WinPCap捕获FTP用户名密码
来源:互联网 发布:手机日记本软件 编辑:程序博客网 时间:2024/04/30 18:05
首先要经历的步骤:
1.获取所有可监听的网络适配器,并选择其一。存储在 pcap_if_t
结构体里。
2.打开网络适配器。
pcap_t *pcap_open(const char *source, int snaplen, int flags, int read_timeout, struct pcap_rmtauth *auth, char *errbuf);
pcap_open(d->name, // 设备名 65536, // 要捕捉的数据包的部分 // 65535保证能捕获到不同数据链路层上的每个数据包的全部内容 PCAP_OPENFLAG_NOCAPTURE_LOCAL, // 混杂模式 1000, // 读取超时时间 NULL, // 远程机器验证 errbuf // 错误缓冲池 )
这里是flags的定义
/*! \addtogroup remote_open_flags \{*//*! \brief Defines if the adapter has to go in promiscuous mode. It is '1' if you have to open the adapter in promiscuous mode, '0' otherwise. Note that even if this parameter is false, the interface could well be in promiscuous mode for some other reason (for example because another capture process with promiscuous mode enabled is currently using that interface). On on Linux systems with 2.2 or later kernels (that have the "any" device), this flag does not work on the "any" device; if an argument of "any" is supplied, the 'promisc' flag is ignored.*/#define PCAP_OPENFLAG_PROMISCUOUS 1/*! \brief Defines if the data trasfer (in case of a remote capture) has to be done with UDP protocol. If it is '1' if you want a UDP data connection, '0' if you want a TCP data connection; control connection is always TCP-based. A UDP connection is much lighter, but it does not guarantee that all the captured packets arrive to the client workstation. Moreover, it could be harmful in case of network congestion. This flag is meaningless if the source is not a remote interface. In that case, it is simply ignored.*/#define PCAP_OPENFLAG_DATATX_UDP 2/*! \brief Defines if the remote probe will capture its own generated traffic. In case the remote probe uses the same interface to capture traffic and to send data back to the caller, the captured traffic includes the RPCAP traffic as well. If this flag is turned on, the RPCAP traffic is excluded from the capture, so that the trace returned back to the collector is does not include this traffic.*/#define PCAP_OPENFLAG_NOCAPTURE_RPCAP 4/*! \brief Defines if the local adapter will capture its own generated traffic. This flag tells the underlying capture driver to drop the packets that were sent by itself. This is usefult when building applications like bridges, that should ignore the traffic they just sent.*/#define PCAP_OPENFLAG_NOCAPTURE_LOCAL 8/*! \brief This flag configures the adapter for maximum responsiveness. In presence of a large value for nbytes, WinPcap waits for the arrival of several packets before copying the data to the user. This guarantees a low number of system calls, i.e. lower processor usage, i.e. better performance, which is good for applications like sniffers. If the user sets the PCAP_OPENFLAG_MAX_RESPONSIVENESS flag, the capture driver will copy the packets as soon as the application is ready to receive them. This is suggested for real time applications (like, for example, a bridge) that need the best responsiveness.*/#define PCAP_OPENFLAG_MAX_RESPONSIVENESS 16
3.编译过滤器
pcap_compile(adhandle, &fcode, packet_filter, 1, netmask);
4.设置过滤器
pcap_setfilter(adhandle, &fcode);
5.进行捕获
pcap_loop(adhandle, 30, packet_handler, NULL);
0 0
- WinPCap捕获FTP用户名密码
- winpcap编程实现自动过滤FTP用户名及密码
- 用 WinPCAP 监听并分析 FTP 协议并记录 IP、用户名、密码和登陆是否成功
- FTP 用户名密码脚本
- FTP 设置用户名和密码
- ftp设置用户名和密码
- 清除FTP登录的用户名密码
- ARP欺骗攻击获得FTP用户名密码
- IIS 设置FTP用户名和密码
- 用Metasploit破解ftp用户名和密码
- 暴力破解FTP服务器用户名密码
- 应用winpcap捕获数据流
- WinPcap捕获数据包
- FTP登录时指定用户名密码的方法
- wget下载ftp文件,通过用户名和密码的方式
- 在url中输入ftp的用户名和密码
- [小技巧] yafc 如何设置 ftp 的用户名和密码
- ftp软件保存用户名、ip和密码然后上传
- Git小结
- C语言fgetc()函数的返回值
- 懂商业的技术合伙人(7):怎样快速开发一个APP(2)
- layer中使用layer.open中content里面的元素追加事件,加不上
- 树状数组区间修改+查询
- WinPCap捕获FTP用户名密码
- 关于android 6.0以上系统的拍照问题
- faster rcnn 中pascal_voc.py
- 算法提高 五次方数
- java泛型中HashSet和TreeSet区别
- AS新功能之InstantRun
- Android 软键盘 弹出,默认隐藏,强制隐藏,自动变大写等
- java工程师相关问题大全
- 461.HammingDistance解题