Пример #1
0
        static void Main(string[] args)
        {
            var devices = CaptureDeviceList.Instance;

            device = (WinPcapDevice)devices[0];
            device.Open();

            //Generate a random packet
            Packet bytes      = CreateMalwarePacket();
            string byteString = "";

            byte[] bytesP = bytes.Bytes;
            foreach (byte b in bytesP)
            {
                byteString += Convert.ToString(b, 2);
            }

            Thread t = new Thread(new ParameterizedThreadStart(SendPacket));

            t.Start(bytes);

            while (true)
            {
                Thread.Sleep(1000);
            }

            t.Abort();
            Thread.Sleep(1000);
            device.Close();
            Console.WriteLine("-- Device closed.");
            Console.Write("Hit 'Enter' to exit...");
            Console.ReadLine();
        }
Пример #2
0
        // start listening on a device (combobox index)
        public void StartDevice(int deviceIndex)
        {
            Started = true;

            DeviceInfo = DeviceInfoList[deviceIndex];
            Device     = WinPcapDeviceList.Instance[deviceIndex];

            Sniffer  = new Sniffer(DeviceInfo);
            ARPTools = new ARPTools(DeviceInfo);
            NDTools  = new NDTools(DeviceInfo);
            SSLStrip = new SSLStrip();
            Scanner  = new Scanner(DeviceInfo);

            Sniffer.SnifferResult    += new SnifferResultHandler(sniffer_OnSnifferResult);
            Scanner.ScannerResponse  += new ScannerResponseReceived(scanner_OnResponse);
            Scanner.ScanComplete     += new ScannerEventHandler(scanner_OnScanComplete);
            Scanner.HostnameResolved += new ScannerHostnameResolvedHandler(scanner_HostnameResolved);
            SSLStrip.SSLStripped     += new SSLStripHandler(SSLStrip_OnSSLStripped);

            // open device, set filters & events, start capturing
            Device.Open(DeviceMode.Promiscuous, 1);
            Device.Filter = "(arp || ip || ip6)";

            Device.OnPacketArrival += new PacketArrivalEventHandler(device_OnPacketArrival);
            Device.StartCapture();
        }
Пример #3
0
        private void toolBtn_StartCapture_Click(object sender, EventArgs e)
        {
            if (deviceIndex == -1)
            {
                MessageBox.Show("请选择要拦截封包的网卡!", "错误", MessageBoxButtons.OK, MessageBoxIcon.Error);
                return;
            }
            WinPcapDeviceList device = WinPcapDeviceList.Instance;

            CaptureDevice = device[deviceIndex];

            backgroundThread              = new Thread(BackgroundThread);
            BackgroundThreadStop          = true;
            backgroundThread.IsBackground = true;
            backgroundThread.Name         = "CapturePackets";
            backgroundThread.Start();

            CaptureDevice.Open();
            if (this.filterRules != "")
            {
                CaptureDevice.Filter = this.filterRules;
            }
            else
            {
                CaptureDevice.Filter = "port 8484";
            }
            CaptureDevice.OnPacketArrival += captureDevice_OnPacketArrival;
            CaptureDevice.StartCapture();

            toolBtn_StartCapture.Enabled = false;
            toolBtn_StopCapture.Enabled  = true;
            toolBtn_SetAdapter.Enabled   = false;
        }
Пример #4
0
        /// <summary>
        /// Starts the target manager thread.
        /// </summary>
        public void Start()
        {
            Messages.Trace("starting communications manager");

            // get the packet capture device
            CaptureDeviceList devices = CaptureDeviceList.Instance;

            capDevice = devices[Program.interfaceToUse];
            Messages.Trace("using [" + capDevice.Description + "] for network capture");

            capDevice.OnPacketArrival += capDevice_OnPacketArrival;

            if (capDevice is WinPcapDevice)
            {
                WinPcapDevice winPcap = capDevice as WinPcapDevice;
                winPcap.Open(OpenFlags.Promiscuous | OpenFlags.NoCaptureLocal | OpenFlags.MaxResponsiveness, readTimeoutMilliseconds);
            }
            else if (capDevice is LibPcapLiveDevice)
            {
                LibPcapLiveDevice livePcapDevice = capDevice as LibPcapLiveDevice;
                livePcapDevice.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds);
            }
            else
            {
                throw new InvalidOperationException("unknown device type of " + capDevice.GetType().ToString());
            }

            capDevice.StartCapture();

            // start loop
            runThread = true;
            commMgrThread.Start();
        }
Пример #5
0
        private TcpSynPortScanner(string hostName)
        {
            timeout = 5000;

            localIp   = NetworkUtils.GetLocalHostIP();
            localPort = (ushort)new Random().Next(20000, 50000);

            device = NetworkUtils.GetActiveDevice(localIp);

            localMacAddress = device.Interface.MacAddress;

            destinationIp = NetworkUtils.ResolveHostName(hostName);
            var tryCount = 8;

            while (--tryCount > 0)
            {
                destinationMacAddress = NetworkUtils.GetMacAddress(destinationIp);
                if (!Equals(destinationMacAddress, new PhysicalAddress(new byte[] { 0, 0, 0, 0, 0, 0 })))
                {
                    break;
                }
                Thread.Sleep(500 / tryCount);
            }

            if (destinationMacAddress == null)
            {
                throw new Exception("Destination MAC can't be null");
            }

            device.Open(DeviceMode.Promiscuous, 100);
            ConfigureWinPcapDevice();
        }
Пример #6
0
        public Switch(WinPcapDevice dev1, WinPcapDevice dev2)
        {
            this.dev1 = dev1;
            this.dev2 = dev2;


            dev1.OnPacketArrival += new SharpPcap.PacketArrivalEventHandler(device_OnPacketArrival1);
            ////dev1.Open(DeviceMode.Normal, 1000);
            dev1.Open(OpenFlags.Promiscuous | OpenFlags.NoCaptureLocal, 10);
            dev1.StartCapture();
            dev2.OnPacketArrival += new SharpPcap.PacketArrivalEventHandler(device_OnPacketArrival1);
            ////dev2.Open(DeviceMode.Normal, 1000);
            dev2.Open(OpenFlags.Promiscuous | OpenFlags.NoCaptureLocal, 10);
            dev2.StartCapture();

            Thread t1 = new Thread(() => timer());

            t2 = new Thread(() => sendPacketLLDP(dev1, '1'));
            t3 = new Thread(() => sendPacketLLDP(dev2, '2'));
            t4 = new Thread(() => lldpTime());

            t1.Start();
            t2.Start();
            t3.Start();
            t4.Start();
        }
Пример #7
0
 public void Run(WinPcapDevice device)
 {
     comm = device;
     device.Open(OpenFlags.Promiscuous, 1, null);
     comm.Filter          = ("arp");
     comm.NonBlockingMode = true;
     lDev.Text            = device.Description;
 }
Пример #8
0
 public static void Online()
 {
     device = WinPcapDeviceList.Instance[1];
     device.OnPacketArrival += Device_OnPacketArrival;
     device.Open(DeviceMode.Normal);
     captureFileWriter = new CaptureFileWriterDevice("test.pcap");
     device.StartCapture();
 }
Пример #9
0
 private void start()
 {
     chooseComboBox.Enabled = false;
     startButton.Enabled    = false;
     startToolStrip.Enabled = false;
     stopButton.Enabled     = true;
     stopToolStrip.Enabled  = true;
     dev.OnPacketArrival   += packetArrivalHandler;
     dev.Open(DeviceMode.Promiscuous, 1000);
     dev.StartCapture();
     statusLabel.Text = "共收到0个数据包,总长度0";
 }
Пример #10
0
 private void StartCapture(int itemIndex)
 {
     packetId                   = 0;
     device                     = CaptureDeviceList.Instance[itemIndex] as WinPcapDevice;
     arrivalEventHandler        = new PacketArrivalEventHandler(OnPacketArrival);
     device.OnPacketArrival    += arrivalEventHandler;
     captureStoppedEventHandler = new CaptureStoppedEventHandler(OnCaptureStopped);
     device.OnCaptureStopped   += captureStoppedEventHandler;
     device.Open(OpenFlags.MaxResponsiveness, 1000);
     device.KernelBufferSize = 104857600;
     device.Filter           = "ip and tcp";
     device.StartCapture();
 }
Пример #11
0
        private void backgroundWorker1_DoWork(object sender, DoWorkEventArgs e)
        {
            if (_device == null)
            {
                // Retrieve the device list
                CaptureDeviceList devices = CaptureDeviceList.Instance;

                // If no devices were found print an error
                if (devices.Count < 1)
                {
                    return;
                }

                List <WinPcapDevice> captureDevices =
                    devices.Where(d => d is WinPcapDevice).Cast <WinPcapDevice>().ToList();

                var interfacePicker = new InterfacePicker(captureDevices);
                interfacePicker.ShowDialog();

                if (!interfacePicker.PressedYes)
                {
                    return;
                }
                if (interfacePicker.SelectedDevice == null)
                {
                    return;
                }

                // Print out the available network devices
                _device = interfacePicker.SelectedDevice;

                // Register our handler function to the
                // 'packet arrival' event
                _device.OnPacketArrival +=
                    device_OnPacketArrival;
            }


            UpdateStatus("Recording from " + _device.Interface.FriendlyName);



            // Open the device for capturing
            var readTimeoutMilliseconds = 1000;

            _device.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds);


            // Start the capturing process
            _device.StartCapture();
        }
Пример #12
0
        private void monitor_recv_runtime()
        {
            //Open the device for capturing
            int readTimeoutMilliseconds = 1000;

            selectedWinPcapDevice.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds);

            string filter = $"tcp and host {target_ip}";

            selectedWinPcapDevice.Filter = filter;

            // Capture packets using GetNextPacket()
            while (onListen)
            {
                RawCapture rawCapture = selectedWinPcapDevice.GetNextPacket();
                if (rawCapture == null)
                {
                    continue;
                }

                // use PacketDotNet to parse this packet and print out
                // its high level information
                Packet parsedPacket = Packet.ParsePacket(rawCapture.LinkLayerType, rawCapture.Data);
                if (parsedPacket.HasPayloadPacket)
                {
                    TcpPacket tcp = parsedPacket.Extract <TcpPacket>();
                    if (tcp != null)
                    {
                        if (tcp.HasPayloadData && tcp.PayloadData.Length > 0)
                        {
                            bool isROServerInfoPacket = ragnarokPacket.verifyServerInfo(tcp.PayloadData, tcp.PayloadData.Length);
                            if (isROServerInfoPacket)
                            {
                                onListen = false;
                                handleServerInfo(tcp);
                                mainform.Invoke(mainform.notifyMonitorFinish_Var);
                            }
                        }
                    }
                }

                Console.WriteLine(parsedPacket.ToString());
            }

            selectedWinPcapDevice.Close();
        }
Пример #13
0
        private void StartCapture(object state)
        {
            WinPcapDevice device = (WinPcapDevice)state;

            device.Open(this.promiscuousCheckbox.Checked ? DeviceMode.Promiscuous : DeviceMode.Normal);

            try
            {
                device.Filter = this.FilterTextBox.Text;
            }
            catch (Exception exc)
            {
                MessageBox.Show(string.Format("Failed to set the filter {0}.",
                                              this.FilterTextBox.Text));
                Log.Info(
                    string.Format("Failed to set the filter {0}.", this.FilterTextBox.Text),
                    exc);
            }

            device.StartCapture();
        }
Пример #14
0
        private void getPackets()
        {
            //_device.OnPacketArrival +=
            //    new PacketArrivalEventHandler(device_OnPacketArrival);

            if (openfileFlag == true)
            {
                _device.Open();
                _device_stat.Open();
            }
            else
            {
                if (done == true)
                {
                    try
                    {
                        _device.Close();
                        _device_stat.Close();
                        done = false;
                    }
                    catch (Exception er)
                    {
                        MessageBox.Show(er.Message, "ERROR");
                    }
                }
                // Register our handler function to the 'packet arrival' event
                _device.OnPacketArrival +=
                    new PacketArrivalEventHandler(device_OnPacketArrival);
                _device_stat.OnPcapStatistics += new StatisticsModeEventHandler(device_OnPcapStatistics);
                // Open the device for capturing
                int readTimeoutMilliseconds = 1000;
                //_device_stat.Open();
                //_device_stat.Mode = SharpPcap.WinPcap.CaptureMode.Statistics;
                _device.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds);
            }
            // Start the capturing process
            _device.StartCapture();

            Globals.StartTime = DateTime.Now;
        }
Пример #15
0
        private void scan_transfer_speed(String devicename, String ipadd)
        {
            CaptureDeviceList devices = CaptureDeviceList.New();

            foreach (WinPcapDevice d in devices)
            {
                if (d.Interface.FriendlyName == devicename)
                {
                    _device = d;
                    break;
                }
            }

            if (_device != null)
            {
                _device.OnPcapStatistics += new StatisticsModeEventHandler(update_statistics);
                _device.Open(DeviceMode.Promiscuous, 1000);
                _device.Filter = "(tcp or udp) and host " + ipadd;
                _device.Mode   = CaptureMode.Statistics;
                _device.StartCapture();
            }
        }
Пример #16
0
        public void Execute()
        {
            if (devices == null || devices.Count == 0)
            {
                GuiLogMessage("No device available. Is WinPcap installed?", NotificationLevel.Error);
                return;
            }

            ProgressChanged(0, 1);

            WinPcapDevice dev = devices[settings.Device];

            dev.OnPacketArrival += OnPacketArrival;

            writer = new CStreamWriter();

            dev.Open();
            dev.StartCapture();
            OnPropertyChanged("DataStream");

            ProgressChanged(0.5, 1);
        }
Пример #17
0
        private void Run()
        {
            var settingsFileName = $"{AppDomain.CurrentDomain.FriendlyName}.json";

            _settings = LoadSettings(settingsFileName);

            WinPcapDevice device  = null;
            var           devices = WinPcapDeviceList.Instance.Where(x => x.Addresses.Any(address => address.Addr.sa_family == AF_INET)).ToList();

            if (_settings.DeviceIp.Equals(IPAddress.None))
            {
                var i = 0;
                foreach (var dev in devices)
                {
                    Console.WriteLine($"{i++}) {dev.Interface.FriendlyName} {dev.Description} ({string.Join(", ", dev.Addresses.Where(x => x.Addr.ipAddress != null).Select(x => x.Addr.ipAddress))})");
                }
                i      = int.Parse(Console.ReadLine());
                device = devices[i];
            }
            else
            {
                foreach (var dev in devices)
                {
                    var address = GetIPV4SockAddr(dev);
                    if (address.Addr.ipAddress.Equals(_settings.DeviceIp))
                    {
                        device = dev;
                        Console.WriteLine($"Found device for {address.Addr.ipAddress}!");
                        break;
                    }
                }
                if (device == null)
                {
                    Console.WriteLine($"Couldn't find device with address {_settings.deviceIp}.");
                    return;
                }
            }

            if (device == null)
            {
                Console.WriteLine("Couldn't find specified device");
                return;
            }

            device.OnPacketArrival += device_OnPacketArrival;
            Console.WriteLine($"opening {device.Interface.FriendlyName}");
            device.Open(DeviceMode.Promiscuous, 1000);

            LoadSettings(_settings, device);

            //todo add more commands, packetwatches esp.
            var input = Console.ReadLine();

            while (input != "quit")
            {
                var command = input.Split(" ")[0].ToLower();
                var args    = input.Split(" ").Skip(1).ToArray();
                var rest    = String.Join(" ", args);
                switch (command)
                {
                case "filter":
                    _settings.filter = rest;
                    LoadSettings(_settings, device);
                    break;

                case "load":
                case "reload":
                    var fileName = !string.IsNullOrEmpty(rest) ? rest : settingsFileName;
                    _settings = LoadSettings(fileName);
                    Console.WriteLine($"Settings loaded from {fileName}!");
                    break;

                case "save":
                    SaveSettings(settingsFileName, _settings);
                    Console.WriteLine($"Settings saved to {settingsFileName}!");
                    break;
                }

                if (_settings.autoSave)
                {
                    SaveSettings(settingsFileName, _settings);
                }

                input = Console.ReadLine();
            }
        }