Implementation of a simple network sniffer

Absrtact: This paper introduces a simple network sniffer using C language and network packet analysis and development tool.

Keywords: network; data packet; Sniffer

Introduction

At present, there are many sniff tool software, such as Windows environment, the most famous tool is NetXRay and sniffer pro, with them in the Windows environment to grasp the packet to analyze, very convenient. In the UNIX environment, such as Sniffit,snoop,tcpdump,dsniff are more common. This paper introduces a simple network sniffer implemented by Libpcap and WinPcap with C language and network data packet and analysis and development tools.

Network Sniffer program block diagram

First give the process as shown in Figure 1.

Figure 1 Flowchart

Network Sniffer program implementation

In the C environment programming, the source code is as follows:

/* June 2nd,2002
* Project for graduation qualification by BBY team 19 * *
#include <stdio.h>
#include <conio.h>
Must add path, must head file packet32.h include
#include ". \.. \include\packet32.h "
#include ". \.. \include\ntddndis.h "
#define Max_num_adapter 10
Prototypes prototype
Employer
void Printpackets (Lppacket lppacket);
Device List
Char adapterlist[max_num_adapter][1024];
Start of the main program
int main ()
{
Define a pointer to a ADAPTER structure device pointer
Lpadapter lpadapter = 0;
Define a pointer to a PACKET structure packet pointer
Lppacket Lppacket;
int i;
DWORD Dwerrorcode;
DWORD dwversion;
DWORD dwwindowsmajorversion;
Unicode strings (WinNT)
WCHAR adaptername[8192]; List of network adapter devices
WCHAR *TEMP,*TEMP1;
ASCII strings (Win9x)
Char adapternamea[8192]; List of network adapter devices
Char *tempa,*temp1a;
int adapternum=0,open;
ULONG adapterlength;
Char buffer[256000]; A buffer that holds data from the drive
struct BPF_STAT stat;
Get the local network card name
adapterlength=4096;
printf ("Packet.dll test application. Library version:%s\n ", packetgetversion ());
printf ("Adapters installed:\n");
i=0;