我一直在尝试为 ARP 数据包检测编写一个嗅探器。我已经让 Pcap4j 库运行并检测我的网络,但它只在地址列表中显示它当前正在运行的计算机。有很多不同的设备连接到网络,Wireshark 可以检测到它们。我已经检查了至少主机和另一台计算机在 Windows 设置中设置了要打开的检测,并且它们可以在 Windows 网络中相互识别。
这是非常基本的代码:
package arpsniffer;
import java.io.IOException;
import org.pcap4j.core.PcapNetworkInterface;
import org.pcap4j.util.LinkLayerAddress;
import org.pcap4j.util.NifSelector;
/**
*
* @author Fabio
*/
public class ArpSniffer {
public static void main(String[] args) {
PcapNetworkInterface nif;
try {
nif = new NifSelector().selectNetworkInterface();
for(LinkLayerAddress addr : nif.getLinkLayerAddresses()){
System.out.println(addr.toString());
}
} catch (IOException e) {
}
}
}
这是输出(Pcap4J 打开一个文本对话框让我决定网络设备,我确认它是正确的!)
[main] INFO org.pcap4j.core.NativeMappings - Pcap4J successfully loaded a
native pcap library: WinPcap version 4.1.3 (packet.dll version 4.1.0.2980), based on libpcap version 1.0 branch 1_0_rel0b (20091008)
[main] INFO org.pcap4j.util.PropertiesLoader - [org/pcap4j/pcap4j.properties] Could not get value by org.pcap4j.af.inet, use default value: 2
[main] INFO org.pcap4j.util.PropertiesLoader - [org/pcap4j/pcap4j.properties] Could not get value by org.pcap4j.af.inet6, use default value: 23
[main] INFO org.pcap4j.util.PropertiesLoader - [org/pcap4j/pcap4j.properties] Could not get value by org.pcap4j.af.packet, use default value: 17
[main] INFO org.pcap4j.util.PropertiesLoader - [org/pcap4j/pcap4j.properties] Could not get value by org.pcap4j.af.link, use default value: 18
0
[main] INFO org.pcap4j.core.Pcaps - 1 NIF(s) found.
NIF[0]: \Device\NPF_{/*not showing this stuff here */}
: description: Microsoft
: link layer address: XX:XX:XX:XX:XX:XX //Concealed my adress!
: address: /192.168.192.107
Select a device number to capture packets, or enter 'q' to quit > 0 //This zero here was my personal input
XX:XX:XX:XX:XX:XX