yanqlv
前几天在CSDN社区上看到有人提到用JPCAP可以实现Java抓包的功能,也就是sniffer的功能,很是激动,就下载了一个。发现网上到处流传的那个版本无法使用,就自己实验了一下,把我的例子给贴出来共享一下。
我这个例子只用了基本的功能,由于我发现JPCAP本身带的例子选择网络接口卡时有问题,前面一大部分是选择用本机的哪个网络接口卡来抓包, 在Windows 2000下调试通过,可以通过修改相应的端口号抓到关注的某种应用层协议的包,也可以把相应的注释打开看到Raw Packet, 并把抓到的包的内容同时显示在控制台上和保存在capture.txt 文件里,每次抓包的结果用“****”号作了分割。呵呵,发现这是进行网络实验很好的素材。
JPCAP可以从http://www.sf.net/projects/jpcap上下载,在不同操作系统平台上上运行需要本地库支持,即Windows下需要安装WinPCAP(到http://www.winpcap.org下载),Linux下需要libcap。
编译和运行下面程序的批处理文件run.bat内容
javac -cp lib/jpcap.jar;. CapturePacketTest.java
java -Djava.library.path=lib -cp lib/jpcap.jar;. CapturePacketTest
下面是测试程序:
// CapturePacketTest.java
import net.sourceforge.jpcap.capture.*;
import net.sourceforge.jpcap.net.*;
import java.util.*;
import java.io.*;
public class CapturePacketTest implements RawPacketListener,PacketListener{
//public Vector<String> CaptureVec = new Vector<String>();
public static FileOutputStream fos = null;
public static void main(String[] args)throws Exception{
// Print copyright info
System.out.println();
System.out.println("Capture Ethernet packet Ver 0.01, author yanqlv(maomao).");
System.out.println("Copyright (c) 2005 yanqlv of Luoyang Normal College, all Rights Reserved.");
System.out.println();
// Determin which capture device to use
PacketCapture pcap = new PacketCapture();
String defaultDevice = pcap.findDevice();
StringTokenizer st1 = new StringTokenizer(defaultDevice,"/n");
String defaultDeviceStr = st1.nextToken();
int default_num = 1;
String[] capDevices = pcap.lookupDevices();
int capdevice_num = capDevices.length;
System.out.println("There "+ (capdevice_num>1?"are":"is") + " "+ capdevice_num +" device"+(capdevice_num>1?"s":"")+" found!");
System.out.println("*****************************************************************************");
for (int i=0; i<capdevice_num; i++){
//System.out.println("*****capture device["+ i +"]="+capDevices[i]);
StringTokenizer st = new StringTokenizer(capDevices[i],"/n");
String capStr = st.nextToken();
String capDesc = st.nextToken();
if( defaultDeviceStr.equals(capStr) ) default_num = i+1;
System.out.println( "[" + (i+1) + "] " + capStr + "/n(" + capDesc + ")");
}
System.out.println("*****************************************************************************");
System.out.println("(default to use "+ default_num +")");
int selectn = 1;
if(capdevice_num > 1 ){
System.out.print("Please select [");
for(int i=0; i<capdevice_num;i++) {
System.out.print(i+1);
if(i!=capdevice_num-1) System.out.print(" or ");
}
System.out.print("]:");
String readstr = new DataInputStream(System.in).readLine();
selectn = Integer.parseInt( new String( readstr ) );
}
//System.out.println("selectn="+selectn);
// Want to save capture result to file
fos = new FileOutputStream("capture.txt");
// Begin capture
pcap.open( (new StringTokenizer(capDevices[selectn-1],"/n")).nextToken(),true );
CapturePacketTest t1= new CapturePacketTest();
pcap.addRawPacketListener(t1);
pcap.addPacketListener(t1);
pcap.capture(-1);
}
public void rawPacketArrived(RawPacket rawPacket){
//System.out.println("rawPacket="+rawPacket);
}
public void packetArrived(Packet packet) {
try{
if( packet instanceof TCPPacket){
TCPPacket tcppacket = ((TCPPacket)packet);
//System.out.println("Packet="+packet);
//System.out.println("window size="+tcppacket.getWindowSize());
//System.out.println("Packet="+((TCPPacket)packet).toColoredVerboseString(true));
//if( tcppacket.getDestinationPort()==110 || tcppacket.getSourcePort() ==110) // pop3
if( tcppacket.getDestinationPort()==80 || tcppacket.getSourcePort() ==80){ // http
String captureStr = new String( tcppacket.getTCPData() );
System.out.println( ">>"+ captureStr);
fos.write(tcppacket.getTCPData());
fos.write(new String("**********************************************************/n").getBytes());
//fos.close();
//CaptureVec.addElement(captureStr);
}
}
}catch(Exception ioe){
System.out.println("Exception ocurred:"+ioe);
}
}
}
JPCAP也提供了生成网络数据包的功能,正在探索中,有时间想做个能发Magic Packet网卡远程唤醒主机的程序,等完成后再贴上来大家共享。