2023年7月23日发(作者:)
通过JPcap捕获⽹络TCP数据包,并将解析的信息写⼊execl⽂件中以下代码主要实现功能:1.利⽤JPcap捕获指定⽹卡的所有TCP数据包,并解析出"SRC_MAC","DST_MAC", "SRC_IP", "DST_IP", "GETInfo", "RefererInfo","HostInfo"等信息。2. 将这些信息不覆盖的写⼊到execl⽂件,并且将每天的数据信息记录在以年⽉⽇命名的execl⼯作表(sheet)中。
package execl;import ;import ption;import DateFormat;import ;import jpcap.*;import etPacket;import ;import ket;import ok;import ;import leSheet;import leWorkbook;import xception;public class HttpMessageReceive implements PacketReceiver {
public static File file = new File("G:" + tor + "Experiment" + tor + "HTTP" + tor + ""); public static File tempfile = new File("G:" + tor + "Experiment" + tor + "HTTP" + tor + ""); public static String[] HttpInfoStr = {"0","0","0","0","0","0","0","0"}; public static final String[] HTTPStart = {"GET","POST","OPTIONS"}; //HTTP协议有效信息开始的三个标志 public static final String[] StrLabel = { "TimeOnLine", "SRC_MAC","DST_MAC", "SRC_IP", "DST_IP", "GETInfo", "RefererInfo", "HostInfo" };
public static void main(String[] args) throws Exception {
NetworkInterface[] devices = iceList(); if(<1){ n("usage: java Tcpdump
for (int i = 0; i < ; i++) { (i+" :"+devices[i].name + "(" + devices[i].description+")"); n("data link:"+devices[i].datalink_name + "(" + devices[i].datalink_description+")"); ("MAC address:"); for (byte b : devices[i].mac_address) (tring(b&0xff) + ":");
n(""); for (NetworkInterfaceAddress a : devices[i].addresses) n("address:"+s + " " + + " " + ast); } } }else{ JpcapCaptor jpcap = vice(devices[nt(args[0])], 2000, false, 20); ter("tcp", true); //设置过滤规则,只抓取tcps数据包 cket(-1, new HttpMessageReceive()); } } public void receivePacket(Packet packet) {
try {
String TimeOnLine = new SimpleDateFormat("yyyyMMddHHmmssSSS").format(new Date()); HttpInfoStr[0] = TimeOnLine; //时间戳
TCPPacket tcpPacket = (TCPPacket) packet;
EthernetPacket ethernetPacket = (EthernetPacket) nk;
HttpInfoStr[1] = rceAddress(); //SRC_MAC: HttpInfoStr[2] = tinationAddress(); //DST_MAC HttpInfoStr[3] = _ng().substring(1); //SRC_IP HttpInfoStr[4] = _ng().substring(1); //DST_IP
String HTTPData = new String(,"utf-8"); if(With(HTTPStart[0])){ //GET⽅法访问
int GETInfoStart = 0; int GETInfoEnd = f("rn",GETInfoStart); String GETInfo = ing(GETInfoStart, GETInfoEnd); HttpInfoStr[5] = GETInfo; int RefererInfoStart = f("Referer"); int RefererInfoEnd = f("rn",RefererInfoStart); String RefererInfo = ing(RefererInfoStart, RefererInfoEnd); HttpInfoStr[6] = RefererInfo;
int HostInfoStart = f("Host"); int HostInfoEnd = f("rn",HostInfoStart); String HostInfo = ing(HostInfoStart, HostInfoEnd); HttpInfoStr[7] = HostInfo;
}else if(With(HTTPStart[1])){ //POST⽅法访问 //后续改进
}
//将sbIPv4Data,GETInfo,HostInfo,RefererInfo信息写⼊⽂件 if(!"0".equals(HttpInfoStr[6])&& !"0".equals(HttpInfoStr[7])){ //当Host和Referer不为空时写⼊⽂件 try {
String sheetName = HttpInfoStr[0].substring(0, 8); int indexStrLabel = 0; int indexHttpInfo = 0;
if(!()){ WritableWorkbook wwb = Workbook(file); WritableSheet ws = Sheet(sheetName, 0);
while(indexStrLabel < ){ Label label = new Label(indexStrLabel, 0, StrLabel[indexStrLabel]); umnView(indexHttpInfo, HttpInfoStr[indexHttpInfo].length()+2); l(label); indexStrLabel++; } while(indexHttpInfo < ){ Label label = new Label(indexHttpInfo, 1, HttpInfoStr[indexHttpInfo]); umnView(indexHttpInfo, HttpInfoStr[indexHttpInfo].length()+2); l(label); indexHttpInfo++; } //写⼊Exel⼯作表 (); //关闭Excel⼯作薄对象 (); ();
n("============================================="); }else{
Workbook rwb = kbook(file); WritableWorkbook wwb = Workbook(tempfile, rwb); int sheetNum = berOfSheets();
if(et(sheetName) == null){ WritableSheet ws = Sheet(sheetName, sheetNum); while(indexStrLabel < ){ Label label = new Label(indexStrLabel, 0, StrLabel[indexStrLabel]); umnView(indexHttpInfo, HttpInfoStr[indexHttpInfo].length()+2); l(label); indexStrLabel++; } while(indexHttpInfo < ){ Label label = new Label(indexHttpInfo, 1, HttpInfoStr[indexHttpInfo]); umnView(indexHttpInfo, HttpInfoStr[indexHttpInfo].length()+2); l(label); indexHttpInfo++; } }else{ int CurrentSheetNumRows = et(sheetName).getRows(); WritableSheet ws = et(sheetName); while(indexHttpInfo < ){ Label label = new Label(indexHttpInfo, CurrentSheetNumRows, HttpInfoStr[indexHttpInfo]); umnView(indexHttpInfo, HttpInfoStr[indexHttpInfo].length()+2); l(label); indexHttpInfo++; } }
(); (); (); String filename = h(); n("filename:" + filename); (); To(file); n("tempfile:" + h()); n(()); n(());
}
} catch (WriteException e) { // TODO Auto-generated catch block tackTrace(); } catch (Exception e) { // TODO Auto-generated catch block tackTrace(); } }
} catch (IOException e1) { // TODO Auto-generated catch block tackTrace(); }
}}
发布者:admin,转转请注明出处:http://www.yc00.com/web/1690103452a306142.html
评论列表(0条)