使用Xcap发送网络数据包
官網:http://xcap.weebly.com/
Description
Xcap is a windows based packet generator & sender tool, you can use it to create a packet, then send it through a specified interfaces on you computer.
xcap's functionality:
-
Constructing packet
-
Sending packet through networking interface
where xcap can be used:
-
networking stack test
-
ethernet device test
-
networking protocol training
Now it supports a lot of protocols, including:
1. Arp/ipv4/ipv6/icmpv4/icmpv6/tcp/udp/udplite/igmp
2. mpls/pppoe/gre
3. rsvp/l2tp/radius/snmp/esp/ah
4. rip/ripng/pim/ospf/igrp/vrrp
5. 802.3/8021x
6. l2 switch protocl, such as stp/lacp
7. other l2/l3 protocols
How to run this tool:
1. you should install winpcap 4.0.2 or higher version at first, if you have already installed wireshark, that is OK.
2. download the zip file
3. unzip it
4. double click xcap.exe
5. please read help(in menu help) at first
What you can do through this tool:
1. create a packet by a packet creating wizard, edit any byte in this packet, to create a packet, you should create a packet group at first, then create new packet in this packet group, double click the new created packet, follow the wizard to complete the packet
2. send the packet you created, you should refresh all interfaces in your computer, you can select one interface and start it, then in the packet group panel, select this interface to send the packets you created.
3. create ipv4&ipv6 fragments, you can create a long packet(can not exceed 16K bytes), then right click the packet, click "create fragments", input length for each fragment, this tool will divid the long packet into some fragments.
4. browse the packet by wireshark, when you create some packets in this tool, if you have installed wireshark in you computer, you can browse this packet in wireshark, to use this function, you should choolse "auto" in system tab in configuration dialog, right on packet group or packet, click "view" command to browse this packet in wireshark.
使用
1. 抓取報文
1) 點擊主界面工具欄中的“刷新列表”按鈕(或對應菜單“接口->刷新接口”),所有接口會列在左側窗口中,選中要使用的接口。?
2) 點擊工具欄中的“啟動接口”按鈕,接口啟動。
3) 點擊工具欄中的“開始抓包按鈕”,應用程序進入網絡監聽狀態。
4) 分析報文
2. 構造報文
報文隸屬于報文組,每個報文組包含多個報文,因此,創建報文首先要創建報文組,點擊菜單“報文組->創建報文組”或工具欄中創建報文組按鈕,在彈出的對話框中輸入報文組名稱,確定后,在窗口左側列表中可以看到自己創建的報文組,鼠標點擊這個報文組,右側窗口出現報文組
1)創建報文組,可點擊菜單“報文組/創建報文組”,輸入報文組名稱,確定。
2)在左側窗口中選擇已創建的報文組,右側窗口顯示該報文組的界面。
3)在右側界面中點擊“+”按鈕,創建一個報文,輸入名稱。
4)雙擊已創建的報文,出現報文配置向導,首頁為以太網頭部。
5)輸入目的MAC和源MAC。源MAC隨便填寫,目的MAC可填寫Ubuntu虛擬機MAC,Type中選中“EthernetII”,下拉框選擇“0x0800 (IPv4)”。
6)點擊下一步,出現Ipv4頭部頁面,輸入源IP(隨便寫一個IP地址:192.168.0.33)和目的IP(填寫虛擬機的IP:192.168.0.107),protocol選擇“UDP”。
7)點擊下一步,出現UDP頁面,源端口10001,目的端口填寫“10002”,paylod type 選擇custom。
8)填充data,設置長度10,修改data。
9)點擊下方的保存和關閉按鈕,報文創建成功。
3. 發送報文
1) 獲取接口列表。點擊主界面工具欄中的“刷新列表”按鈕(或對應菜單“接口->刷新接口”),所有接口會列在左側窗口中,選中要使用的接口。
2) 啟動接口。選擇一個接口,點擊工具欄中的“啟動接口”按鈕,接口啟動。
3) ?發送報文。選中剛剛創建的報文組,選擇報文,在接口中選擇剛剛啟動的接口,點擊循環發送。
4)可在Ubuntu中使用tcpdump -i ens33 udp命令查看收到的報文。
注:紅框內依次為:發送報文,循環發送,選擇接口。
總結
以上是生活随笔為你收集整理的使用Xcap发送网络数据包的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: Linux ping的原理与实现
- 下一篇: GRE tunnel源码分析之发送流程