在C语言中的Linux中使用原始套接字进行数据包嗅探 [英] Packet Sniffing using Raw Sockets in Linux in C
问题描述
我需要在Linux中编写一个数据包嗅探器,以检测发送的HTTPS数据包并保存请求中的url.我在安全漏洞中找到了相应的代码并运行了它.此代码运行,并且仅嗅探接收到的数据包,但我需要在嗅探器中获取发送的数据包. 如何获得此代码中发送的数据包?
I need to write a packet sniffer in Linux that detects HTTPS packet that are sent and save the url from the request. I found code for this in security-freak and ran it. This code runs and only sniffs the received packet but I need to get the sent packet in the sniffer. How do I get the sent packet in this code?
我不能使用任何类似libcap的库(禁止使用). 代码是: sniffer.c
I can't use any library like libcap (forbidden). The code is :sniffer.c
推荐答案
您应该使用ETH_P_ALL而不是ETH_P_IP作为协议. ETH_P_IP仅侦听传入的IP数据包.
You should be using ETH_P_ALL instead of ETH_P_IP as the protocol. ETH_P_IP only listens for incoming IP packets.
这篇关于在C语言中的Linux中使用原始套接字进行数据包嗅探的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!