|
Raw Packet Sniffer (Bugs Fixed)
|
Email
|
| Submitted on: |
7/1/2003 10:16:09 AM |
| By: |
IRBMe
|
| Level: |
Intermediate |
| User Rating: |
By 92 Users |
| Compatibility: |
VB 5.0, VB 6.0 |
| Views: |
94357 |
|
(About the author) |
|
|
|
This is an update to the first packet sniffer I submitted yestarday. It got alot of good feedback so I decided to resubmitt it with all the bugs fixed. It currently has support for 3 protocols (TCP, UDP and ICMP) and can very easily be expanded to include more. The packet sniffer itself is wrapped in a very object oriented fashoin allowing you to just plug it right into your own apps. NOTICE: This will only work on OS' with raw socket support (Windows XP/2000/NT) with root access (admin privilages).
|
 |
| |
|
 Download code
Note: Due to the size or complexity of this submission, the author has submitted it as a .zip file to shorten your download time. Afterdownloading it, you will need a program like Winzip to decompress it.Virus note:All files are scanned once-a-day by Planet Source Code for viruses, but new viruses come
out every day, so no prevention program can catch 100% of them. For your own safety, please:
- Re-scan downloaded files using your personal virus checker before using it.
- NEVER, EVER run compiled files (.exe's, .ocx's, .dll's etc.)--only run source code.
- Scan the source code with Minnow's Project Scanner
If you don't have a virus scanner, you can get one at many places on the net
including:McAfee.com
|
Terms of Agreement:
By using this code, you agree to the following terms...
- You may use
this code in your own programs (and may compile it into a program and distribute it in compiled format for languages that allow it) freely and with no charge.
- You MAY NOT redistribute this code (for example to a web site) without written permission from the original author. Failure to do so is a violation of copyright laws.
- You may link to this code from another website, but ONLY if it is not wrapped in a frame.
- You will abide by any additional copyright restrictions which the author may have placed in the code or code's description.
|
Other 24 submission(s) by this author
|
|
Report Bad Submission
|
Your Vote
|
| |
Other User Comments
|
 7/1/2003 1:18:17 PM: Carlos Bomtempo
What can I say?
(If this comment was disrespectful, please report it.)
|
7/1/2003 1:29:45 PM: Coding Genius
The older version was at: http://www.planet-source-code.com/vb/scripts/showcode.asp?txtCodeId=46529&lngWId=1
Incase anybody is interesrted.
(If this comment was disrespectful, please report it.)
|
7/1/2003 2:03:17 PM: Christophe HUMBERT
Nice code, thanks ! Very usefull, et and educative ! 5 globes from me.
(If this comment was disrespectful, please report it.)
|
7/1/2003 10:42:39 PM: apidude
well done - thanks for the knowledge!
(If this comment was disrespectful, please report it.)
|
7/1/2003 10:45:09 PM: Thushan Fernando
we'll i dont know why sherif has voted p00r, i think this is a great submission... 5 globes as deserved...
(If this comment was disrespectful, please report it.)
|
7/1/2003 10:48:30 PM: Coding Genius
as I already explained, he has some kind of grudge against me, although he'll deny it. But thanks for the support guys ;)
(If this comment was disrespectful, please report it.)
|
7/2/2003 2:15:17 AM: Ultimatum
Unfortunately, the world of software engineering is plagued with grudges. I say stick with the people that know more than you. Learn something. =) As for this code, I have now learned something. Thank you. =)
(If this comment was disrespectful, please report it.)
|
7/2/2003 7:28:42 AM: Eric O''Sullivan
if ye both ignored each other ye wouldn't have any reason to complain :)
Anyway, five from me
(If this comment was disrespectful, please report it.)
|
7/2/2003 8:30:56 AM: Daniel Pramel
Hi Chris aka Genius*g*
Don't worry abozt this people how are votinmg poor. i got the same with my old remotecontrolcode. immediately as it was one of the top codes in the hall of fame, there were a few people which used 4 or 5 different usernames just to vote poor for me. i do not know why they did so, but simply keep in mind that a lot of people are loving your unique code. thats the most imprtant thing.
and now i will exanmine your new version :-)
greetings from germany,
Daniel
(If this comment was disrespectful, please report it.)
|
7/2/2003 2:43:03 PM: KarahaNa
very good job! 5 stars
(If this comment was disrespectful, please report it.)
|
7/2/2003 3:41:01 PM: Coding Genius
sherif...when I delete your comment it
means I don't want it on my submission.
Advertising your code on my submission
is not acceptable. Now if you continue
to repost it, I'll ask PSC to deal with
it. So kindly piss off and leave me along I don't bother you.
(If this comment was disrespectful, please report it.)
|
7/2/2003 6:06:25 PM: Wilksey!
Brilliant Code!!
See if u can make it capture and modify outgoing packets, so u can change the info on the packet header, I dont know if it can be done in Windows, but if anyone can, u can!!
Cheers
Wilksey
(If this comment was disrespectful, please report it.)
|
7/2/2003 6:11:32 PM: eXQue
CG,
A solid application again. May others learn to not to be bitter on ones success of ones coding skills.
(If this comment was disrespectful, please report it.)
|
7/2/2003 6:12:34 PM: Coding Genius
thanks :)
(If this comment was disrespectful, please report it.)
|
7/5/2003 5:29:01 PM: Knoton
Thank you Coding Genius for providing me with excellent coding examples to learn from. You have teached me a lot.
I have´nt seen this code yet and normally I only rate the code, no matter the personality of the submitter. But today I gonna make an exception and give you 5 globes just for being so nice to all of us providing us with great coding examples to learn from :-)
(If this comment was disrespectful, please report it.)
|
7/7/2003 5:28:59 AM: Dream
I gave Sherif Rofael a poor vote on what I thought was a poor submission and he searched my name and did a little poor voting himself... on my submissions! What a lamer.
(If this comment was disrespectful, please report it.)
|
7/7/2003 9:33:40 AM: Coding Genius
The truth hurts for some people.
(If this comment was disrespectful, please report it.)
|
7/7/2003 10:28:05 PM: BattleStorm
I guess we will see how you will win this months coding contest with this great peice of code and Sherif will win the Darwin award with his un-ending stvpidity ;)
(If this comment was disrespectful, please report it.)
|
7/7/2003 10:45:58 PM: Intrepid Software
hmm this code seems VERY similar to other submissions on other coding sites are you sure this is original?
(If this comment was disrespectful, please report it.)
|
7/7/2003 10:50:16 PM: Coding Genius
I learned how to use raw sockets from a good friend of mine named gridrun. You'll find obviously that code from projects which do the same will by nature look similar. But I can assure you that I have written everything there by hand myself. I know for sure that I have and so have no fear of asking you to reproduce the exact same code from elsewhere. Really, go ahead. I know I this is my own work so I'm inviting you =)
(If this comment was disrespectful, please report it.)
|
7/8/2003 4:27:37 AM: Eric O''Sullivan
ooo, a challange! ;-) lol
(If this comment was disrespectful, please report it.)
|
7/11/2003 3:41:21 PM: Sebastian Gonzalez
---Messege in peace----avoid conflict--
Coding genius: Is there any way to modify outgoing packets?
-------------------thank you---------
(If this comment was disrespectful, please report it.)
|
7/11/2003 7:37:03 PM: CodeFester
CG- Nice work. Nobody cares though about this silly dispute. Frankly it wastes much space on this page. You guys should take this cat fight elsewhere. 5 ballz for the code though.
(If this comment was disrespectful, please report it.)
|
7/11/2003 8:42:44 PM: Coding Genius
Tell that to mr ''I'm going to flood the comment area because I'm a fu
(If this comment was disrespectful, please report it.)
|
7/11/2003 8:45:35 PM: Coding Genius
In answer to Sebastian Gonzalez, not with this code anyway. To modify outgoing packets you would have to hook the API calls or write a driver or something...I haven't really dabbled in that area yet.
(If this comment was disrespectful, please report it.)
|
7/13/2003 8:15:40 PM: Dream
*pops head up*
*says "Hello"*
*ducks for cover again* :)
(If this comment was disrespectful, please report it.)
|
7/18/2003 6:18:37 PM: coder86
I will write someting using my ENIGMA ENCRYPTION MACHING here:
ZMWTTPMBESDLUY!
(btw, ENIGMA is posted here on PSC, search for "coder86" :)
(If this comment was disrespectful, please report it.)
|
7/18/2003 9:25:58 PM: Coding Genius
What a cheap way of promoting your code on PSC - but oh well whatever works for ya.
(If this comment was disrespectful, please report it.)
|
7/18/2003 9:29:24 PM: Coding Genius
but thanks for the message anyway ''VERY_GOOD_CODE'' ;)
(If this comment was disrespectful, please report it.)
|
7/19/2003 6:54:09 AM: coder86
Why you let everybody know my secret message to ???!!!!
It should have been a secret!!
anyway, here is another secret message:
LYRITGUIPUUPAQJNE
try to figure out what it says without using my machine :)
(If this comment was disrespectful, please report it.)
|
7/19/2003 8:30:56 PM: Dream
What do you think about Cool FTP Client jumping back into third place everytime it drops to 5th or 6th? According to the vote log he recieved the same number of excellent votes on the 18th as he did the first day he posted it(that is b.s.), and check out the votes for the 17th also. This follows a spam email I recieved requesting to find votes for him to get 'My Name' on his programs credits.
(If this comment was disrespectful, please report it.)
|
7/21/2003 2:39:53 AM: coder86
I checked out your code!
Very neat! And use of assembly is great
(I'm specializing in 8086 though:)
Here are 5 stars from me!
(If this comment was disrespectful, please report it.)
|
7/21/2003 2:47:23 AM: yan f
I haven't try it because my computer doesn't support your code, by the way I 've see this work on my computer lab. And you got 5 globe from me ... ;-) ( sorry about the grammar )
(If this comment was disrespectful, please report it.)
|
7/23/2003 10:09:22 PM: Paul Snerf
Well done , as usual, and I only expect the best code from this person, as I know off hand how well he codes.
(If this comment was disrespectful, please report it.)
|
8/15/2003 9:25:00 AM:
When I used your packet-sniffer, I found that my computer is transmitting to an AOL IP address every second (24 hours a day). I am not an AOL user. Your sniffer indicated that the Source Port is 1026, the Dest Port is 6667, and the Data is shown as blank.
Can I assume that some AOL user is pinging my computer every second, and if so, why?
(If this comment was disrespectful, please report it.)
|
9/1/2003 6:59:00 AM: Tig Steele
Sweet code... I'm gonna have fun
with this.
Keep em coming
(If this comment was disrespectful, please report it.)
|
9/12/2003 3:04:54 PM:
Recieved :PPP thx for the code man, 5pts 4 ya!
(If this comment was disrespectful, please report it.)
|
9/14/2003 2:42:25 AM:
Nice code dude, hope you invent more application like this, thanks for sharing it!
(If this comment was disrespectful, please report it.)
|
9/20/2003 10:53:30 AM: CodeGenie
I get "WSAIoctl failed."
:-\
(If this comment was disrespectful, please report it.)
|
9/20/2003 3:14:37 PM:
Cool app. 5 *'s from me. Btw, is it okay if I use portion of ur code on my application?
-From Canada
Andy
(If this comment was disrespectful, please report it.)
|
9/26/2003 10:24:28 AM: Max Mouse
Greetings, just downloaded your code, and to my surprise it worked. heh, i didn't think writing a packet sniffer in Visual Basic was possible (my theorys on it encluded emu'ing the MS Windows Winsock control to redirect packet information), that'll piss the c(Variant) coders off. "You can't code a packet sniffer in vb! vb isn't even a programming language" yea.. ok..
Great code, iv'e learned alot from it, 5 globes :)
(If this comment was disrespectful, please report it.)
|
10/27/2003 5:33:36 PM:
Hey Dude,
Great code, really helped me out alot.
Just one question, is there are way of sniffing the data that leaves the local PC ??
(If this comment was disrespectful, please report it.)
|
11/1/2003 4:29:07 AM: Deth
great code as usual, sorry im late :( my internet connection has been on the blink. anyway heres my belated 5 *... as for the user with the irc zombie id do a quick search for what apps are using what ports to get rid of it, as quickly as possible.
(If this comment was disrespectful, please report it.)
|
11/6/2003 3:06:38 PM: Coding Genius
For all those people who have e-mailed me asking how to sniff outbound traffic: No, it's not possible using this code to sniff outbound traffic. This code will only sniff incoming traffic. I tried to capture the FD_WRITE messages at the time of writing, as well as the FD_READ messages. But it didn't work at all. I think you would have to hook the Winsock API calls, Send and SendTo. This would capture most of the outbound data. Don't e-mail me about this though. I wouldn't be able to explain how to do it. Instead find some sample code for hooking API's by searching here on PSC, or on google or something.
(If this comment was disrespectful, please report it.)
|
11/9/2003 5:12:09 AM: Shazbot
crashes after 167 - 179 packets everytime
(If this comment was disrespectful, please report it.)
|
11/10/2003 6:22:24 AM: Coding Genius
Well, I dunno how it could be doing that. I've tested it with 10's of thousands of packets before and it's never had a problem.
(If this comment was disrespectful, please report it.)
|
11/10/2003 6:02:37 PM: Shazbot
ok it seems it only happens while is was dling at full speed 30KB/sec
(If this comment was disrespectful, please report it.)
|
11/20/2003 3:45:15 AM:
this is exactly what i was looking for - and in vb too!
(If this comment was disrespectful, please report it.)
|
11/23/2003 12:11:21 PM: UnholyAngl
Nice code, is it possible to create new, modify and block packets?
I need this in order to prevent attacks made by destructive individuals attacking my game servers, tho I cannot figure out how to do so.
When I say create new, for example, say we were hacking AIM, we make it believe it received a packet from the server allthough it didn't...
(If this comment was disrespectful, please report it.)
|
11/30/2003 11:07:08 AM: Jerome Scott II
it would be even nicer if it could veiw outgoing packets :p
(If this comment was disrespectful, please report it.)
|
1/21/2004 1:54:24 PM: HH
GREAT WORK!!!!!!!!
This is the first packet sniffer i have seen in vb
GREAT WORK!!!!
(If this comment was disrespectful, please report it.)
|
2/14/2004 6:44:55 PM: PhoeX
really great work...
I realy need a packet generator.
With winsock api..
IRBMe can you help me with this??
I want a code to genarete raw tcp packet and it has to calculate the checksum....
can someone help me??
(If this comment was disrespectful, please report it.)
|
3/23/2004 4:59:11 PM:
Is it okay if I use (partions of) your code in a commercial application?
(If this comment was disrespectful, please report it.)
|
4/5/2004 11:19:02 PM: o0x0o_overload_o0x0o
amazing, i love it
(If this comment was disrespectful, please report it.)
|
5/28/2004 9:06:09 PM:
I gotta admit it, its wonderful.
But id like to catch outgoing packets and for some reazon it crashes sometimes.
Anyway i give u 5 stars
(If this comment was disrespectful, please report it.)
|
5/29/2004 6:41:48 PM:
hey, this code is great!!!
but if there r too much traffic in net the prog fills the memory and my pc gets slow, i'd like that the prog can flush the older results to give space to new packets captured, i hope u can fix that Coding Genious
(If this comment was disrespectful, please report it.)
|
5/31/2004 6:33:39 AM: IRBMe
The funny thing is, after I switched my NIC drivers, it now captures outgoing packets for me. *shrug*
(If this comment was disrespectful, please report it.)
|
6/1/2004 11:22:34 PM:
Good job.
(If this comment was disrespectful, please report it.)
|
9/25/2004 9:44:13 AM:
nice code but i need help from u can u tell me how to i only read one port at a time e.g 1863 :)
(If this comment was disrespectful, please report it.)
|
9/25/2004 9:44:22 AM:
nice code but i need help from u can u tell me how to i only read one port at a time e.g 1863 :) or another
(If this comment was disrespectful, please report it.)
|
9/25/2004 10:11:45 AM: IRBMe
If port = 1863 then
' display it
else
' discard it
end if
(If this comment was disrespectful, please report it.)
|
10/11/2004 12:10:25 PM:
Awesome code. You've saved me weeks of research by posting your code alone! We need more developers like you.
(If this comment was disrespectful, please report it.)
|
11/18/2004 11:48:45 PM:
Thats some really good code m8. Please do keep up the good work. I learnt soo much from your example its not funny.
Rating: Excellent
Keep up the good work ;)
(If this comment was disrespectful, please report it.)
|
12/7/2004 11:53:12 AM: Brett L.V.
I cant get the sendpacket function of the TCPDriver to work!! I cant make a corrent header and stuff, HELP!!
(If this comment was disrespectful, please report it.)
|
12/7/2004 12:27:00 PM: IRBMe
Yeah that's just there for experimental purposes. It's not actually used. I doubt it would work on Windows XP service pack 2 anyway.
(If this comment was disrespectful, please report it.)
|
12/7/2004 6:13:33 PM: Mind Beast
Coding Genius....you ARE a Coding Genius!!!
This is some really nice clean code!!
Can I reuse this code in my own app if I give you credit??
Also, to all who want it the program to do something different, write it yourself! The code is nicely done, you should have no problem modifying it.
Thanks,
Russell
(If this comment was disrespectful, please report it.)
|
1/6/2005 8:57:41 AM: Richard Mewett
Great code & well executed interface. 5 * from me
(If this comment was disrespectful, please report it.)
|
1/16/2005 12:54:32 PM:
What about outgoing packets?
(If this comment was disrespectful, please report it.)
|
1/17/2005 7:08:53 AM: IRBMe
Read the comments above. In summary: outgoing packets - for some people it works, for some people it doesn't. it never used to work for me, then i switched network drivers (I didn't change the actual card) and suddenly it worked, so at least one of the factors is your network driver.
(If this comment was disrespectful, please report it.)
|
2/14/2005 5:02:43 PM:
nice. i've already applied this code into a full packet sniffer using seperators such as IP/port/Host/Application. if you'd like the code i've written to combine both your code and the Application that the data is coming to i'll send it to you. I'd vote, but my ex would kill me ;)
(If this comment was disrespectful, please report it.)
|
2/14/2005 5:08:27 PM:
by the way in response to other users messages of crashes after certain packets. you have to remember guys this is a complicated code that does not use external C++ DLL's VB is slower than your average Assembly application ;) and uses a great amount of subroutines that are not visible to the coder. So dont complain if it crashes. It is an outstanding source and should be poked and prodded, because lets face it... CodingGenius has been around nearly as long as i have, and he knows his code :).. on that note mine too crashed on 1500mbps and was completely grilled on my 1gbps FreeBSD box. most likely due to the shell i ran it through.. plus about the 50mb/s worth of packets it was hit with :P
~ Slixxor
(If this comment was disrespectful, please report it.)
|
3/8/2005 3:39:10 AM:
Thank you very much!
I'm a beginer in Visual Basic Program! So can you show me how to write a simple packet capture which is more simple!
Thank you vare much!
(If this comment was disrespectful, please report it.)
|
3/14/2005 6:44:39 AM:
Hey this is excellent peice of code.
It would be better if you send me some documents using which I can understand the code used.
pls send it to
ilan_blitz@yahoo.co.in
(If this comment was disrespectful, please report it.)
|
6/14/2005 2:54:50 PM: Kerry Kevin McCullough
Outstanding coding. This is a great example of someone who knows what they are doing. I noticed it lacks a lot of comments, but frankly if you are going to look at this code at all, you better know your way around VB. Anyway, I love it. I use CommView for my packet sniffer, but sometimes it crashes for reasons I already know, but if I may convert this to c++ and add some features like outbound packets and filtering, then I will use this hands down. 5 Big ones from me.
(If this comment was disrespectful, please report it.)
|
8/1/2005 11:27:52 AM: Stephen
Been programming for years and I'm always happy to learn something new. Thanks for the lesson and the sharing.
Brilliant ! ! !
(If this comment was disrespectful, please report it.)
|
8/21/2005 5:15:12 PM: Visual Basic Beginner
This is the the only free packet sniffer I found that actuallt does what I want it to do. You should sell this!
(If this comment was disrespectful, please report it.)
|
9/27/2005 10:29:17 AM: Filipe Camizão Lage
Any idea why this doesn't work with wireless (802.11g for example) connections? I've tried the app, but only works with my wired (100mbps) lan. If I try to bind to the wireless adapted, it fails with "WSAIoctl failed".
(If this comment was disrespectful, please report it.)
|
1/19/2006 12:44:38 AM: Very Good
good!
(If this comment was disrespectful, please report it.)
|
9/2/2006 6:22:36 AM: TheGambler
Simply excellent code, but unless i'm missing something it only monitors incoming packets.
(If this comment was disrespectful, please report it.)
|
9/11/2006 6:33:17 AM: Matthew
nice
(If this comment was disrespectful, please report it.)
|
10/11/2006 10:52:28 AM: CHARANYA
hey, this code is not working in my lab.....error is displayed...."failed to bind socket"......why..it won't work in lab....is there problem with college ip address.......
(If this comment was disrespectful, please report it.)
|
10/21/2006 11:32:17 PM: Priyan R
Great!
(If this comment was disrespectful, please report it.)
|
11/23/2006 1:22:10 AM: Garry
I also got an error but since I'm new I'll see if it's because I'm old and blind or not. The error was "WSAIoctl failed!"
am I missing something?
(If this comment was disrespectful, please report it.)
|
11/23/2007 2:48:17 PM: Fast VB Coders
Excellent code from expert developer, 5 globes from me..
(If this comment was disrespectful, please report it.)
|
3/10/2008 8:29:20 AM: Niraj
Simply excellent code, but unless i'm missing something it only monitors incoming packets.
(If this comment was disrespectful, please report it.)
|
8/20/2008 5:24:34 AM: Ricardo E.
For any reason it shows only outgoing packets, it is... it won't show the incomming packets (only shows that one pack has come, but no data...). I'm using Win XP SP2. Any idea of what's going on?
(If this comment was disrespectful, please report it.)
|
1/24/2012 8:01:48 AM: Adeel
Can anybody tell me, how to find out the port on which the data has arrived?
(If this comment was disrespectful, please report it.)
|
9/10/2012 10:54:05 AM: TSHsoft
this is great! but i have a question, how can make the negative port number to correctly port number? thanks...
(If this comment was disrespectful, please report it.)
|
1/3/2013 9:57:41 AM: Drawer
This is the best sniffer with open source for VB!
is there a way to work with Wi-Fi?
(If this comment was disrespectful, please report it.)
|
6/19/2013 12:22:42 PM: dani
very good
(If this comment was disrespectful, please report it.)
|
Add Your Feedback
Your feedback will be posted below and an email sent to
the author. Please remember that the author was kind enough to
share this with you, so any criticisms must be stated politely, or they
will be deleted. (For feedback not related to this particular code, please
click here instead.)
To post feedback, first please login.
|
