5
回答
JPCAP:使用Java来sniffer网络数据包
华为云4核8G,高性能云服务器,免费试用   

前几天在CSDN社区上看到有人提到用JPCAP可以实现Java抓包的功能,也就是sniffer的功能,很是激动,就下载了一个。发现网上到处流传的那个版本无法使用,就自己实验了一下,把我的例子给贴出来共享一下。

我这个例子只用了基本的功能,由于我发现JPCAP本身带的例子选择网络接口卡时有问题,前面一大部分是选择用本机的哪个网络接口卡来抓包, 在Windows 2000下调试通过,可以通过修改相应的端口号抓到关注的某种应用层协议的包,也可以把相应的注释打开看到Raw Packet, 并把抓到的包的内容同时显示在控制台上和保存在capture.txt 文件里,每次抓包的结果用“****”号作了分割。呵呵,发现这是进行网络实验很好的素材。

JPCAP可以从http://www.sf.net/projects/jpcap上下载,在不同操作系统平台上上运行需要本地库支持,即Windows下需要安装WinPCAP(到http://www.winpcap.org下载),Linux下需要libcap。

编译和运行下面程序的批处理文件run.bat内容

javac -cp lib\jpcap.jar;. CapturePacketTest.java
java -Djava.library.path=lib -cp lib\jpcap.jar;. CapturePacketTest

下面是测试程序:

// CapturePacketTest.java

import net.sourceforge.jpcap.capture.*;
import net.sourceforge.jpcap.net.*;
import java.util.*;
import java.io.*; 

public class CapturePacketTest implements RawPacketListener,PacketListener{
    //public Vector<String> CaptureVec = new Vector<String>();
    public static FileOutputStream  fos = null;
   
    public static void main(String[] args)throws Exception{
              // Print copyright info
              System.out.println();
              System.out.println("Capture Ethernet packet Ver 0.01, author yanqlv(maomao).");
              System.out.println("Copyright (c) 2005 yanqlv of Luoyang Normal College, all Rights Reserved.");
              System.out.println();
       
        // Determin which capture device to use      

        PacketCapture pcap = new PacketCapture();
        String defaultDevice = pcap.findDevice();
        StringTokenizer st1 = new StringTokenizer(defaultDevice,"\n");
        String defaultDeviceStr = st1.nextToken();

        int default_num = 1;       
       
        String[] capDevices = pcap.lookupDevices();
        int capdevice_num = capDevices.length;
        System.out.println("There "+ (capdevice_num>1?"are":"is") + " "+ capdevice_num +" device"+(capdevice_num>1?"s":"")+" found!");
        System.out.println("*****************************************************************************");

        for (int i=0; i<capdevice_num; i++){
            //System.out.println("*****capture device["+ i +"]="+capDevices[i]);
            StringTokenizer st = new StringTokenizer(capDevices[i],"\n");
            String capStr = st.nextToken();
            String capDesc = st.nextToken();
            if( defaultDeviceStr.equals(capStr) ) default_num = i+1;
            System.out.println( "[" + (i+1) + "] " + capStr + "\n(" + capDesc + ")");

        }
        System.out.println("*****************************************************************************");
     
        System.out.println("(default to use "+ default_num +")");       
      
        int selectn = 1;
        if(capdevice_num > 1 ){
            System.out.print("Please select [");
            for(int i=0; i<capdevice_num;i++) {
                System.out.print(i+1);
                if(i!=capdevice_num-1) System.out.print(" or ");
            }
            System.out.print("]:");          
            String readstr = new DataInputStream(System.in).readLine();
            selectn = Integer.parseInt( new String( readstr ) );
        }

        //System.out.println("selectn="+selectn);
        // Want to save capture result to file
        fos = new FileOutputStream("capture.txt"); 

        // Begin capture
        pcap.open( (new StringTokenizer(capDevices[selectn-1],"\n")).nextToken(),true );               
        CapturePacketTest t1= new CapturePacketTest();
        pcap.addRawPacketListener(t1);
        pcap.addPacketListener(t1);
        pcap.capture(-1);
    }
    public void rawPacketArrived(RawPacket rawPacket){
        //System.out.println("rawPacket="+rawPacket);
    }

    public void packetArrived(Packet packet) {
        try{
            if( packet instanceof TCPPacket){
                TCPPacket tcppacket = ((TCPPacket)packet);
                //System.out.println("Packet="+packet);
                //System.out.println("window size="+tcppacket.getWindowSize());
                //System.out.println("Packet="+((TCPPacket)packet).toColoredVerboseString(true));

                //if( tcppacket.getDestinationPort()==110 || tcppacket.getSourcePort() ==110) // pop3
                if( tcppacket.getDestinationPort()==80 || tcppacket.getSourcePort() ==80){ // http
                    String captureStr = new String( tcppacket.getTCPData() );
                    System.out.println( ">>"+ captureStr);
                    fos.write(tcppacket.getTCPData());
                    fos.write(new String("**********************************************************\n").getBytes());
                    //fos.close();
                    //CaptureVec.addElement(captureStr);
                }
            }
        }catch(Exception ioe){
            System.out.println("Exception ocurred:"+ioe);
        }
    }
}
JPCAP也提供了生成网络数据包的功能,正在探索中,有时间想做个能发Magic Packet网卡远程唤醒主机的程序,等完成后再贴上来大家共享。
举报
红薯
发帖于10年前 5回/3K+阅
顶部