pcap

问题 I would like to ask why is my communicator receiving sent frames. I'm trying to fix this problem using flag PacketDeviceOpenAttributes.NoCaptureLocal for receiving communicator but I'm still receiving sent frames. Could anyone know how to fix this problem? Thank you. Here is my code: using PcapDotNet.Core; using PcapDotNet.Packets; using System; using System.Collections.Generic; using System.ComponentModel; using System.Data; using System.Drawing; using System.Linq; using System.Text; using

问题 Ok, i have this Cap file that i captured with Wireshark. There are multiple WEP keys which can be retrieved from the file. Is there a way, using Wireshark or aircrack-ng, to know exactly how many wep keys that are available in that Pcap file ? Edit: not the Wep passwords, just the number of Wep keys available. 回答1: Wireshark has a display/filter field named wlan.wep.key . So: Using tshark with a display filter and wc as follows might give you the desired result (altho i haven't tried it):

问题 I'm writing python program to build mac-address cache using pcap. But pcap module for python has no good documentation. I have found this page http://pylibpcap.sourceforge.net/ with code example and it works fine. Can anybody modify this example to make it able to show the source mac-address for each packet? Or point me to the documentation where I can read about it ... updated Here is a code part where information about mac addresses were cut. def print_packet(pktlen, data, timestamp): if

问题 Is there anyway to get nanoseconds out of a pcap with existing python libraries? I have a nanoseconds pcap file that works just fine with Wireshark but the Python pcapy library will not even import the file. This functionality does exist in c libpcap (see: this thread) but has anyone ported it into Python? I took a look at the source code but it is over my head in changing pcapy to allow this. Nanoseconds are necessary for what I am doing and microseconds do not give me the necessary

问题 I went to winpcap.org today, downloaded the installer, and installed WinPcap on my Windows 7 laptop PC. However, the folder where it was installed contains only an installation log, an executable called rpcapd.exe, and an uninstall executable. When I run rpcapd.exe a dos shell appears: Press CTLR+C to stop the server... and nothing happens until I press CTRL+C, which closes the window. When I create a project in Microsoft Visual Studio and include < pcap.h >, I'm told there is no such file or

问题 I'm really new to OCaml, and wanted to try and do some work with pcap as a way of getting started, only, there doesn't seem to be a maintained library for it. After looking at the awesome Real World OCaml book, I figured I'd give writing a binding a go. Here's the (poor) code snippet: open Ctypes open Foreign open PosixTypes let char_ptr = " " let pcap_lookupdev = foreign "pcap_lookupdev" (string @-> returning string_opt) let result = pcap_lookupdev char_ptr let test2 = match result with |

问题 It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center. Closed 7 years ago . Is the below code correctly calculating the FCS value of wireless 802.11 frames? Because the value produced by the below code does not match the value shown by wireshark. const uint32_t crctable[] = { 0x00000000L

问题 I'm having an issue where by pcap_datalink() is always returning 1 . To my understanding this is LINKTYPE_ETHERNET . But, the device I am using is a wireless card and in my case en0 . This is stopping me from putting the card into monitor mode, and stopping my WLAN filters from working. I've tried to run this on both OSX and Linux with the same results. I also run as root. Here's the part of my code that's causing the problem. For the example, assume dev is set to en0 (wireless device on Mac)

问题 Closed. This question is off-topic. It is not currently accepting answers. Want to improve this question? Update the question so it's on-topic for Stack Overflow. Closed 3 years ago . Basically I want a simple C code which illustrates capturing packet in promiscuous mode and extracts out ssid from them. Edit1 I am writing the code which I wrote to perform basic sniffing. #include <stdio.h> #include <pcap.h> int main(int argc, char *argv[]){ pcap_t *handle; struct pcap_pkthdr header; const u

问题 I have captured three different stream as pcap file with meta datas. How can I stream back to RTP/RTCP stream? 回答1: If I understand correctly, you have the pcaps, but you want to get the RTP from them? Wireshark UI You could use Wireshark's UI to easily take the RTP from the pcap via the Menu: Telephony/RTP/ then show all streams... click a stream it lists, and then 'analyize.' However, if you want to automate this, and avoid the UI... you can use tshark. I found several tutorials online and