windows下拦截网络数据封包的方法有四种:
第一种是将网卡设为混杂模式,这次就可以监视到局域网上所有的数据包,
第二种是HOOK目标进程的发送和接收的API函数,
第三种方法是自己实现一个代理的DLL
第四种方法是使用别人封装好的dll,直接调用
我们今天说说第四种方法,我们使用SharpPcap.dll来拦截数据包。
SharpPcap 是一个.NET 环境下的网络包捕获框架,基于著名的 pcap/WinPcap 库开发。提供了捕获、注入、分析和构建的功能,适用于 C# 和 VB NET 开发语言。
SharpPcap有两部分组成:1> SharpPcap.dll 负责数据的捕获 2> PacketDotNet.dll负责数据包的解析
github地址:https://github.com/dotpcap/sharppcap
SharpPcap核心代码:
/// <summary>
/// 开始捕捉
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
private void btnStart_Click(object sender, EventArgs e)
{
if (this.combDevice.SelectedIndex > -1)
{
StartCapture(this.combDevice.SelectedIndex);
this.btnStart.Enabled = false;
this.btnStop.Enabled = true;
}
else {
MessageBox.Show(this,"请选择一个设备","提示",MessageBoxButtons.OK);
}
}
/// <summary>
/// 停止捕捉
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
private void btnStop_Click(object sender, EventArgs e)
{
Shutdown();
this.btnStop.Enabled = false;
this.btnStart.Enabled = true;
}
private void StartCapture(int itemIndex)
{
packetCount = 0;
device = CaptureDeviceList.Instance[itemIndex];
packetStrings = new Queue<PacketWrapper>();
bs = new BindingSource();
dgvData.DataSource = bs;
LastStatisticsOutput = DateTime.Now;
// start the background thread
backgroundThreadStop = false;
backgroundThread = new Thread(BackgroundThread);
backgroundThread.Start();
// setup background capture
device.OnPacketArrival += new PacketArrivalEventHandler(device_OnPacketArrival);
device.OnCaptureStopped += new CaptureStoppedEventHandler(device_OnCaptureStopped);
device.Open();
// tcpdump filter to capture only TCP/IP packets
string filter = "ip and tcp";
device.Filter = filter;
// force an initial statistics update
captureStatistics = device.Statistics;
UpdateCaptureStatistics();
// start the background capture
device.StartCapture();
btnStop.Enabled = true;
}
/// <summary>
/// 设备接收事件
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
private void device_OnPacketArrival(object sender, CaptureEventArgs e)
{
// print out periodic statistics about this device
var Now = DateTime.Now;
var interval = Now - LastStatisticsOutput;
if (interval > new TimeSpan(0, 0, 2))
{
Console.WriteLine("device_OnPacketArrival: " + e.Device.Statistics);
captureStatistics = e.Device.Statistics;
statisticsUiNeedsUpdate = true;
LastStatisticsOutput = Now;
}
lock (QueueLock)
{
PacketQueue.Add(e.Packet);
}
}
/// <summary>
/// 设备停止事件
/// </summary>
/// <param name="sender"></param>
/// <param name="status"></param>
private void device_OnCaptureStopped(object sender, CaptureStoppedEventStatus status)
{
if (status != CaptureStoppedEventStatus.CompletedWithoutError)
{
MessageBox.Show("Error stopping capture", "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
private void UpdateCaptureStatistics()
{
tlblStatistic.Text = string.Format("接收包: {0}, 丢弃包: {1}, 接口丢弃包: {2}", captureStatistics.ReceivedPackets,captureStatistics.DroppedPackets, captureStatistics.InterfaceDroppedPackets);
}
网友回复
我知道答案,我要回答
私活外包
最新提问
DLNA与UPnP的区别和不同?
苏超自建抢票app,通过先预约再抽签化解高并发抢票?
python如何让给电脑在局域网中伪装成电视接收手机的投屏图片视频播放?
如何结合python+js如何自己的视频编码与加密播放直播?
python如何在电脑上通过局域网将本地视频或m3u8视频投屏电视播放?
腾讯视频爱奇艺优酷vip电影电视剧视频如何通过python绕过vip收费直接观看?
有没有可免费观看全球电视台直播m3u8地址url的合集?
有没有实现观影自由的免vip影视苹果 CMS V10 API的可用url?
python如何实时检测电脑usb插入检测报警?
如何判断真人操作的鼠标移动直线轨迹与机器操作的轨迹?
