gpt4 book ai didi

sockets - Windows7中的pcapdotnet如何在不指定设备或使用IP 0.0.0.0的情况下嗅探端口?

转载 作者:行者123 更新时间:2023-12-03 11:55:52 25 4
gpt4 key购买 nike

我有一台计算机上有2个软件通过端口8888一起工作,我想知道它们是如何工作的。如果我能以其他方式(例如软件)来完成这项工作,那真是太好了:)

我下载了pcapdotnet并在http://pcapdotnet.codeplex.com/wikipage?title=Pcap.Net%20User%20Guide&referringTitle=Home上尝试了示例代码
它可以在本地网络上获取所有消息,但不适合我。

我使用netstat -a得到这个“TCP 0.0.0.0:8888 ZC01N00278:0 LISTENING”
我真的很困惑这个0.0.0.0。

因此我禁用了所有网络设备(这导致我的pcap无法工作,因为它至少需要一台设备),但仍然存在。我猜想这2个软件通信是在没有以太网的情况下进行的,是真的吗?

我是套接字的新手,通过哪种方式可以在此端口获取数据包?
这是代码,主要来自教程示例。

using System;
using System.Collections.Generic;
using PcapDotNet.Core;
using PcapDotNet.Packets;
using PcapDotNet.Packets.IpV4;
using PcapDotNet.Packets.Transport;
using System.IO;

namespace pcap_test1
{
class Program
{
static StreamWriter sw;
static void Main(string[] args)
{
sw = new StreamWriter(@"C:\sunxin\pcap.txt");
// Retrieve the device list from the local machine
IList<LivePacketDevice> allDevices = LivePacketDevice.AllLocalMachine;

if (allDevices.Count == 0)
{
Console.WriteLine("No interfaces found! Make sure WinPcap is installed.");
return;
}

// Print the list
for (int i = 0; i != allDevices.Count; ++i)
{
LivePacketDevice device = allDevices[i];
Console.Write((i + 1) + ". " + device.Name);
if (device.Description != null)
Console.WriteLine(" (" + device.Description + ")");
else
Console.WriteLine(" (No description available)");
}

int deviceIndex = 0;
do
{
Console.WriteLine("Enter the interface number (1-" + allDevices.Count + "):");
string deviceIndexString = Console.ReadLine();
if (!int.TryParse(deviceIndexString, out deviceIndex) ||
deviceIndex < 1 || deviceIndex > allDevices.Count)
{
deviceIndex = 0;
}
} while (deviceIndex == 0);

// Take the selected adapter
PacketDevice selectedDevice = allDevices[deviceIndex - 1];

// Open the device
using (PacketCommunicator communicator =
selectedDevice.Open(65536, // portion of the packet to capture
// 65536 guarantees that the whole packet will be captured on all the link layers
PacketDeviceOpenAttributes.Promiscuous, // promiscuous mode
1000)) // read timeout
{
// Check the link layer. We support only Ethernet for simplicity.
if (communicator.DataLink.Kind != DataLinkKind.Ethernet)
{
Console.WriteLine("This program works only on Ethernet networks.");
return;
}

// Compile the filter
using (BerkeleyPacketFilter filter = communicator.CreateFilter("port 8888"))
{
// Set the filter
communicator.SetFilter(filter);
}

Console.WriteLine("Listening on " + selectedDevice.Description + "...");

// start the capture
communicator.ReceivePackets(0, PacketHandler);
}
}

// Callback function invoked by libpcap for every incoming packet
private static void PacketHandler(Packet packet)
{
// print timestamp and length of the packet
Console.WriteLine(packet.Timestamp.ToString("yyyy-MM-dd hh:mm:ss.fff") + " length:" + packet.Ethernet);
sw.WriteLine(packet.Timestamp.ToString("yyyy-MM-dd hh:mm:ss.fff") + packet.Ethernet);

IpV4Datagram ip = packet.Ethernet.IpV4;
UdpDatagram udp = ip.Udp;
for (int i = ip.HeaderLength; i < packet.Length; ++i)
{
Console.Write(Convert.ToChar(packet.Buffer[i]));
sw.Write(Convert.ToChar(packet.Buffer[i]));
}
Console.WriteLine();
sw.WriteLine();
// print ip addresses and udp ports
//Console.WriteLine(ip.Source + ":" + udp.SourcePort + " -> " + ip.Destination + ":" + udp.DestinationPort);
//sw.WriteLine(ip.Source + ":" + udp.SourcePort + " -> " + ip.Destination + ":" + udp.DestinationPort);
sw.Flush();
}
}
}

最佳答案

Wireshark的Wiki告知WinPcap cannot capture packets between endpoints on the same computer in Windows(Pcap.Net使用WinPcap)。建议使用RawCap

关于sockets - Windows7中的pcapdotnet如何在不指定设备或使用IP 0.0.0.0的情况下嗅探端口?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/19014977/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com