Java 使用jnetpcap从pcap文件读取ssid
所以我有一个pcap文件,当我在wireshark中打开这个文件时,我会看到一些带标签的参数,其中一个是ssid,我想简单地在屏幕上打印出来 我已经做了以下工作:Java 使用jnetpcap从pcap文件读取ssid,java,packet,pcap,jnetpcap,Java,Packet,Pcap,Jnetpcap,所以我有一个pcap文件,当我在wireshark中打开这个文件时,我会看到一些带标签的参数,其中一个是ssid,我想简单地在屏幕上打印出来 我已经做了以下工作: public class PacketHandler implements PcapPacketHandler<Object> { @Override public void nextPacket(PcapPacket packet, Object unused) { StringBuilder str =
public class PacketHandler implements PcapPacketHandler<Object> {
@Override
public void nextPacket(PcapPacket packet, Object unused) {
StringBuilder str = new StringBuilder();
packet.getUTF8String(0, str, packet.getTotalSize());
String rawStringData = str.toString();
System.out.println(rawStringData);
String packetAsHex = packet.toHexdump(0, false, true, true);
System.out.println(packetAsHex);
}
}
我将ssid视为一个字符串,但它似乎没有被正确解码,理想情况下,我希望能够检索我在wireshark中看到的所有标记参数
唉,我不知道如何做到这一点,有人能让我走上正确的轨道吗?什么东西没有被正确解码?你期待什么?你看到了什么? 不以任何方式标记参数。它们只有特定的专用字节。你只要知道去哪里找就行了 让我向您展示一个旧jnetpcap代码的示例。现在,由于您熟悉jnetpcap,而我无法真正理解问题所在,因此我仅向您展示一段代码,猜测您将掌握其中的诀窍 下面的代码是我对的解析。数据是从文件中提取的数据
int packet_size = packet.size();
JBuffer packet_buf = packet;
byte[] data = packet_buf.getByteArray(0, packet_size);
int[] data_int = new int[max_byte_read];
for (int k = 0; k<max_byte_read; k++) {
data_int[k] = data[k]&0xFF;
}
byte[] frame_control = new byte[2];
byte[] duration = new byte[2];
byte[] dest_ip = new byte[6];
byte[] src_ip = new byte[6];
byte[] bss_id = new byte[6];
byte[] seq_ctrl = new byte[2];
byte[] time_stamp = new byte[8];
byte[] beacon_interval = new byte[2];
byte[] capability_info = new byte[2];
byte[] tag_nr = new byte[1];
byte[] tag_len = new byte[1];
if (data_int[0]==0x80) {
// It's a beacon
System.out.printf("It's a beacon!\n");
frame_control = Arrays.copyOfRange(data, 0, 2);
duration = Arrays.copyOfRange(data, 2, 4);
dest_ip = Arrays.copyOfRange(data, 4, 10);
src_ip = Arrays.copyOfRange(data, 10, 16);
bss_id = Arrays.copyOfRange(data, 16, 22);
seq_ctrl = Arrays.copyOfRange(data, 22, 24);
time_stamp = Arrays.copyOfRange(data, 24, 32);
beacon_interval = Arrays.copyOfRange(data, 32, 34);
capability_info = Arrays.copyOfRange(data, 34, 36);
tag_nr = Arrays.copyOfRange(data, 36, 37);
tag_len = Arrays.copyOfRange(data, 37, 38);
int ss_id_len = tag_len[0];
byte[] ss_id = new byte[ss_id_len];
ss_id = Arrays.copyOfRange(data, 38, 38+ss_id_len);
System.out.printf("SSID: ");
for (byte b : ss_id) {
int c = b&0xFF;
System.out.printf("%s", (char) c);
}
System.out.println("");
}
else {
System.out.println("Not a beacon unfortunately");
}
如果这对你没有任何帮助,我可以试着发布一个完整的例子。但既然这样做可能有点过头了,我现在就坚持这一点