错误 802.11 数据包嗅探在 Windows 上 – gopacket

huangapple go评论104阅读模式
英文:

Error 802.11 packet sniffing on Windows - gopacket

问题

这是代码:

package main

import (
	"fmt"
	"github.com/google/gopacket"
	"github.com/google/gopacket/pcap"
)

func main() {
	handle, err := pcap.OpenLive("\\Device\\NPF_{d6194530-0e27-4c84-b489-2cfe18d4af24}", 65536, true, pcap.BlockForever)
	if err != nil {
		fmt.Println(err)
	}
	defer handle.Close()

	packets := gopacket.NewPacketSource(handle, handle.LinkType())
	for packet := range packets.Packets() {
		fmt.Println(packet)
	}
}

我有一台启用了网络卡监控功能的Windows计算机,使用Wireshark或Scapy(monitor = True)可以嗅探数据包,但使用gopacket却无法。我尝试使用"wlanhelper "Wi-Fi" mode monitor"命令启用监控模式,返回"Success",但运行代码时没有任何错误。只有在非监控模式下或嗅探回环时才能正常工作。似乎gopacket没有像Scapy那样的函数来启用监控模式,我不太清楚。请帮助我找到在Windows上启用gopacket的monitor模式的解决方案。

英文:

This is the code:

package main

import (
	"fmt"
	"github.com/google/gopacket"
	"github.com/google/gopacket/pcap"
)

func main() {
	handle, err := pcap.OpenLive("\\Device\\NPF_{d6194530-0e27-4c84-b489-2cfe18d4af24}", 65536, true, pcap.BlockForever)
	if err != nil {
		fmt.Println(err)
	}
        defer handle.Close()

	packets := gopacket.NewPacketSource(handle, handle.LinkType())
	for packet := range packets.Packets() {
		fmt.Println(packet)
	}
}

I have a computer with network card monitoring enabled and windows, with wireshark or scapy (with monitor = True) I can sniff packets, but not with gopacket.
I start to enable monitor mode with "wlanhelper "Wi-Fi" mode monitor" and it returns "Success", when I run the code there is no error whatsoever.
Sniffing only works when I'm not in monitor mode or I'm sniffing the loopback.
Apparently there is no function to enable monitor mode on gopacket like scapy, i don't know.
help me pls

get me the solution for enable monitor mode in gopacket (windows)

答案1

得分: 0

你是否可以尝试使用参数true调用(*InactiveHandle).SetRFMon函数?以下是示例代码:

package main

import (
	"fmt"

	"github.com/google/gopacket"
	"github.com/google/gopacket/pcap"
)

func main() {
	inactive, err := pcap.NewInactiveHandle("\\Device\\NPF_{d6194530-0e27-4c84-b489-2cfe18d4af24}")
	if err != nil {
		panic(err)
	}
	defer inactive.CleanUp()

	// 调用各种函数来设置inactive的配置:
	must(inactive.SetRFMon(true))
	must(inactive.SetSnapLen(65536))
	must(inactive.SetPromisc(true))
	must(inactive.SetTimeout(pcap.BlockForever))

	// 最后,通过调用Activate创建实际的handle:
	handle, err := inactive.Activate() // 之后,inactive将不再有效
	if err != nil {
		panic(err)
	}
	defer handle.Close()

	packets := gopacket.NewPacketSource(handle, handle.LinkType())
	for packet := range packets.Packets() {
		fmt.Println(packet)
	}
}

func must(err error) {
	if err != nil {
		panic(err)
	}
}

希望对你有帮助!

英文:

Does calling (*InactiveHandle).SetRFMon with parameter true work for you?

package main

import (
	"fmt"

	"github.com/google/gopacket"
	"github.com/google/gopacket/pcap"
)

func main() {
	inactive, err := pcap.NewInactiveHandle("\\Device\\NPF_{d6194530-0e27-4c84-b489-2cfe18d4af24}")
	if err != nil {
		panic(err)
	}
	defer inactive.CleanUp()

	// Call various functions on inactive to set it up the way you'd like:
	must(inactive.SetRFMon(true))
	must(inactive.SetSnapLen(65536))
	must(inactive.SetPromisc(true))
	must(inactive.SetTimeout(pcap.BlockForever))

	// Finally, create the actual handle by calling Activate:
	handle, err := inactive.Activate() // after this, inactive is no longer valid
	if err != nil {
		panic(err)
	}
	defer handle.Close()

	packets := gopacket.NewPacketSource(handle, handle.LinkType())
	for packet := range packets.Packets() {
		fmt.Println(packet)
	}
}

func must(err error) {
	if err != nil {
		panic(err)
	}
}

huangapple
  • 本文由 发表于 2023年5月22日 21:28:19
  • 转载请务必保留本文链接:https://go.coder-hub.com/76306705.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定