# Network-capture **Repository Path**: djh-sudo/Network-capture ## Basic Information - **Project Name**: Network-capture - **Description**: 网络抓包 - **Primary Language**: C++ - **License**: Not specified - **Default Branch**: main - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 0 - **Forks**: 1 - **Created**: 2021-11-15 - **Last Updated**: 2022-04-27 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README # Network-capture ## About Project ``` 基于winpcap开发的网络抓包工具,支持TLS(部分),UDP,ICMP,TCP,ARP,DNS等协议的分析,界面参考wireshark。 ``` ## Ethernet ```C /* +-------------------+-----------------+------+ | 6 byte | 6 byte |2 byte| +-------------------+-----------------+------+ |destination address| source address | type | +-------------------+-----------------+------+ */ ``` ## Ipv4 ```C /* +-------+-----------+---------------+-------------------------+ | 4 bit | 4 bit | 8 bit | 16 bit | +-------+-----------+---------------+-------------------------+ |version|head length| TOS/DS_byte | total length | +-------------------+--+---+---+----+-+-+-+-------------------+ | identification | |D|M| offset | +-------------------+---------------+-+-+-+-------------------+ | ttl | protocal | checksum | +-------------------+---------------+-------------------------+ | source ip address | +-------------------------------------------------------------+ | destination ip address | +-------------------------------------------------------------+ */ ``` ## Tcp header ```C /* +----------------------+---------------------+ | 16 bit | 16 bit | +----------------------+---------------------+ | source port | destination port | +----------------------+---------------------+ | sequence number | +----------------------+---------------------+ | ack number | +----+---------+-------+---------------------+ |head| reserve | flags | window size | +----+---------+-------+---------------------+ | checksum | urgent pointer | +----------------------+---------------------+ */ ``` ## Udp header ```C /* +---------------------+---------------------+ | 16 bit | 16 bit | +---------------------+---------------------+ | source port | destination port | +---------------------+---------------------+ | data package length | checksum | +---------------------+---------------------+ */ ``` ## Icmp header ```C /* +---------------------+---------------------+ | 1 byte | 1 byte | 2 byte | +---------------------+---------------------+ | type | code | checksum | +---------------------+---------------------+ | identification | sequence | +---------------------+---------------------+ | option | +-------------------------------------------+ */ ``` ## Arp header ```C /* |<-------- ARP header ------------>| +------+--------+-----+------+-------+----------+---------+---------------+--------------+ |2 byte| 2 byte |1byte| 1byte|2 byte | 6 byte | 4 byte | 6 byte | 4 byte | +------+--------+-----+------+-------+----------+---------+---------------+--------------+ | type |protocol|e_len|ip_len|op_type|source mac|source ip|destination mac|destination ip| +------+--------+-----+------+-------+----------+---------+---------------+--------------+ */ ``` ## Dns header ```C /* +--------------------------+---------------------------+ | 16 bit |1b|4bit|1b|1b|1b|1b|3b|4bit| +--------------------------+--+----+--+--+--+--+--+----+ | identification |QR| OP |AA|TC|RD|RA|..|Resp| +--------------------------+--+----+--+--+--+--+--+----+ | Question | Answer RRs | +--------------------------+---------------------------+ | Authority RRs | Additional RRs | +--------------------------+---------------------------+ */ ``` ## Demo ![](https://github.com/djh-sudo/Network-capture/blob/main/src/demo.png)