RSS Feed for This PostCurrent Article

Develop a network packet sending/capturing tool in Java using Jpcap


Most of us should be familiar with libpcap, tcpdump, winpcap, or wireshark. They are either libraries or tools that can be used to send or capture network packets. However, I had a requirement some time back to develop simple Java program to sniff on the packets pass through a server. At the end, I coded the program using Jpcap.

Jpcap is a Java library for capturing and sending network packets.

Using Jpcap, you can develop applications to capture packets from a network interface and visualize/analyze them in Java. You can also develop Java applications to send arbitrary packets through a network interface.

Jpcap has been tested on Microsoft Windows (98/2000/XP/Vista), Linux (Fedora, Mandriva, Ubuntu), Mac OS X (Darwin), FreeBSD, and Solaris.

Jpcap can capture Ethernet, IPv4, IPv6, ARP/RARP, TCP, UDP, and ICMPv4 packets.

As an example, to write a tcpdump program is simple.

import jpcap.*;
import jpcap.packet.Packet;

class Tcpdump implements PacketReceiver {
public void receivePacket(Packet packet) {
System.out.println(packet);
}

public static void main(String[] args) throws Exception {
NetworkInterface[] devices = JpcapCaptor.getDeviceList();
if(args.length<1){
System.out.println(“usage: java Tcpdump <select a number from the following>”);

for (int i = 0; i < devices.length; i++) {
System.out.println(i+” :”+devices[i].name + “(” + devices[i].description+”)”);
System.out.println(” data link:”+devices[i].datalink_name + “(”
+ devices[i].datalink_description+”)”);
System.out.print(” MAC address:”);
for (byte b : devices[i].mac_address)
System.out.print(Integer.toHexString(b&0xff) + “:”);
System.out.println();
for (NetworkInterfaceAddress a : devices[i].addresses)
System.out.println(” address:”+a.address + ” ” + a.subnet + ” ”
+ a.broadcast);
}
}else{
JpcapCaptor jpcap = JpcapCaptor.openDevice(devices[Integer.parseInt(args[0])], 2000, false, 20);

jpcap.loopPacket(-1, new Tcpdump());
}
}
}

To send a custom TCP packet.

import java.net.InetAddress;

import jpcap.*;
import jpcap.packet.EthernetPacket;
import jpcap.packet.IPPacket;
import jpcap.packet.TCPPacket;

class SendTCP
{
public static void main(String[] args) throws java.io.IOException{
NetworkInterface[] devices = JpcapCaptor.getDeviceList();
if(args.length<1){
System.out.println(“Usage: java SentTCP <device index (e.g., 0, 1..)>”);
for(int i=0;i<devices.length;i++)
System.out.println(i+”:”+devices[i].name+”(“+devices[i].description+”)”);
System.exit(0);
}
int index=Integer.parseInt(args[0]);
JpcapSender sender=JpcapSender.openDevice(devices[index]);

TCPPacket p=new TCPPacket(12,34,56,78,false,false,false,false,true,true,true,true,10,10);
p.setIPv4Parameter(0,false,false,false,0,false, false,false,0,1010101,100,IPPacket.IPPROTO_TCP,
InetAddress.getByName(“www.microsoft.com”),
InetAddress.getByName(“www.google.com”));
p.data=(“data”).getBytes();

EthernetPacket ether=new EthernetPacket();
ether.frametype=EthernetPacket.ETHERTYPE_IP;
ether.src_mac=new byte[]{(byte)0,(byte)1,(byte)2,(byte)3,(byte)4,(byte)5};
ether.dst_mac=new byte[]{(byte)0,(byte)6,(byte)7,(byte)8,(byte)9,(byte)10};
p.datalink=ether;

for(int i=0;i<10;i++)
sender.sendPacket(p);
}
}


Trackback URL


RSS Feed for This Post21 Comment(s)

  1. sathesh A | Dec 20, 2007 | Reply

    how to capture the packets which are passing through the router.

  2. Amit | Feb 9, 2008 | Reply

    hi,
    I use JPCap for capturing packet but i can find only devices in my system, i can not capture the network packet. Please help me for capturing the network packet.

  3. admin | Feb 9, 2008 | Reply

    Can u show yr code ?

  4. junkredish | Sep 6, 2008 | Reply

    do u know how to send fake hardware broadcast address using java? i’m workin with sniffer detector program and currently stuck with it

  5. Vishal | Oct 20, 2008 | Reply

    Can u plz tell me how to decode the packets into user readable format after capturing them.

  6. Sakthimurugan | Jan 26, 2009 | Reply

    Hi Gee?

    How to write networking Application in java simple.

    i want example code for this, plz help me

  7. sowmya | Jan 27, 2009 | Reply

    hi

    I need some information regarding the compilation and execution of Jpcap programs.
    Is the path setting necessary?

    plz plz help us
    we are doing a project on this

  8. hemanth raj | Feb 24, 2009 | Reply

    how to capture the ip address of the packets recieved and how shld we direct it to our server

  9. java man | Apr 23, 2009 | Reply

    Why I’m getting

    Exception in thread “main” java.lang.UnsatisfiedLinkError: jpcap.JpcapCaptor.getDeviceList()[Ljpcap/NetworkInterface;
    at jpcap.JpcapCaptor.getDeviceList(Native Method)

    I’m install correctly the jpcap.dll into c:\windows\system32 (set as system path)

  10. kamal | Jun 1, 2009 | Reply

    Hi guys,

    I am using the avove code of “TCPDUMP program” and it returns devices.length =0…any idea why it doesn’t read any device. I am running this code as adminstrator and connected to the net.

    NetworkInterface[] devices = JpcapCaptor.getDeviceList();
    System.out.println(devices.length);

  11. sandrar | Sep 10, 2009 | Reply

    Hi! I was surfing and found your blog post… nice! I love your blog. :) Cheers! Sandra. R.

  12. Name | Dec 30, 2009 | Reply

    so what you did here is a copy paste if jpcap official page ? what’s the purpose of this ?

  13. madhu | Mar 18, 2010 | Reply

    hey im getting this error:
    java.lang.NoSuchMethodError: setID
    at jpcap.JpcapCaptor.nativeOpenLive(Native Method)
    at jpcap.JpcapCaptor.openDevice(JpcapCaptor.java:62)
    at anamolyDetection.(anamolyDetection.java:151)
    at anamolyDetection.main(anamolyDetection.java:65)

  14. madhu | Mar 18, 2010 | Reply

    hey im getting this error:
    java.lang.NoSuchMethodError: setID
    at jpcap.JpcapCaptor.nativeOpenLive(Native Method)
    at jpcap.JpcapCaptor.openDevice(JpcapCaptor.java:62)
    at anamolyDetection.(anamolyDetection.java:151)
    at anamolyDetection.main(anamolyDetection.java:65)

    please help me, i dont know whats the problem…..

  15. Troven | Apr 12, 2010 | Reply

    Hi Amit et al,

    To use packet capture, you need to put your network interface into promiscuous mode.

  16. Khirod | Jun 20, 2010 | Reply

    I am new to jpcap,I just install the jpcap on ubuntu successfully,but in java code

    NetworkInterface[] devices = pcapCaptor.getDeviceList();
    System.out.println(devices.length);

    It always return 0 devices.Is there any configuration ,I missed. How I can check jpcap working fine on my machine.

  17. celebrity fuck you | Aug 24, 2010 | Reply

    Sign: zdbrw Hello!!! dybgy and 4616ptrfmduupc and 651 : Hi! I was surfing and found your blog post! nice! I just came across your blog and wanted to say that Ive really enjoyed it.

  18. Divesh | Sep 25, 2010 | Reply

    how to get the reply of sender.sendPacket(p);
    and calculate time it takes to come back.
    plz.. replay..

  19. aymen kaabi | May 11, 2012 | Reply

    bonjour
    svp est ce que on peut executer le code de tracert qui comporte le jpcap soue ├ęclipse ou netbeans ou non et merci

  20. SONU | Jun 27, 2013 | Reply

    the program i am executing does not find all interfaces. It just showing wifi,lan.
    It does not showing iball modem dongle interface if it is used for internet connection.

    Please tell me the command or syntax.

  21. online psychic | Jul 9, 2014 | Reply

    Just because you like somebody is no purpose to
    allow them make your decisions for you. Does the advisor inform you that
    he/she will cast a spell or brew a potion to get
    you what you want? Do not be as well cautious or impulsive this week.

2 Trackback(s)

  1. From jpcap ethernet packet lengh | Mar 15, 2011
  2. From Develop a network packet sending/capturing tool in Java using Jpcap « Maroeuen Boubakri 's Blog | Feb 6, 2012

RSS Feed for This PostPost a Comment

*