Develop a network packet sending/capturing tool in Java using Jpcap
By admin on Sep 29, 2007 in Java, Programming, open source
Most of us should be familiar with libpcap, tcpdump, winpcap, or wireshark. They are either libraries or tools that can be used to send or capture network packets. However, I had a requirement some time back to develop simple Java program to sniff on the packets pass through a server. At the end, I coded the program using Jpcap.
Jpcap is a Java library for capturing and sending network packets.
Using Jpcap, you can develop applications to capture packets from a network interface and visualize/analyze them in Java. You can also develop Java applications to send arbitrary packets through a network interface.
Jpcap has been tested on Microsoft Windows (98/2000/XP/Vista), Linux (Fedora, Mandriva, Ubuntu), Mac OS X (Darwin), FreeBSD, and Solaris.
Jpcap can capture Ethernet, IPv4, IPv6, ARP/RARP, TCP, UDP, and ICMPv4 packets.
As an example, to write a tcpdump program is simple.
import jpcap.*;
import jpcap.packet.Packet;class Tcpdump implements PacketReceiver {
public void receivePacket(Packet packet) {
System.out.println(packet);
}public static void main(String[] args) throws Exception {
NetworkInterface[] devices = JpcapCaptor.getDeviceList();
if(args.length<1){
System.out.println(“usage: java Tcpdump <select a number from the following>”);for (int i = 0; i < devices.length; i++) {
System.out.println(i+” :”+devices[i].name + “(” + devices[i].description+”)”);
System.out.println(” data link:”+devices[i].datalink_name + “(”
+ devices[i].datalink_description+”)”);
System.out.print(” MAC address:”);
for (byte b : devices[i].mac_address)
System.out.print(Integer.toHexString(b&0xff) + “:”);
System.out.println();
for (NetworkInterfaceAddress a : devices[i].addresses)
System.out.println(” address:”+a.address + ” ” + a.subnet + ” ”
+ a.broadcast);
}
}else{
JpcapCaptor jpcap = JpcapCaptor.openDevice(devices[Integer.parseInt(args[0])], 2000, false, 20);jpcap.loopPacket(-1, new Tcpdump());
}
}
}
To send a custom TCP packet.
import java.net.InetAddress;
import jpcap.*;
import jpcap.packet.EthernetPacket;
import jpcap.packet.IPPacket;
import jpcap.packet.TCPPacket;class SendTCP
{
public static void main(String[] args) throws java.io.IOException{
NetworkInterface[] devices = JpcapCaptor.getDeviceList();
if(args.length<1){
System.out.println(“Usage: java SentTCP <device index (e.g., 0, 1..)>”);
for(int i=0;i<devices.length;i++)
System.out.println(i+”:”+devices[i].name+”(“+devices[i].description+”)”);
System.exit(0);
}
int index=Integer.parseInt(args[0]);
JpcapSender sender=JpcapSender.openDevice(devices[index]);TCPPacket p=new TCPPacket(12,34,56,78,false,false,false,false,true,true,true,true,10,10);
p.setIPv4Parameter(0,false,false,false,0,false, false,false,0,1010101,100,IPPacket.IPPROTO_TCP,
InetAddress.getByName(“www.microsoft.com”),
InetAddress.getByName(“www.google.com”));
p.data=(“data”).getBytes();EthernetPacket ether=new EthernetPacket();
ether.frametype=EthernetPacket.ETHERTYPE_IP;
ether.src_mac=new byte[]{(byte)0,(byte)1,(byte)2,(byte)3,(byte)4,(byte)5};
ether.dst_mac=new byte[]{(byte)0,(byte)6,(byte)7,(byte)8,(byte)9,(byte)10};
p.datalink=ether;for(int i=0;i<10;i++)
sender.sendPacket(p);
}
}
Popularity: 8% [?]
sathesh A | Dec 20, 2007 | Reply
how to capture the packets which are passing through the router.
Amit | Feb 9, 2008 | Reply
hi,
I use JPCap for capturing packet but i can find only devices in my system, i can not capture the network packet. Please help me for capturing the network packet.
admin | Feb 9, 2008 | Reply
Can u show yr code ?
junkredish | Sep 6, 2008 | Reply
do u know how to send fake hardware broadcast address using java? i’m workin with sniffer detector program and currently stuck with it
Vishal | Oct 20, 2008 | Reply
Can u plz tell me how to decode the packets into user readable format after capturing them.
Sakthimurugan | Jan 26, 2009 | Reply
Hi Gee?
How to write networking Application in java simple.
i want example code for this, plz help me
sowmya | Jan 27, 2009 | Reply
hi
I need some information regarding the compilation and execution of Jpcap programs.
Is the path setting necessary?
plz plz help us
we are doing a project on this
hemanth raj | Feb 24, 2009 | Reply
how to capture the ip address of the packets recieved and how shld we direct it to our server
java man | Apr 23, 2009 | Reply
Why I’m getting
Exception in thread “main” java.lang.UnsatisfiedLinkError: jpcap.JpcapCaptor.getDeviceList()[Ljpcap/NetworkInterface;
at jpcap.JpcapCaptor.getDeviceList(Native Method)
I’m install correctly the jpcap.dll into c:\windows\system32 (set as system path)
kamal | Jun 1, 2009 | Reply
Hi guys,
I am using the avove code of “TCPDUMP program” and it returns devices.length =0…any idea why it doesn’t read any device. I am running this code as adminstrator and connected to the net.
NetworkInterface[] devices = JpcapCaptor.getDeviceList();
System.out.println(devices.length);
sandrar | Sep 10, 2009 | Reply
Hi! I was surfing and found your blog post… nice! I love your blog. Cheers! Sandra. R.
Name | Dec 30, 2009 | Reply
so what you did here is a copy paste if jpcap official page ? what’s the purpose of this ?
madhu | Mar 18, 2010 | Reply
hey im getting this error:
java.lang.NoSuchMethodError: setID
at jpcap.JpcapCaptor.nativeOpenLive(Native Method)
at jpcap.JpcapCaptor.openDevice(JpcapCaptor.java:62)
at anamolyDetection.(anamolyDetection.java:151)
at anamolyDetection.main(anamolyDetection.java:65)
madhu | Mar 18, 2010 | Reply
hey im getting this error:
java.lang.NoSuchMethodError: setID
at jpcap.JpcapCaptor.nativeOpenLive(Native Method)
at jpcap.JpcapCaptor.openDevice(JpcapCaptor.java:62)
at anamolyDetection.(anamolyDetection.java:151)
at anamolyDetection.main(anamolyDetection.java:65)
please help me, i dont know whats the problem…..
Troven | Apr 12, 2010 | Reply
Hi Amit et al,
To use packet capture, you need to put your network interface into promiscuous mode.
Khirod | Jun 20, 2010 | Reply
I am new to jpcap,I just install the jpcap on ubuntu successfully,but in java code
NetworkInterface[] devices = pcapCaptor.getDeviceList();
System.out.println(devices.length);
It always return 0 devices.Is there any configuration ,I missed. How I can check jpcap working fine on my machine.