Stack Overflow
Stack Overflow

Questions tagged [winpcap]

WinPcap is a discontinued tool for link-layer network access in Windows environments: it allowed applications to capture and transmit network packets bypassing the protocol stack.

WinPcap is a discontinued tool for link-layer network access in Windows environments: it allowed applications to capture and transmit network packets bypassing the protocol stack, and has additional useful features, including kernel-level packet filtering, a network statistics engine and support for remote packet capture.

Project page

361 questions
0
votes
1 answer

READ PCAP: memory error in Python DPKT

I am trying to read PCAP file in python 2.7.10. The code is:---> import dpkt f = open('testbed-11jun.pcap') pcap = dpkt.pcap.Reader(f) for ts, buf in pcap: print ts, len(buf) But I got this error:---> 1276225266.46 60 1276225266.72…
titu_resu
  • 9
  • 2
0
votes
1 answer

pcap_sendpacket will send two identical packets once

I'm trying to send some self-packed Ethernet packets via the Winpcap API pcap_sendpacket(), but I got two identical packets after invoking the API once. The two packets can be captured on Wireshark for debugging purpose, with identical data and…
Alex Bu
  • 1
  • 2
0
votes
1 answer

MITM with winpcap and/or sockets? - C++

i am developing an MITM for windows. I am using winpcap. I did correctly the arp spoofing and the ip fordwarding to the victims of my network. The problem of winpcap is that you cant control the packets, you need sockets to do this. With winpcap you…
Kaxperday
  • 47
  • 7
0
votes
0 answers

TCP checksum 3.0 version

i am here again to calculate the TCP checksum. I need add pseudoheader tcp + tcp header + tcp payload. All must be added in pieces of 16 bits as you should known. In my code the first thing i do it is added to "sumando" (the variable which loads the…
Kaxperday
  • 47
  • 7
0
votes
1 answer

Why pcap_next_ex keeps returning 0 on Window?

I'm using winpcap to implement a sniffer, I keep polling the following readpacket function but randomly (some times after 1 minute some times after 5 hours) my program get stuck in this procedure's while since rc keep being equal 0. Why is this…
Roberto Fronteddu
  • 149
  • 1
  • 11
0
votes
1 answer

How to use SharpPcap to dump packets fast

I'm using SharpPcap to dump packets to a .pcap file. My problem is, that it's working to slow to capture any amount of network traffic and I run out of memory eventually. How can i speed up the file writing process? Here is the code I'm using: …
Christian
  • 123
  • 7
0
votes
1 answer

Winpcap : using pcap_stats() for saved files

I have to following problem. I need to scan a .pcap file (saved file) for re-transmitted tcp packets. I'm using the Winpcap lib. I tried using pcap_stats() to check for dropped packets (which will also represent re-transmitted packets), but found…
Nadav. G
  • 1
0
votes
0 answers

why i can get the ICMP ECHO REPLY?(my ping program with winpcap)

I don't know why i can get the icmp echo reply. ICMP ECHO Resquest message that i write ICMP ECHO Resquest message that window icmp echo request function Also my ICMP Message don't pass router. I do not why this happen.
DevShepherd
  • 11
  • 2
0
votes
2 answers

SharpPcap Encoding.UTF8.GetBytes

Does someone know which is the right way to get the actual text in these bytes? I do something wrong here. And another question: is utf-8 the most generic encoding, that will show most of the chars correctly? TY private void…
Itay.B
  • 3,991
  • 14
  • 61
  • 96
0
votes
2 answers

to monitor local pc network and block ip's is winpcap is the tool?

i need to build network monitor that sniff the network and to hold ip policy that will enable me to block the network based on this policy for example: if im getting incoming http protocol from ip that is in my ip policy black list and now i like to…
user63898
  • 29,839
  • 85
  • 272
  • 514
0
votes
1 answer

risk related to using winPcap in place of socket

What I have read so far, winPcap allows you to bypass OS and bypass application and transport layer processing for TCP and provides direct access to the link layer. I am planning to use winpcap to do some user application stuff and not just…
bsobaid
  • 955
  • 1
  • 16
  • 36
0
votes
1 answer

Sharppcap - How to get the traffiqued file name?

I managed to capture the content of the file trafficked across the network, however I am unable to capture the file name. class Program { static void Main(string[] args) { // Retrieve the device list CaptureDeviceList devices…
Vinicius Gonçalves
  • 2,514
  • 1
  • 29
  • 54
0
votes
1 answer

How to come out of blocked WinPcap API i.e pcap_next_ex()?

In some application i am using WinPcap library to capture packets. I am developing application using WPF. Here i am calling pcap_next_ex() API in while loop with backgroundworker. here the pcap_next_ex is gets blocked, it's not responding.so our wpf…
Sathish Reddy
  • 53
  • 8
0
votes
0 answers

If no packet in air, why pcap_next_ex() is not returning anything?

I am working on a sniffer. I am using WinPcap library in it. I am using a pcap_next_ex API to get the packets, I am calling this is in a infinite loop from the from application. When I configure sniffer in 56 channel, there are no packets in air,…
Sathish Reddy
  • 53
  • 8
0
votes
1 answer

'pcap_loop' is not recording packets and isn't even running

I'm trying to do some simple packet capturing with pcap, and so I've created a handle to listen through eth0. My issue is with the pcap_loop(handle, 10, myCallback, NULL); line near the end of my code. I'm trying to use pcap_loop. The expected…
Jon Tan
  • 1,461
  • 3
  • 17
  • 33
1 2 3
23 24