C#使用sharppcap实现网络抓包
来源:互联网 发布:电视机网络顶盒 编辑:程序博客网 时间:2024/04/30 03:22
c# 使用sharppcap实现 网络抓包
sharppcap dll的下载地址:
http://sourceforge.net/directory/os:windows/?q=sharppcap
具体使用详细步骤:
http://www.codeproject.com/KB/IP/sharppcap.aspx
事例wrapper类,具体说明使用方式
using System.Text;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.IO;
using System.Threading;
using SharpPcap;
using PacketDotNet;
using SharpPcap.LibPcap;
namespace ServerToolCapture
{
public class WinCapHelper
{
private static object syncObj = new object();
private static WinCapHelper _capInstance;
public static WinCapHelper WinCapInstance
{
get
{
if (null == _capInstance)
{
lock (syncObj)
{
if (null == _capInstance)
{
_capInstance = new WinCapHelper();
}
}
}
return _capInstance;
}
}
private Thread _thread;
/// <summary>
/// when get pocket,callback
/// </summary>
public Action<string> _logAction;
/// <summary>
/// 过滤条件关键字
/// </summary>
public string filter;
private WinCapHelper()
{
}
public void Listen()
{
if (_thread != null && _thread.IsAlive)
{
return;
}
_thread = new Thread(new ThreadStart(() =>
{
////遍历网卡
foreach (PcapDevice device in SharpPcap.CaptureDeviceList.Instance)
{
////分别启动监听,指定包的处理函数
device.OnPacketArrival += new PacketArrivalEventHandler(device_OnPacketArrival);
device.Open(DeviceMode.Normal, 1000);
device.Capture(500);
//device.StartCapture();
}
}));
_thread.Start();
}
/// <summary>
/// 打印包信息,组合包太复杂了,所以直接把hex字符串打出来了
/// </summary>
/// <param name="str"></param>
/// <param name="p"></param>
private void PrintPacket(ref string str, Packet p)
{
if (p != null)
{
string s = p.ToString();
if (!string.IsNullOrEmpty(filter) && !s.Contains(filter))
{
return;
}
str += "\r\n" + s + "\r\n";
////尝试创建新的TCP/IP数据包对象,
////第一个参数为以太头长度,第二个为数据包数据块
str += p.PrintHex() + "\r\n";
}
}
/// <summary>
/// 接收到包的处理函数
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
private void device_OnPacketArrival(object sender, CaptureEventArgs e)
{
////解析出基本包
var packet = PacketDotNet.Packet.ParsePacket(e.Packet.LinkLayerType, e.Packet.Data);
////协议类别
// var dlPacket = PacketDotNet.DataLinkPacket.ParsePacket(e.Packet.LinkLayerType, e.Packet.Data);
//var ethernetPacket = PacketDotNet.EthernetPacket.GetEncapsulated(packet);
//var internetLinkPacket = PacketDotNet.InternetLinkLayerPacket.Parse(packet.BytesHighPerformance.Bytes);
//var internetPacket = PacketDotNet.InternetPacket.Parse(packet.BytesHighPerformance.Bytes);
//var sessionPacket = PacketDotNet.SessionPacket.Parse(packet.BytesHighPerformance.Bytes);
//var appPacket = PacketDotNet.ApplicationPacket.Parse(packet.BytesHighPerformance.Bytes);
//var pppoePacket = PacketDotNet.PPPoEPacket.Parse(packet.BytesHighPerformance.Bytes);
//var arpPacket = PacketDotNet.ARPPacket.GetEncapsulated(packet);
//var ipPacket = PacketDotNet.IpPacket.GetEncapsulated(packet); //ip包
//var udpPacket = PacketDotNet.UdpPacket.GetEncapsulated(packet);
//var tcpPacket = PacketDotNet.TcpPacket.GetEncapsulated(packet);
string ret = "";
PrintPacket(ref ret, packet);
//ParsePacket(ref ret, ethernetPacket);
//ParsePacket(ref ret, internetLinkPacket);
//ParsePacket(ref ret, internetPacket);
//ParsePacket(ref ret, sessionPacket);
//ParsePacket(ref ret, appPacket);
//ParsePacket(ref ret, pppoePacket);
//ParsePacket(ref ret, arpPacket);
//ParsePacket(ref ret, ipPacket);
//ParsePacket(ref ret, udpPacket);
//ParsePacket(ref ret, tcpPacket);
if (!string.IsNullOrEmpty(ret))
{
string rlt = "\r\n时间 : " +
DateTime.Now.ToLongTimeString() +
"\r\n数据包: \r\n" + ret;
_logAction(rlt);
}
}
public void StopAll()
{
foreach (PcapDevice device in SharpPcap.CaptureDeviceList.Instance)
{
if (device.Opened)
{
Thread.Sleep(500);
device.StopCapture();
}
_logAction("device : " + device.Description + " stoped.\r\n");
}
_thread.Abort();
}
}
}
1 0
- c# 使用sharppcap实现 网络抓包
- c# 使用sharppcap实现 网络抓包
- c# 使用sharppcap实现 网络抓包
- c# 使用sharppcap实现 网络抓包
- C#使用sharppcap实现网络抓包
- C#使用sharppcap实现网络抓包-----2
- 使用SharpPCap在C#下进行网络抓包
- 使用SharpPCap在C#下进行网络抓包
- C# 异步多线程 sharpPcap 抓包
- c# SharpPcap 截包,抓包 - 资料收集贴 --转
- 使用C#实现网络抓包与分析
- C# 网络抓包
- SharpPcap开发包分析c#
- SharpPcap网络包捕获框架的使用--实例代码在vs2005调试通过
- c实现网络抓包windows下
- wireShark 的使用 网络抓包
- 使用WinPcap抓包分析网络协议
- wireShark 的使用 网络抓包
- c/c++时间函数
- iOS开发之调用系统应用
- MFC 静态文本框控件
- java 获取后台返回json 并js循环利用
- android jni 出现format not a string literal and no format arguments [-Werror=format-security]问题
- C#使用sharppcap实现网络抓包
- 安装ubuntu分区建议
- wampserver 最新版本 mysql修改数据库密码
- android 打包签名
- java学习之编译时类型和运行时类型
- “/dev/kvm not found ”error on windows in android studio
- 关于地产信息化“大佬”们说了什么?看完这些就够了
- 新的开始!
- 小白进阶之动态规划-最长公共子序列