我使用PcapDotnet包装器来获取嗅探包,但它只显示了ip raw包 例如,在客户端,我发送该数据包
client_.Send(ASCIIEncoding.ASCII.GetBytes("test"));
在服务器端我希望捕获"测试"但是packet.Buffer显示不同的66个字节。我可以得到" test"包?
private static void PacketHandler(Packet packet)
{
IpV4Datagram ip = packet.Ethernet.IpV4;
TcpDatagram tcp = ip.Tcp;
if (tcp.DestinationPort == 28001 || tcp.SourcePort == 28001)
{
File.AppendAllText("return.txt", ASCIIEncoding.ASCII.GetString(packet.Buffer));
Console.WriteLine(ip.Source + ":" + tcp.SourcePort + " -> " + ip.Destination + ":" + tcp.DestinationPort);
}
}
答案 0 :(得分:1)
File.AppendAllText("return.txt", ASCIIEncoding.ASCII.GetString(packet.Buffer));
正在打印所有二进制文件,包括IPv4标头和TCP标头。
尝试:
File.AppendAllText("return.txt", ASCIIEncoding.ASCII.GetString(tcp.Payload??));