java抓包后对pcap文件解析示例.pdf

发布时间：2022-05-29 发布人：admin 分类：说明书资料大小：0.04M 资料格式：pdf 举报版权申诉

weixin_38632046-12810683-4744300845404041867.pdf-第1页.png

第1页 / 共5页

weixin_38632046-12810683-4744300845404041867.pdf-第2页.png

第2页 / 共5页

weixin_38632046-12810683-4744300845404041867.pdf-第3页.png

第3页 / 共5页

weixin_38632046-12810683-4744300845404041867.pdf-第4页.png

第4页 / 共5页

weixin_38632046-12810683-4744300845404041867.pdf-第5页.png

第5页 / 共5页

文本预览

抓包后对pcap文件解析示例文件解析示例 java抓包后对主要介绍了java抓包后对pcap文件解析示例,需要的朋友可以参考下这是自己写的简单的解析pcap文件，方便读取pcap文件，大家参考使用吧复制代码代码如下: InputStream is = DataParser.class.getClassLoader().getResourceAsStream("baidu_cdr.pcap"); Pcap pcap = PcapParser.unpack(is); is.close(); byte[] t = pcap.getData().get(0).getContent(); byte[] data = Arrays.copyOfRange(t, 42, t.length); PcapParser.java 复制代码代码如下: package com.hylanda.pcap; import java.io.IOException; import java.io.InputStream; import java.util.ArrayList; import java.util.List; /** * @author zhouqisheng * */ public class PcapParser { public static Pcap unpack(InputStream is) throws IOException { Pcap pcap = null; byte[] buffer_4 = new byte[4]; byte[] buffer_2 = new byte[2]; pcap = new Pcap(); PcapHeader header = new PcapHeader(); int m = is.read(buffer_4); if(m != 4){ return null; } reverseByteArray(buffer_4); header.setMagic(byteArrayToInt(buffer_4, 0)); m = is.read(buffer_2); reverseByteArray(buffer_2); header.setMagor_version(byteArrayToShort(buffer_2, 0)); m = is.read(buffer_2); reverseByteArray(buffer_2); header.setMinor_version(byteArrayToShort(buffer_2, 0)); m = is.read(buffer_4); reverseByteArray(buffer_4); header.setTimezone(byteArrayToInt(buffer_4, 0)); m = is.read(buffer_4); reverseByteArray(buffer_4); header.setSigflags(byteArrayToInt(buffer_4, 0)); m = is.read(buffer_4); reverseByteArray(buffer_4); header.setSnaplen(byteArrayToInt(buffer_4, 0)); m = is.read(buffer_4); reverseByteArray(buffer_4); header.setLinktype(byteArrayToInt(buffer_4, 0)); pcap.setHeader(header); List dataList = new ArrayList(); while (m > 0) {

PcapData data = new PcapData(); m = is.read(buffer_4); if (m < 0) { break; } reverseByteArray(buffer_4); data.setTime_s(byteArrayToInt(buffer_4, 0)); m = is.read(buffer_4); reverseByteArray(buffer_4); data.setTime_ms(byteArrayToInt(buffer_4, 0)); m = is.read(buffer_4); reverseByteArray(buffer_4); data.setpLength(byteArrayToInt(buffer_4, 0)); m = is.read(buffer_4); reverseByteArray(buffer_4); data.setLength(byteArrayToInt(buffer_4, 0)); byte[] content = new byte[data.getpLength()]; m = is.read(content); data.setContent(content); dataList.add(data); } pcap.setData(dataList); return pcap; } private static int byteArrayToInt(byte[] b, int offset) { int value = 0; for (int i = 0; i < 4; i++) { int shift = (4 - 1 - i) * 8; value += (b[i + offset] & 0x000000FF) << shift; } return value; } private static short byteArrayToShort(byte[] b, int offset) { short value = 0; for (int i = 0; i < 2; i++) { int shift = (2 - 1 - i) * 8; value += (b[i + offset] & 0x000000FF) << shift; } return value; } /** * 反转数组 * @param arr */ private static void reverseByteArray(byte[] arr){ byte temp; int n = arr.length; for(int i=0; i

import java.util.List; /** * @author zhouqisheng * */ public class Pcap { private PcapHeader header; private List data; public PcapHeader getHeader() { return header; } public void setHeader(PcapHeader header) { this.header = header; } public List getData() { return data; } public void setData(List data) { this.data = data; } @Override public String toString(){ StringBuilder s = new StringBuilder(); s.append("header{\n"); s.append(header.toString()); s.append("}\n"); s.append("data part count=").append(data.size()); return s.toString(); } } PcapData.java 复制代码代码如下: package com.hylanda.pcap; /** * @author zhouqisheng * 数据包头 */ public class PcapData { private int time_s;//时间戳（秒） private int time_ms;//时间戳（微妙） private int pLength;//抓包长度 private int length;//实际长度 private byte[] content;//数据 public int getTime_s() { return time_s; } public void setTime_s(int time_s) { this.time_s = time_s; } public int getTime_ms() { return time_ms; } public void setTime_ms(int time_ms) { this.time_ms = time_ms; } public int getpLength() { return pLength; } public void setpLength(int pLength) { this.pLength = pLength; } public int getLength() { return length;

} public void setLength(int length) { this.length = length; } public byte[] getContent() { return content; } public void setContent(byte[] content) { this.content = content; } @Override public String toString(){ StringBuilder s = new StringBuilder(); s.append("time_s=").append(this.time_s); s.append("\ntime_ms=").append(this.time_ms); s.append("\npLength=").append(this.pLength); s.append("\nlength=").append(this.length); return null; } } PcapHeader.java 复制代码代码如下: package com.hylanda.pcap; /** * @author zhouqisheng * pcap文件头 */ public class PcapHeader { private int magic;//文件识别头,为0xA1B2C3D4 private short magor_version;//主要版本 private short minor_version;//次要版本 private int timezone;//当地标准时间 private int sigflags;//时间戳的精度 private int snaplen;//最大的存储长度 /** * 0 BSD loopback devices, except for later OpenBSD 1 Ethernet, and Linux loopback devices 6 802.5 Token Ring 7 ARCnet 8 SLIP 9 PPP 10 FDDI 100 LLC/SNAP-encapsulated ATM 101 “raw IP”, with no link 102 BSD/OS SLIP 103 BSD/OS PPP 104 Cisco HDLC 105 802.11 108 later OpenBSD loopback devices (with the AF_value in network byte order) 113 special Linux “cooked” capture 114 LocalTalk */ private int linktype;//链路类型 public int getMagic() { return magic; } public void setMagic(int magic) { this.magic = magic; } public short getMagor_version() { return magor_version; } public void setMagor_version(short magor_version) { this.magor_version = magor_version;

} public short getMinor_version() { return minor_version; } public void setMinor_version(short minor_version) { this.minor_version = minor_version; } public int getTimezone() { return timezone; } public void setTimezone(int timezone) { this.timezone = timezone; } public int getSigflags() { return sigflags; } public void setSigflags(int sigflags) { this.sigflags = sigflags; } public int getSnaplen() { return snaplen; } public void setSnaplen(int snaplen) { this.snaplen = snaplen; } public int getLinktype() { return linktype; } public void setLinktype(int linktype) { this.linktype = linktype; } @Override public String toString(){ StringBuilder s = new StringBuilder(); s.append("magic=").append("0x" + Integer.toHexString(this.magic)); s.append("\nmagor_version=").append(this.magor_version); s.append("\nminor_version=").append(this.minor_version); s.append("\ntimezone=").append(this.timezone); s.append("\nsigflags=").append(this.sigflags); s.append("\nsnaplen=").append(this.snaplen); s.append("\nlinktype=").append(this.linktype); return s.toString(); } }

分享到：

赞收藏

资料库

java抓包后对pcap文件解析示例.pdf

相关推荐

开发技术

热门标签

最新资料