0

I have this problem when I'm trying to sniffing, I did declare a RAW_SOCKET with addressFamily and yet I don't know what my problem 

private void btnStart_Click(object sender, EventArgs e)
{
    if (cmbInterfaces.Text == "")
    {
        MessageBox.Show("Select an Interface to capture the packets.", "MJsniffer", 
            MessageBoxButtons.OK, MessageBoxIcon.Error);
        return;
    }
    try
    {
        if (!bContinueCapturing)        
        {
            //Start capturing the packets...

            btnStart.Text = "&Stop";

            bContinueCapturing = true;

            //For sniffing the socket to capture the packets has to be a raw socket, with the
            //address family being of type internetwork, and protocol being IP
            mainSocket = new Socket(AddressFamily.InterNetwork,
                SocketType.Raw, ProtocolType.IP);

            //Bind the socket to the selected IP address
            mainSocket.Bind(new IPEndPoint(IPAddress.Parse(cmbInterfaces.Text), 0));

            //Set the socket  options
            mainSocket.SetSocketOption(SocketOptionLevel.IP,            //Applies only to IP packets
                                       SocketOptionName.HeaderIncluded, //Set the include the header
                                       true);                           //option to true

            byte[] byTrue = new byte[4] {1, 0, 0, 0};
            byte[] byOut = new byte[4]{1, 0, 0, 0}; //Capture outgoing packets

            //Socket.IOControl is analogous to the WSAIoctl method of Winsock 2
            mainSocket.IOControl(IOControlCode.ReceiveAll,              //Equivalent to SIO_RCVALL constant
                                                                        //of Winsock 2
                                 byTrue,                                    
                                 byOut);

            //Start receiving the packets asynchronously
            mainSocket.BeginReceive(byteData, 0, byteData.Length, SocketFlags.None,
                new AsyncCallback(OnReceive), null);
        }
        else
        {
            btnStart.Text = "&Start";
            bContinueCapturing = false;
            //To stop capturing the packets close the socket
            mainSocket.Close ();
        }
    }
    catch (Exception ex)
    {
        MessageBox.Show(ex.Message, "MJsniffer", MessageBoxButtons.OK, MessageBoxIcon.Error);
    }
}

basically that's the start sniffing button

John Saunders
  • 160,644
  • 26
  • 247
  • 397
shahaf shukrun
  • 3
  • 2
  • 2
    You need super-user privileges to create raw sockets. Also, your question would likely get more attention, if you changed it to have a more readable and brief title, and a more verbose and informative body. – Dima Jan 04 '15 at 18:52

1 Answers1

0

This is by design as a security measure. You can circumvent this by running the application as "administrator". There are also other limitations with using raw sockets on windows.

More information about raw sockets:

http://msdn.microsoft.com/en-us/library/windows/desktop/ms740548%28v=vs.85%29.aspx

Winpcap is a bit more flexible to use for a sniffer. There is also a c# wrapper for winpca

http://pcapdotnet.codeplex.com/

Valderann
  • 805
  • 12
  • 30