Develop a network packet sending/capturing tool in Java using Jpcap
By admin on Sep 29, 2007 in Java, Programming, open source
Most of us should be familiar with libpcap, tcpdump, winpcap, or wireshark. They are either libraries or tools that can be used to send or capture network packets. However, I had a requirement some time back to develop simple Java program to sniff on the packets pass through a server. At the end, I coded the program using Jpcap.
Jpcap is a Java library for capturing and sending network packets.
Using Jpcap, you can develop applications to capture packets from a network interface and visualize/analyze them in Java. You can also develop Java applications to send arbitrary packets through a network interface.
Jpcap has been tested on Microsoft Windows (98/2000/XP/Vista), Linux (Fedora, Mandriva, Ubuntu), Mac OS X (Darwin), FreeBSD, and Solaris.
Jpcap can capture Ethernet, IPv4, IPv6, ARP/RARP, TCP, UDP, and ICMPv4 packets.
As an example, to write a tcpdump program is simple.
import jpcap.*;
import jpcap.packet.Packet;class Tcpdump implements PacketReceiver {
public void receivePacket(Packet packet) {
System.out.println(packet);
}public static void main(String[] args) throws Exception {
NetworkInterface[] devices = JpcapCaptor.getDeviceList();
if(args.length<1){
System.out.println(”usage: java Tcpdump <select a number from the following>”);for (int i = 0; i < devices.length; i++) {
System.out.println(i+” :”+devices[i].name + “(” + devices[i].description+”)”);
System.out.println(” data link:”+devices[i].datalink_name + “(”
+ devices[i].datalink_description+”)”);
System.out.print(” MAC address:”);
for (byte b : devices[i].mac_address)
System.out.print(Integer.toHexString(b&0xff) + “:”);
System.out.println();
for (NetworkInterfaceAddress a : devices[i].addresses)
System.out.println(” address:”+a.address + ” ” + a.subnet + ” ”
+ a.broadcast);
}
}else{
JpcapCaptor jpcap = JpcapCaptor.openDevice(devices[Integer.parseInt(args[0])], 2000, false, 20);jpcap.loopPacket(-1, new Tcpdump());
}
}
}
To send a custom TCP packet.
import java.net.InetAddress;
import jpcap.*;
import jpcap.packet.EthernetPacket;
import jpcap.packet.IPPacket;
import jpcap.packet.TCPPacket;class SendTCP
{
public static void main(String[] args) throws java.io.IOException{
NetworkInterface[] devices = JpcapCaptor.getDeviceList();
if(args.length<1){
System.out.println(”Usage: java SentTCP <device index (e.g., 0, 1..)>”);
for(int i=0;i<devices.length;i++)
System.out.println(i+”:”+devices[i].name+”(”+devices[i].description+”)”);
System.exit(0);
}
int index=Integer.parseInt(args[0]);
JpcapSender sender=JpcapSender.openDevice(devices[index]);TCPPacket p=new TCPPacket(12,34,56,78,false,false,false,false,true,true,true,true,10,10);
p.setIPv4Parameter(0,false,false,false,0,false, false,false,0,1010101,100,IPPacket.IPPROTO_TCP,
InetAddress.getByName(”www.microsoft.com”),
InetAddress.getByName(”www.google.com”));
p.data=(”data”).getBytes();EthernetPacket ether=new EthernetPacket();
ether.frametype=EthernetPacket.ETHERTYPE_IP;
ether.src_mac=new byte[]{(byte)0,(byte)1,(byte)2,(byte)3,(byte)4,(byte)5};
ether.dst_mac=new byte[]{(byte)0,(byte)6,(byte)7,(byte)8,(byte)9,(byte)10};
p.datalink=ether;for(int i=0;i<10;i++)
sender.sendPacket(p);
}
}
sathesh A | Dec 20, 2007 | Reply
how to capture the packets which are passing through the router.
Amit | Feb 9, 2008 | Reply
hi,
I use JPCap for capturing packet but i can find only devices in my system, i can not capture the network packet. Please help me for capturing the network packet.
admin | Feb 9, 2008 | Reply
Can u show yr code ?
junkredish | Sep 6, 2008 | Reply
do u know how to send fake hardware broadcast address using java? i’m workin with sniffer detector program and currently stuck with it
Vishal | Oct 20, 2008 | Reply
Can u plz tell me how to decode the packets into user readable format after capturing them.