C# .NET 使用第三方库SharpPcap进行抓包示例_c# sharppcap

        本文主要讲述使用C#库进行抓包的示例代码，其本人在网上搜索了很久，找到了很多关于使用SharpPcap库的示例，但均会报错，通过VS种 '管理NuGet程序包'安装好了SharpPcap及其依赖，但会因为版本及其内部代码变更而导致程序报错。后面我会将完整代码上传以供参考学习（如下载我所编写代码，可以保证其库文件及依赖版本正确，visual studio版本为Microsoft Visual Studio Community 2022 (64 位) - Current版本 17.9.1）。

代码部分

1.此为初始化及开始抓包部分示例

private void MonitorBtn_Click(object sender, EventArgs e)
{
    var devices = CaptureDeviceList.Instance; //初始化
    //devices[0].
    foreach (var dev in devices)
    {
        Console.WriteLine("{0}\n", dev.ToString()); // 选择网卡
    }
        
 
    device = LibPcapLiveDeviceList.Instance[1];
    if (MonitorBtn.Text == "开始监听")
    {
        device.Open(DeviceModes.Promiscuous);
        device.OnPacketArrival += Device_OnPacketArrival;
        device.StartCapture();
        MonitorAllBtn.Enabled = true;
 
        MonitorBtn.Text = "关闭监听";
    }
    else if(MonitorBtn.Text == "关闭监听")
    {
        device.Close();
 
        MonitorBtn.Text = "开始监听";
    }
 
}

2.内容部分

 public void Device_OnPacketArrival(object sender, PacketCapture e)
 {
     rawPacket = e.GetPacket();
 
     //--------------------------------------------------------------------------
     var packet = PacketDotNet.Packet.ParsePacket(rawPacket.LinkLayerType, rawPacket.Data);
     var tcpPacket = packet.Extract<PacketDotNet.TcpPacket>();// 如果是TCP协议的数据包，则提取TcpPacket对象，否则为null
     var udpPacket = packet.Extract<PacketDotNet.UdpPacket>(); // 如果是UDP协议的数据包，则提取UdpPacket对象，否则为null
 
 
     //提取端口号
     if (tcpPacket != null)
     {
         ipPacket = (IPPacket)tcpPacket.ParentPacket;
 
         var sourcePort = tcpPacket.SourcePort; // 源端口号（TCP协议）  
         destinationPort = tcpPacket.DestinationPort; // 目标端口号（TCP协议）  
 
         // 提取校验和
         var checksum = tcpPacket.Checksum;
         //Console.WriteLine($"源端口: {sourcePort}, 目标端口: {destinationPort}");
         //Console.WriteLine("校验和: " + checksum);
 
 
         if (tcpPacket.PayloadData != null)
         {
             // 提取载荷
             payload = Encoding.ASCII.GetString(tcpPacket.PayloadData);
         }
         else
         {
             payload = "无可用有效载荷";
         }
 
     }
     else if (udpPacket != null)
     {
         ipPacket = (IPPacket)udpPacket.ParentPacket;
 
         var sourcePort = udpPacket.SourcePort; // 源端口号（UDP协议）  
          destinationPort = udpPacket.DestinationPort; // 目标端口号（UDP协议）  
 
         // 提取校验和
         var checksum = udpPacket.Checksum;
         //Console.WriteLine($"源端口: {sourcePort}, 目标端口: {destinationPort}");
         //Console.WriteLine("校验和: " + checksum);
     }
 
     if (ipPacket != null)
     {
         // 提取IP地址
         var sourceIpAddress = ipPacket.SourceAddress;
         var destinationIpAddress = ipPacket.DestinationAddress;
 
         // 提取协议类型
         var protocolType = ipPacket.Protocol;
 
         // 提取TTL
         var ttl = ipPacket.TimeToLive;
 
 
         // 提取MAC地址
         var ethernetPacket = packet.Extract<EthernetPacket>();
         var sourceMacAddress = ethernetPacket.SourceHardwareAddress;
         var destinationMacAddress = ethernetPacket.DestinationHardwareAddress;
 
         // 提取时间戳
         var timestamp = rawPacket.Timeval.Date;
 
         // 提取传输数据
         var data = rawPacket.Data;
    }
 
//此为将抓取的数据包中的内容转换为ASCII码形式
    string sum1111 = "";
if (tcpPacket != null && tcpPacket.PayloadData != null)
{
    for (int i = 1; i <= tcpPacket.PayloadData.Length; i++)
    {
        if (tcpPacket.PayloadData[i - 1] >= 33 && tcpPacket.PayloadData[i - 1] <= 126)
        {
            sum1111 += Encoding.ASCII.GetString(new byte[1] { tcpPacket.PayloadData[i - 1] });
        }
        else
        {
            //sum1111 += tcpPacket.PayloadData[i - 1].ToString();
            sum1111 += ".";
        }
    }
}
else if (udpPacket != null && udpPacket.PayloadData != null)
{
    for (int i = 1; i <= udpPacket.PayloadData.Length; i++)
    {
        if ((udpPacket.PayloadData[i - 1] >= 33 && udpPacket.PayloadData[i - 1] <= 126))
        {
            sum1111 += Encoding.ASCII.GetString(new byte[1] { udpPacket.PayloadData[i - 1] });
        }
        else
        {
            //sum1111 += tcpPacket.PayloadData[i - 1].ToString();
            sum1111 += ".";
        }
    }
 
if (FindSubstring(sum1111, "http") != null || FindSubstring(sum1111, "www") != null || FindSubstring(sum1111, "com") != null || FindSubstring(sum1111, "cn") != null)
{
    if(DataListGridView.Rows.Count != 0)
    {
        if(DataListGridView.CurrentRow.Index != -1)
        {
            rowsSele = DataListGridView.CurrentRow.Index;
            if (sourceIpAddress.ToString() == DataListGridView.Rows[DataListGridView.CurrentRow.Index].Cells[1].Value.ToString())
            {
                this.Invoke(new Action(() =>
                {
                    textBox1.Text += "源IP地址: " + sourceIpAddress + "\r\n";
                    textBox1.Text += "目标IP地址: " + destinationIpAddress + "\r\n";
                    textBox1.Text += "目标MAC地址: " + destinationMacAddress + "\r\n";
                    textBox1.Text += "目标端口: " + destinationPort.ToString() + "\r\n";
                    textBox1.Text += "时间戳: " + timestamp + "\r\n";
                    textBox1.Text += "传输数据: " + sum1111 + "\r\n";
                    textBox1.Text += "----------------------------------------------------------" + "\r\n";
                    textBox1.Text += "\r\n";
 
                    textBox1.SelectionStart = textBox1.Text.Length;
                    textBox1.ScrollToCaret();
                }));
            }
        }
    }
}
}

此为我所编写源代码    后面可以下载我所上传资源直接查看程序会更加的清晰明了

资源下载链接：https://download.csdn.net/download/m0_54169323/88881319?spm=1001.2014.3001.5501