C# (CSharp) BasicFormats PacketCaptureImport 예제들

예제 #1

        private static Session[] _DumpTCPTraffic(Dictionary <string, TCPStream> dictTCP)
        {
            List <Session> list = new List <Session>();

            foreach (KeyValuePair <string, TCPStream> current in dictTCP)
            {
                TCPStream value    = current.Value;
                TCPStream tcpsPeer = current.Value.tcpsPeer;
                if (tcpsPeer == null || tcpsPeer.IsServer)
                {
                    TCPStreamContent tCPStreamContent = current.Value.ctContentType & ~(TCPStreamContent.Client | TCPStreamContent.Server);
                    if (tCPStreamContent != TCPStreamContent.HTTP)
                    {
                        if (tCPStreamContent == TCPStreamContent.SSLTLS)
                        {
                            list.AddRange(PacketCaptureImport.GetHTTPSHandshakeFromStreams(value, tcpsPeer));
                        }
                    }
                    else
                    {
                        list.AddRange(PacketCaptureImport.GetSessionsFromStreams(value, tcpsPeer));
                    }
                }
            }
            list.Sort((Session a, Session b) => a.Timers.ClientBeginRequest.CompareTo(b.Timers.ClientBeginRequest));
            foreach (Session current2 in list)
            {
                current2.state = (SessionStates)11;
            }
            return(list.ToArray());
        }

예제 #2

 private Session[] GetSessionsFromPackets(ref PacketCaptureImport.PacketCounts pcCounts, Dictionary <string, TCPStream> dictTCPConns)
 {
     //FiddlerApplication.get_Log().LogFormat("PACKET COUNTER\n\n{0}\n", new object[]
     //{
     //    pcCounts
     //});
     if (pcCounts.IPv4 + pcCounts.IPv6 < 1u)
     {
         string text = "No IPv4 or IPv6 traffic was found in this capture.";
         if (this.loadedFileType == PacketCaptureImport.FileType.CAP)
         {
             text += "\n\nIf this capture was collected using Message Analyzer, please instead use its 'Link Local' capture mode instead of 'Firewall' mode.";
         }
         if (!PacketCaptureImport.bSilent)
         {
             Console.WriteLine(String.Format(text, "No traffic found"));
         }
         return(null);
     }
     if (PacketCaptureImport.evtOnProgress != null)
     {
         ProgressCallbackEventArgs progressCallbackEventArgs = new ProgressCallbackEventArgs(0.4f, "Finished processing raw packets...");
         PacketCaptureImport.evtOnProgress(null, progressCallbackEventArgs);
         if (progressCallbackEventArgs.Cancel == true)
         {
             return(null);
         }
     }
     PacketCaptureImport._PairTCPStreams(dictTCPConns);
     if (PacketCaptureImport.evtOnProgress != null)
     {
         ProgressCallbackEventArgs progressCallbackEventArgs2 = new ProgressCallbackEventArgs(0.6f, "Finished assembling streams...");
         PacketCaptureImport.evtOnProgress(null, progressCallbackEventArgs2);
         if (progressCallbackEventArgs2.Cancel == true)
         {
             return(null);
         }
     }
     return(PacketCaptureImport._DumpTCPTraffic(dictTCPConns));
 }