private void Start()
{
if (listeningToPorts.Count <= 0)
{
return;
}
try
{
if (devices == null)
{
devices = NpcapDeviceList.New();
}
}
catch (DllNotFoundException)
{
throw new Exception("WinPCap is NOT installed! Please install it. Please. Do it.");
}
var ports = GetStringPorts();
Debug.WriteLine("Starting listener id:" + myId + " on ports:" + ports + " ...");
foreach (NpcapDevice dev in devices)
{
dev.Open(DeviceMode.Normal, 1000);
dev.Mode = CaptureMode.Statistics;
dev.Filter = GetPortsFilter();
dev.OnPcapStatistics += OnPcapStatistics;
dev.StartCapture();
}
Debug.WriteLine("Started listener id:" + myId + " on ports:" + ports);
hasStarted = true;
}
public void NpcapDeviceListNullAuthTest()
{
using (new RemotePcapServer(NullAuthArgs))
{
var auth = new RemoteAuthentication(AuthenticationTypes.Null, null, null);
CollectionAssert.IsNotEmpty(NpcapDeviceList.Devices(IPAddress.Loopback, 2002, auth));
CollectionAssert.IsNotEmpty(NpcapDeviceList.Devices(IPAddress.Loopback, 2002, null));
}
}
public IpSnifferWinPcap(string filter)
{
_filter = filter;
BufferSize = 1 << 24;
_devices = NpcapDeviceList.New();
//BasicTeraData.LogError(string.Join("\r\n",_devices.Select(x=>x.Description)),true,true);
//check for winpcap installed if not - exception to fallback to rawsockets
_devices = null;
}
static void Main(string[] args)
{
args = new string[] { "192.169.127.4" };
if ((args.Length < 1) || (args.Length > 2))
{
PrintUsage("NpcapRemoteCapture");
return;
}
// 通过运行'rpcapd.exe文件'在远程服务器上。默认情况下,服务器使用端口2003
// ensure that a remote capture daemon has been started by running 'rpcapd.exe' on the remote server. By default port 2003 is used for the server
var ipAddress = System.Net.IPAddress.Parse(args[0]);
var port = rpcapDefaultPort;
if (args.Length == 2)
{
port = Int32.Parse(args[1]);
}
var remoteDevices = NpcapDeviceList.Devices(ipAddress, port, null);
foreach (var dev in remoteDevices)
{
Console.WriteLine("device: {0}", dev.ToString());
}
// open the device for capture
var device = remoteDevices[4];
device.OnPacketArrival += new SharpPcap.PacketArrivalEventHandler(dev_OnPacketArrival);
device.Open(0, 500, null);
Console.WriteLine();
Console.WriteLine("-- Listening on {0}, hit 'Enter' to stop...",
device.Description);
// Start the capturing process
device.StartCapture();
// Wait for 'Enter' from the user.
Console.ReadLine();
// Stop the capturing process
device.StopCapture();
Console.WriteLine("-- Capture stopped.");
// Print out the device statistics
Console.WriteLine(device.Statistics.ToString());
// Close the pcap device
device.Close();
}
public void PwdAuthTest()
{
try
{
if (!TestUser.Create())
{
Assert.Inconclusive("Please rerun the test as administrator.");
}
var goodCred = new RemoteAuthentication(AuthenticationTypes.Password, TestUser.Username, TestUser.Password);
var badCred = new RemoteAuthentication(AuthenticationTypes.Password, "foo", "bar");
using (new RemotePcapServer(PwdAuthArgs))
{
var pcapIfs = PcapInterface.GetAllPcapInterfaces("rpcap://localhost/", goodCred);
var npcapDevices = NpcapDeviceList.Devices(IPAddress.Loopback, NpcapDeviceList.RpcapdDefaultPort, goodCred);
CollectionAssert.IsNotEmpty(npcapDevices);
var devices = new PcapDevice[] {
// using NpcapDevice
npcapDevices[0],
// using rpcap with LibPcapLiveDevice should be possible
new LibPcapLiveDevice(pcapIfs[0])
};
foreach (var device in devices)
{
// repassing the auth to Open() should be optional
device.Open();
Assert.IsTrue(device.Opened);
device.Close();
}
Assert.Throws <PcapException>(
() => npcapDevices[0].Open(OpenFlags.NoCaptureRemote, 1, badCred),
"Credentials provided to Open() method takes precedence"
);
Assert.Throws <PcapException>(
() => PcapInterface.GetAllPcapInterfaces("rpcap://localhost/", badCred)
);
}
}
finally
{
TestUser.Delete();
}
}
public void RemoteTest()
{
var noAuthenticationParameter = "-n";
var exe1 = "c:\\Program Files (x86)\\WinPcap\\rpcapd.exe";
var exe2 = "c:\\Program Files\\WinPcap\\rpcapd.exe";
Process p;
try
{
p = System.Diagnostics.Process.Start(exe1, noAuthenticationParameter);
}
catch (Exception)
{
try
{
p = System.Diagnostics.Process.Start(exe2, noAuthenticationParameter);
}
catch (Exception)
{
throw;
}
}
if (p == null)
{
throw new Exception("unable to start process");
}
// wait until the process has started up
System.Threading.Thread.Sleep(500);
// retrieve the device list
var defaultPort = NpcapDeviceList.RpcapdDefaultPort;
var deviceList = NpcapDeviceList.Devices(System.Net.IPAddress.Loopback, defaultPort, null);
foreach (var d in deviceList)
{
Console.WriteLine(d.ToString());
}
System.Threading.Thread.Sleep(2000);
p.Kill();
}
/*
* get list of all device interfaces on machine, iterate through list and check for wifi/ethernet connectivity
* collect packets for 00:01:30, print to console.
*/
private static void Sniffer()
{
NpcapDeviceList devices = NpcapDeviceList.Instance;
NpcapDevice activeDevice = null;
foreach (NpcapDevice currentDevice in devices)
{
IsDeviceActive(currentDevice);
if ((isDeviceActive && ((currentDevice.ToString().Contains("FriendlyName: Wi-Fi")) || (currentDevice.ToString().Contains("FriendlyName: Ethernet")))))
{
activeDevice = currentDevice;
break;
}
}
foreach (PcapAddress ipaddress in activeDevice.Addresses)
{
if (ipaddress.Addr != null && ipaddress.Addr.ipAddress != null)
{
if (ipaddress.Addr.ipAddress.ToString().Contains("192.168"))
{
currentDeviceLocalIp = ipaddress.Addr.ipAddress;
break;
}
}
}
activeDevice.OnPacketArrival += new SharpPcap.PacketArrivalEventHandler(PacketHandler);
Console.WriteLine(string.Format("{0}\n", activeDevice));
Console.WriteLine("Initiating Packet Capture...");
activeDevice.Open(DeviceMode.Promiscuous, 1000);
activeDevice.Filter = "ip and tcp";
activeDevice.StartCapture();
Thread.Sleep(90000);
activeDevice.StopCapture();
activeDevice.Close();
Console.WriteLine("...Packet Capture complete.");
Console.WriteLine("==============================================\n\n\n");
}
private void Start()
{
Debug.Assert(_devices == null);
_devices = NpcapDeviceList.New();
var interestingDevices = _devices.Where(IsInteresting);
foreach (var device in interestingDevices)
{
device.OnPacketArrival += device_OnPacketArrival;
try
{
device.Open(DeviceMode.Normal, 100);
}
catch (Exception)
{
//Logger.Warn($"Failed to open device {device.Name}. {e.Message}");
continue;
}
device.Filter = _filter;
if (BufferSize != null)
{
try
{
device.KernelBufferSize = (uint)BufferSize.Value;
}
catch (Exception)
{
//Logger.Warn(
// $"Failed to set KernelBufferSize to {BufferSize.Value} on {device.Name}. {e.Message}");
}
}
device.StartCapture();
Debug.WriteLine("winpcap capture");
}
}
