RSS Feed for This PostCurrent Article

Develop a network packet sending/capturing tool in Java using Jpcap


Most of us should be familiar with libpcap, tcpdump, winpcap, or wireshark. They are either libraries or tools that can be used to send or capture network packets. However, I had a requirement some time back to develop simple Java program to sniff on the packets pass through a server. At the end, I coded the program using Jpcap.

Jpcap is a Java library for capturing and sending network packets.

Using Jpcap, you can develop applications to capture packets from a network interface and visualize/analyze them in Java. You can also develop Java applications to send arbitrary packets through a network interface.

Jpcap has been tested on Microsoft Windows (98/2000/XP/Vista), Linux (Fedora, Mandriva, Ubuntu), Mac OS X (Darwin), FreeBSD, and Solaris.

Jpcap can capture Ethernet, IPv4, IPv6, ARP/RARP, TCP, UDP, and ICMPv4 packets.

As an example, to write a tcpdump program is simple.

import jpcap.*;
import jpcap.packet.Packet;

class Tcpdump implements PacketReceiver {
public void receivePacket(Packet packet) {
System.out.println(packet);
}

public static void main(String[] args) throws Exception {
NetworkInterface[] devices = JpcapCaptor.getDeviceList();
if(args.length<1){
System.out.println(“usage: java Tcpdump <select a number from the following>”);

for (int i = 0; i < devices.length; i++) {
System.out.println(i+” :”+devices[i].name + “(” + devices[i].description+”)”);
System.out.println(” data link:”+devices[i].datalink_name + “(”
+ devices[i].datalink_description+”)”);
System.out.print(” MAC address:”);
for (byte b : devices[i].mac_address)
System.out.print(Integer.toHexString(b&0xff) + “:”);
System.out.println();
for (NetworkInterfaceAddress a : devices[i].addresses)
System.out.println(” address:”+a.address + ” ” + a.subnet + ” ”
+ a.broadcast);
}
}else{
JpcapCaptor jpcap = JpcapCaptor.openDevice(devices[Integer.parseInt(args[0])], 2000, false, 20);

jpcap.loopPacket(-1, new Tcpdump());
}
}
}

To send a custom TCP packet.

import java.net.InetAddress;

import jpcap.*;
import jpcap.packet.EthernetPacket;
import jpcap.packet.IPPacket;
import jpcap.packet.TCPPacket;

class SendTCP
{
public static void main(String[] args) throws java.io.IOException{
NetworkInterface[] devices = JpcapCaptor.getDeviceList();
if(args.length<1){
System.out.println(“Usage: java SentTCP <device index (e.g., 0, 1..)>”);
for(int i=0;i<devices.length;i++)
System.out.println(i+”:”+devices[i].name+”(“+devices[i].description+”)”);
System.exit(0);
}
int index=Integer.parseInt(args[0]);
JpcapSender sender=JpcapSender.openDevice(devices[index]);

TCPPacket p=new TCPPacket(12,34,56,78,false,false,false,false,true,true,true,true,10,10);
p.setIPv4Parameter(0,false,false,false,0,false, false,false,0,1010101,100,IPPacket.IPPROTO_TCP,
InetAddress.getByName(“www.microsoft.com”),
InetAddress.getByName(“www.google.com”));
p.data=(“data”).getBytes();

EthernetPacket ether=new EthernetPacket();
ether.frametype=EthernetPacket.ETHERTYPE_IP;
ether.src_mac=new byte[]{(byte)0,(byte)1,(byte)2,(byte)3,(byte)4,(byte)5};
ether.dst_mac=new byte[]{(byte)0,(byte)6,(byte)7,(byte)8,(byte)9,(byte)10};
p.datalink=ether;

for(int i=0;i<10;i++)
sender.sendPacket(p);
}
}


Trackback URL


RSS Feed for This Post12 Comment(s)

  1. sathesh A | Dec 20, 2007 | Reply

    how to capture the packets which are passing through the router.

  2. Amit | Feb 9, 2008 | Reply

    hi,
    I use JPCap for capturing packet but i can find only devices in my system, i can not capture the network packet. Please help me for capturing the network packet.

  3. admin | Feb 9, 2008 | Reply

    Can u show yr code ?

  4. junkredish | Sep 6, 2008 | Reply

    do u know how to send fake hardware broadcast address using java? i’m workin with sniffer detector program and currently stuck with it

  5. Vishal | Oct 20, 2008 | Reply

    Can u plz tell me how to decode the packets into user readable format after capturing them.

  6. Sakthimurugan | Jan 26, 2009 | Reply

    Hi Gee?

    How to write networking Application in java simple.

    i want example code for this, plz help me

  7. sowmya | Jan 27, 2009 | Reply

    hi

    I need some information regarding the compilation and execution of Jpcap programs.
    Is the path setting necessary?

    plz plz help us
    we are doing a project on this

  8. hemanth raj | Feb 24, 2009 | Reply

    how to capture the ip address of the packets recieved and how shld we direct it to our server

  9. java man | Apr 23, 2009 | Reply

    Why I’m getting

    Exception in thread “main” java.lang.UnsatisfiedLinkError: jpcap.JpcapCaptor.getDeviceList()[Ljpcap/NetworkInterface;
    at jpcap.JpcapCaptor.getDeviceList(Native Method)

    I’m install correctly the jpcap.dll into c:\windows\system32 (set as system path)

  10. kamal | Jun 1, 2009 | Reply

    Hi guys,

    I am using the avove code of “TCPDUMP program” and it returns devices.length =0…any idea why it doesn’t read any device. I am running this code as adminstrator and connected to the net.

    NetworkInterface[] devices = JpcapCaptor.getDeviceList();
    System.out.println(devices.length);

  11. sandrar | Sep 10, 2009 | Reply

    Hi! I was surfing and found your blog post… nice! I love your blog. :) Cheers! Sandra. R.

  12. Name | Dec 30, 2009 | Reply

    so what you did here is a copy paste if jpcap official page ? what’s the purpose of this ?

Sorry, comments for this entry are closed at this time.