JAVA从包中获取URL
我正在制作一个捕捉网络流量的应用程序。我需要获取浏览器向用户显示的URL,我想我可以使用InetAddress从我捕获的IP获取域,但它不同。例如,我从facebook.com获得的域名是xx-fbcdn-shv-01-dft4.fbcdn.net,这并不总是相同的。还有别的办法吗?有可能吗 我使用JNetPCap库及其页面的示例代码只是为了学习如何在我的项目中实现它JAVA从包中获取URL,java,url,networking,dns,ip,Java,Url,Networking,Dns,Ip,我正在制作一个捕捉网络流量的应用程序。我需要获取浏览器向用户显示的URL,我想我可以使用InetAddress从我捕获的IP获取域,但它不同。例如,我从facebook.com获得的域名是xx-fbcdn-shv-01-dft4.fbcdn.net,这并不总是相同的。还有别的办法吗?有可能吗 我使用JNetPCap库及其页面的示例代码只是为了学习如何在我的项目中实现它 import java.net.InetAddress; import java.net.UnknownHostExceptio
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import org.jnetpcap.*;
import org.jnetpcap.packet.PcapPacket;
import org.jnetpcap.packet.PcapPacketHandler;
import org.jnetpcap.protocol.network.Ip4;
/**
*
* @author User
*/
public class Sniffer {
static private String device;
public static void main(String[] args) {
List<PcapIf> alldevs = new ArrayList<>(); // Will be filled with NICs
StringBuilder errbuf = new StringBuilder(); // For any error msgs
/**
* *************************************************************************
* First get a list of devices on this system
*************************************************************************
*/
int r = Pcap.findAllDevs(alldevs, errbuf);
if (r == Pcap.NOT_OK || alldevs.isEmpty()) {
System.err.printf("Can't read list of devices, error is %s", errbuf
.toString());
return;
}
System.out.println("Network devices found:");
int i = 0;
for (PcapIf device : alldevs) {
String description
= (device.getDescription() != null) ? device.getDescription()
: "No description available";
System.out.printf("#%d: %s [%s]\n", i++, device.getName(), description);
System.out.println(device.toString());
}
PcapIf device = alldevs.get(2);
/***************************************************************************
* Second we open up the selected device
**************************************************************************/
int snaplen = 64 * 1024; // Capture all packets, no trucation
int flags = Pcap.MODE_PROMISCUOUS; // capture all packets
int timeout = 10 * 1000; // 10 seconds in millis
Pcap pcap
= Pcap.openLive(device.getName(), snaplen, flags, timeout, errbuf);
if (pcap == null) {
System.err.printf("Error while opening device for capture: "
+ errbuf.toString());
return;
}
///*-------------------------------------------------------------------- ------------------------------
PcapBpfProgram program = new PcapBpfProgram();
String expression = "port 80";
int optimize = 0; // false
int netmask = 0xFFFFFF00; // 255.255.255.0
if (pcap.compile(program, expression, optimize, netmask) != Pcap.OK) {
System.err.println(pcap.getErr());
return;
}
if (pcap.setFilter(program) != Pcap.OK) {
System.err.println(pcap.getErr());
return;
}
///*
/**
* *************************************************************************
* Third we create a packet handler which will receive packets from the
* libpcap loop.
*************************************************************************
*/
PcapPacketHandler<String> jpacketHandler = (PcapPacket packet, String user) -> {
System.out.printf("Received packet at %s caplen=%-4d len=%-4d %s\n",
new Date(packet.getCaptureHeader().timestampInMillis()),
packet.getCaptureHeader().caplen(), // Length actually captured
packet.getCaptureHeader().wirelen(), // Original length
user // User supplied object
);
Ip4 ip = new Ip4();
//Tcp tcp= new Tcp();
byte[] sIP;
if (packet.hasHeader(ip)) {
try {
sIP = packet.getHeader(ip).source();
String sourceIP = org.jnetpcap.packet.format.FormatUtils.ip(sIP);
String myIp = InetAddress.getLocalHost().getHostAddress();
if (!myIp.equals(sourceIP)) {
System.out.println("source= "+sourceIP);
String domain;
domain = InetAddress.getByName(sourceIP).getHostName();
System.out.println("--------------------------"+domain);
}
} catch (UnknownHostException ex) {
Logger.getLogger(Sniffer.class.getName()).log(Level.SEVERE, null, ex);
}
}
};
/**
* *************************************************************************
* Fourth we enter the loop and tell it to capture 10 packets. The loop
* method does a mapping of pcap.datalink() DLT value to JProtocol ID,
* which is needed by JScanner. The scanner scans the packet buffer and
* decodes the headers. The mapping is done automatically, although a
* variation on the loop method exists that allows the programmer to
* sepecify exactly which protocol ID to use as the data link type for
* this pcap interface.
*************************************************************************
*/
pcap.loop(-1, jpacketHandler, "jNetPcap rocks!");
/**
* *************************************************************************
* Last thing to do is close the pcap handle
*************************************************************************
*/
pcap.close();
}
}
导入java.net.InetAddress;
导入java.net.UnknownHostException;
导入java.util.ArrayList;
导入java.util.Date;
导入java.util.List;
导入java.util.logging.Level;
导入java.util.logging.Logger;
导入org.jnetpcap.*;
导入org.jnetpcap.packet.PcapPacket;
导入org.jnetpcap.packet.PcapPacketHandler;
导入org.jnetpcap.protocol.network.Ip4;
/**
*
*@author用户
*/
公共类嗅探器{
静态专用字符串设备;
公共静态void main(字符串[]args){
List alldevs=new ArrayList();//将用NIC填充
StringBuilder errbuf=new StringBuilder();//对于任何错误msgs
/**
* *************************************************************************
*首先获取此系统上的设备列表
*************************************************************************
*/
int r=Pcap.findAllDevs(alldevs,errbuf);
if(r==Pcap.NOT|u OK | | alldevs.isEmpty()){
System.err.printf(“无法读取设备列表,错误为%s”),errbuf
.toString());
返回;
}
System.out.println(“找到的网络设备:”);
int i=0;
用于(PcapIf设备:alldevs){
字符串描述
=(device.getDescription()!=null)?device.getDescription()
:“没有可用的描述”;
System.out.printf(“#%d:%s[%s]\n”,i++,device.getName(),description);
System.out.println(device.toString());
}
PcapIf device=alldevs.get(2);
/***************************************************************************
*其次,我们打开所选设备
**************************************************************************/
int snaplen=64*1024;//捕获所有数据包,无指令
int flags=Pcap.MODE\u PROMISCUOUS;//捕获所有数据包
int timeout=10*1000;//以毫秒为单位的10秒
Pcap Pcap
=Pcap.openLive(device.getName(),snaplen,标志,超时,errbuf);
如果(pcap==null){
System.err.printf(“打开设备进行捕获时出错:”
+errbuf.toString());
返回;
}
///*-------------------------------------------------------------------- ------------------------------
PcapBpfProgram程序=新的PcapBpfProgram();
字符串表达式=“端口80”;
int optimize=0;//false
int netmask=0xFFFFFF00;//255.255.255.0
if(pcap.compile(程序、表达式、优化、网络掩码)!=pcap.OK){
System.err.println(pcap.getErr());
返回;
}
如果(pcap.setFilter(程序)!=pcap.OK){
System.err.println(pcap.getErr());
返回;
}
///*
/**
* *************************************************************************
*第三,我们创建一个数据包处理程序,它将从
*libpcap循环。
*************************************************************************
*/
PcapPacketHandler jpacketHandler=(PcapPacket数据包,字符串用户)->{
System.out.printf(“在%s caplen=%-4d len=%-4d%s处收到的数据包\n”,
新日期(packet.getCaptureHeader().timestampInMillis()),
packet.getCaptureHeader().caplen(),//实际捕获的长度
packet.getCaptureHeader().wirelen(),//原始长度
用户//用户提供的对象
);
Ip4 ip=新的Ip4();
//Tcp=新的Tcp();
字节[]sIP;
if(数据包哈希头(ip)){
试一试{
sIP=packet.getHeader(ip.source();
字符串sourceIP=org.jnetpcap.packet.format.FormatUtils.ip(sIP);
字符串myIp=InetAddress.getLocalHost().getHostAddress();
如果(!myIp.equals(sourceIP)){
System.out.println(“source=“+sourceIP”);
字符串域;
domain=InetAddress.getByName(sourceIP.getHostName();
System.out.println(“--------------------------------------+域);
}
}捕获(未知后异常除外){
Logger.getLogger(Sniffer.class.getName()).log(Level.SEVERE,null,ex);
}
}
};
/**
* *************************************************************************
*第四,我们进入循环,让它捕获10个数据包
*方法将pcap.datalink()DLT值映射到JProtocol ID,
*这是JScanner需要的。扫描仪扫描数据包缓冲区并
*解码标题。映射是自动完成的,尽管
*循环方法的变化允许程序员
*明确指定要用作数据链路类型的协议ID
*这是一个pcap接口。
*************************************************************************
*/
loop(-1,jpacketHandler,“jNetPcap岩石!”);
/**
* *************************************************************************
*最后要做的是关闭pcap句柄
*************************************************************************
*/
pcap.close();
}
}
你不能。大型网站有几个地址,所以Facebook.com解析为许多地址,但反向查找这些地址不会解析为Facebook.com。
如果您可以捕获您可以阅读http头的对话,那么您可以在那里找到您感兴趣的url。我找到了一种方法来读取tcp数据包并使用其目标端口。谢谢你的帮助,我无法找到解决办法
static String dominios[] = {"com", "org", "net", "info", "biz", "edu", "gob"};
PcapPacketHandler<String> jpacketHandler = (PcapPacket packet, String user) -> {
Tcp tcp= new Tcp();
Http http= new Http();
if (packet.hasHeader(tcp)) {
if (tcp.destination() == 443) {
int payloadstart = tcp.getOffset() + tcp.size();
JBuffer buffer = new JBuffer(64 * 1024);
buffer.peer(packet, payloadstart, packet.size() - payloadstart);
String payload = buffer.toHexdump(packet.size(), false, true, true);
for (String b : dominios) {
if (payload.contains(b)) {
procesarTcp(payload, b);
}
}
}
else if(packet.hasHeader(http)){
System.out.println(http.fieldValue(Http.Request.Host));
}
}
};
public static void procesarTcp(String payload, String dominio) {
payload= payload.substring(0,payload.indexOf(dominio)+dominio.length());
StringTokenizer token= new StringTokenizer(payload,"\n");
String pagina;
String aux;
payload="";
while(token.hasMoreTokens()){
aux=token.nextToken();
payload+=aux.substring(aux.indexOf(" ")+4, aux.length());
}
pagina= payload.substring(payload.lastIndexOf("..")+2,payload.length());
System.err.println(pagina);
}