Winpcap packet forwarding. Java wrapper

Question

I am trying to build a winpcap application capable of sniff traffic of a target host within a switch-based LAN.

To carry out this, I am trying to perform a arp spoofing. This way, messages between the target host and the getaway will be sent through me, and then I'll be able to sniff them.

I know how the spoofing works, what arp packets I must send and how to send them. The problem comes with the forwarding stuff: By default, my machine is going to drop the packets upon arrival, because they’re not destined to my IP address.

I have read about IPEnableRouter Windows registry value, but I'd prefer some code to get it.

I have been using Java Wrapper libraries for WinPcap (jNetPcap、Jpcap) but I could use some other languaje. Both computers have Windows Vista installed.

score 0 · Answer 1 · answered Nov 06 '12 at 19:29

By default, my machine is going to drop the packets upon arrival, because they’re not destined to my IP address.

That shouldn't happen if you put the adapter into promiscuous mode. Presumably the Java wrappers for WinPcap support promiscuous mode; the libpcap/WinPcap API pcap_open_live() does so and has done so since libpcap was first created.

This does mean that your program will have to do the forwarding, but, well, if you want to play networking games such as ARP spoofing, you may have to do a lot more networking stuff, such as packet forwarding, than you might want to.

Winpcap packet forwarding. Java wrapper

1 Answers1