Stack Overflow
Stack Overflow

Questions tagged [winpcap]

WinPcap is a discontinued tool for link-layer network access in Windows environments: it allowed applications to capture and transmit network packets bypassing the protocol stack.

WinPcap is a discontinued tool for link-layer network access in Windows environments: it allowed applications to capture and transmit network packets bypassing the protocol stack, and has additional useful features, including kernel-level packet filtering, a network statistics engine and support for remote packet capture.

Project page

361 questions
0
votes
0 answers

Ruby/Windows Pcap (pcaplet)

Is there currently anyway to get 'pcap/pcaplet' working under windows/ruby? I've seen (costly/paid) packet sniffing software for windows that lets you sniff clear-text irc traffic. I thought it would be nice for there to be free software that could…
Corrosive
  • 86
  • 1
  • 11
0
votes
1 answer

WinPcap doesnt catch any arp packets

I try to sniff all the arp traffic. Here is my code: void start(){ pcap_if_t *alldevs; pcap_if_t *d; char errbuf[PCAP_ERRBUF_SIZE]; int choice; pcap_t* pcap_handle; struct bpf_program filter; int i=0; …
user2224350
  • 2,262
  • 5
  • 28
  • 54
0
votes
2 answers

Struggle with using WinPcap/libpcap in Eclipse (+ CDT)

I'm struggling with winpcap in my project. I'm using Eclipse with CDT plugin.. I've installed WinPcap on my PC and included libpcap into my project. But whenever I want to build the project following error message is thrown:…
user2224350
  • 2,262
  • 5
  • 28
  • 54
0
votes
1 answer

Anyone ported Snoop Component Suite version 3.0 to Delphi 2010 ? (ie. Unicode issues)

Has anyone ported "Snoop Component Suite version 3.0" by http://www.netlab.co.kr To Delphi 2010 ? Its a great WinPCap library. Just doesn't work on Delphi 2010 (unicode) Thanks
user296191
  • 405
  • 5
  • 19
0
votes
1 answer

BPF/Wincap filter not working in Pcap.net

I'm using a pcap.net process to broadcast out a packet, and listen in for a response. I want the response packets that it accepts to be a certain length. However, whenever I add a filter it only returns packets of length 100. Here's the code: '…
Kat
  • 2,460
  • 2
  • 36
  • 70
0
votes
1 answer

Will the loop be blocked for a callback function in winpcap?

In winpcap C++ environmet. pcap_loop(adhandle, 0, packet_handler, NULL); packet_handler is a callback function when it receives a packet. Now my problem is If I wrote a code like this while(true) { pcap_loop(adhandle,0,…
kururu
  • 69
  • 1
  • 10
0
votes
1 answer

Reading From Multiple PcapFiles In One Instance of the program

I am using Sharppcap wrapper for WinPcap and I am trying to read multiple pcap files, consecutively, in one instance of a program/ program lifetime foreach (FILENAME in LIST) // pseudocode { ICaptureDevice device; try { device…
Murph
  • 3
  • 5
0
votes
1 answer

Sending out Ping Requests

Using WinpCap and trying to generate my own ping requests. On both machines I see the ping request and the only differences between the ones I've generated the ones Windows has generated is my checksum is 0 (been told that's ok) and the identified…
bobber205
  • 12,948
  • 27
  • 74
  • 100
0
votes
1 answer

filtering packets from pcap file

I am new with the pcap library and I am building a program that loads pcap file and process it for my needs with winpcap. this is part of my pseudo code: pcap_file= pcap_open_offline(pcap_path, errbuff); while ( !EOF ) { //read the next packet…
user3378689
  • 209
  • 1
  • 4
  • 12
0
votes
2 answers

how to know if a packet sniffed is accessed from a website directly and not linked?

is there any way to know if a certain tcp segment which has a request message to a server is directly accessed by a user through a browser. not just that its linked by the browser itself to complete the requested page. like for example, a web page…
jerams
  • 113
  • 1
  • 2
  • 8
0
votes
1 answer

How to capture only traffic sent or destined to the local machine using WinPCAP?

I want to only capture the traffic sent or destined to my local machine (no promiscuous mode). Nevertheless, broadcast traffic should also be captured. So, the question is how to open the adapter? Which flags should be used? There is no specific…
Jonas
  • 2,974
  • 4
  • 24
  • 23
0
votes
3 answers

how to know which is the last TCP segment received by the server when data is transferring?

When transferring data in TCP, and given all the incoming and outcoming packets, how will one know if the packet received is the last of the data? TCP packets are fragmented into smaller parts. I'm transferring over the HTTP protocol.
jerams
  • 113
  • 1
  • 2
  • 8
0
votes
1 answer

getting the previous packet from pcap file

Im using pcap_next_ex(); to get the next packet. I tried to search for getting the last previous packet but I couldn't find such function. if someone know if it is possible to get the last previous packet it will be very helpful. thanks!
user3378689
  • 209
  • 1
  • 4
  • 12
0
votes
1 answer

Is Winpcap captures and modifys data?

I am working on project that can capture the data passed from the user to the network in the same machine and modify its contents. But I don't know if Winpcap can only capture or can also modify the data??? I hope my question was so obvious for you!
Rasool Ahmed
  • 103
  • 2
  • 9
0
votes
1 answer

get the first packet of pcap file

I am writing code that scan the packets of pcap file. I use the command pcap_next_ex() to get the next packet. is there a way to get the first packet- somewhere in the middle of the code, without close and reopen the pcap file? Thanks.
user3378689
  • 209
  • 1
  • 4
  • 12
1 2 3
23 24