else { try { lanAdapterComboBox.Enabled = false; if (!CurrentPcapDevice.Opened) { CurrentPcapDevice.Open(DeviceMode.Promiscuous, 1); //CurrentPcapDevice.OnPacketArrival += new PacketArrivalEventHandler(LanAdapterOnPacketArrival); } } catch (Exception ex) { AppendToLogTextBox(ex.ToString()); lanAdapterComboBox.Enabled = true; return; } //CurrentPcapDevice.StartCapture(); PacketCapturing = true; ThreadPool.QueueUserWorkItem(new WaitCallback(LanAdapterPacketCaptureLoop), CurrentPcapDevice); toggleCaptureLanAdapterButton.Text = "PSPと通信停止"; } }
public bool Start() { try { LivePcapDeviceList devices = LivePcapDeviceList.Instance; foreach (LivePcapDevice device in devices) { if (device.Name != sSelfAddress) continue; device.OnPacketArrival += new PacketArrivalEventHandler(MyPcapCapture); if (!(device.Opened)) device.Open(); curDevice = device; device.Mode = CaptureMode.Packets; device.NonBlockingMode = true; device.Filter = "tcp"; device.StartCapture(); stState = States.Started; } return true; } catch { return false; } }
// Return the first IPv4 address found for the device private PcapAddress GetIPV4Sockddr(LivePcapDevice device) { foreach (PcapAddress address in device.Addresses) { if (address.Addr.sa_family == AF_INET) { return address; } } return null; }
//发送ARP广播,返回192.168局域网中其他计算机的ARP相应数据包 public static ArrayList ARPBroadcast(LivePcapDevice device) { ArrayList tmpArrayList = new ArrayList(); PhysicalAddress localMAC = device.Interface.MacAddress; //这是我们伪造的一个IP IPAddress srcIP = IPAddress.Parse("192.168.3.3"); String arpFilter = "arp and ether dst " + localMAC.ToString(); //open the device with 20ms timeout device.Open(DeviceMode.Normal, 20); device.Filter = arpFilter; IPAddress destIP; SharpPcap.ARP tmpArp = new ARP(); //发送65535个数据包耗时30秒,这30秒内到达的数据包由网卡缓存 for (int i = 0; i < 256; i++) { for (int j = 0; j < 256; j++) { destIP = IPAddress.Parse("192.168." + i.ToString() + "." + j.ToString()); //request是Packet类型 var request = tmpArp.BuildRequest(destIP, localMAC, srcIP); //发送数据包到网络中 device.SendPacket(request); } } DateTime StartTime = DateTime.Now; DateTime endTime = StartTime.AddSeconds(5); PacketDotNet.ARPPacket arpPacket = null; //接收5秒钟数据包,然后闪人 while (DateTime.Now <= endTime) { var reply = device.GetNextPacket(); if (reply == null) { continue; } var packet = PacketDotNet.Packet.ParsePacket(reply); arpPacket = PacketDotNet.ARPPacket.GetEncapsulated(packet); if (arpPacket == null) { continue; } else { //exists判断是否ARP回应包存在重复 bool exists = false; foreach (Object obj in tmpArrayList) { ARPPacket tmp = (ARPPacket)obj; if (arpPacket.SenderHardwareAddress == tmp.SenderHardwareAddress) { exists = true; break; } } if (exists == false) { tmpArrayList.Add(arpPacket); } } } device.Close(); return(tmpArrayList); }
private void StartFilter() { m_Device = null; while (!m_bStop) { try { LivePcapDeviceList devices = null; devices = LivePcapDeviceList.Instance; int i = 0; /* Scan the list printing every entry */ foreach (LivePcapDevice dev in devices) { if (dev.Description.ToString() == m_strNIC) { m_Device = devices[i]; break; } else { i++; } } if (m_Device == null) { m_IStatusUpdate.UpdateStatus("Failed to get handle to NIC"); } else { //Open the device for capturing int readTimeoutMilliseconds = 1000; m_Device.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds); //Register our handler function to the 'packet arrival' event m_Device.OnPacketArrival += new PacketArrivalEventHandler(device_OnPacketArrival); // udpdump filter to capture only UDP/IP packets string filter = "udp"; m_Device.SetFilter(filter); if (m_dtBound != DateTime.MaxValue) { m_IStatusUpdate.UpdateStatus("Next update at " + (m_dtBound + m_spanLease).ToString()); } else { m_IStatusUpdate.UpdateStatus("Started DHCP Client..."); } // Start capture packets m_Device.Capture(); // NO stop request... if (!m_bStop) { if (m_Device != null) { m_Device.Close(); m_Device = null; } } } } catch (Exception exc) { m_IStatusUpdate.UpdateStatus("Exception: " + exc.Message); try { m_Device.Close(); } catch (Exception) { } m_Device = null; } Thread.Sleep(1000); } }