Maelstrom Posted August 28, 2014 Share Posted August 28, 2014 Hello all, Today I got bored, and decided to try and make a wireshark imposter in autoit. I have no idea why I had to do it, I just know I had to. So I got started, and found the WinPcap UDF for autoit. I got started with it, but I am having some problems with it, that I cannot figure out. This code should throw me the string that contains the current data for the devices that WinPcap can listen on: #include <Winpcap.au3> #include <Array.au3> $start = _PcapSetup() $devices = _PcapGetDeviceList() MsgBox(0, "Winpcap test", _ArrayToString($devices)) But it returns me a blank array, obviously not the usable driver list. Could someone help me out here, I am having som trouble lol. Link to comment Share on other sites More sharing options...
JohnOne Posted August 28, 2014 Share Posted August 28, 2014 (edited) Why do you think that code should "throw you the string"? I why do you think it's funny that you are "having som trouble"? EDIT; There was a winpcap udf on here but I cannot find it any more. Edited August 28, 2014 by JohnOne AutoIt Absolute Beginners Require a serial Pause Script Video Tutorials by Morthawt ipify Monkey's are, like, natures humans. Link to comment Share on other sites More sharing options...
Maelstrom Posted August 29, 2014 Author Share Posted August 29, 2014 Why do you think that code should "throw you the string"? I why do you think it's funny that you are "having som trouble"? EDIT; There was a winpcap udf on here but I cannot find it any more. Sorry if I wasn't clear. Forgive me, english is not my first language. My problem is simple. Two functions from the winpcap UDF are not working the way expected by me. This is the _PcapSetup() function Func _PcapSetup() ; return WinPCAP version as full text or -1 if winpcap is not installed, and opens dll If Not FileExists(@SystemDir & "\wpcap.dll") Then return -1 global $Pcap_dll=DllOpen ( @SystemDir & "\wpcap.dll" ) global $Pcap_errbuf = DLLStructCreate("char[256]") Global $Pcap_ptrhdr=0 Global $Pcap_ptrpkt=0 Global $Pcap_statV ; Total volume captured Global $Pcap_statN ; Total number of packets captured Global $Pcap_starttime ; Start time of Capture global $Pcap_timebias = (2^32 - RegRead("HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\TimeZoneInformation", "ActiveTimeBias")) * 60 Local $v = DllCall($Pcap_dll, "str:cdecl", "pcap_lib_version") if (@error > 0) Then return -1 return $v[0] EndFunc This is the _PcapGetDeviceList expandcollapse popupFunc _PcapGetDeviceList() ; returns 2D array with pcap devices (name;desc;mac;ipv4_addr;ipv4_netmask;ipv4_broadaddr;ipv6_addr;ipv6_netmask;ipv6_broadaddr;flags) or -1 if error Local $alldevs=DLLStructCreate("ptr") Local $r=DllCall($Pcap_dll, "int:cdecl", "pcap_findalldevs_ex", "str", "rpcap://", "ptr", 0, "ptr", DllStructGetPtr($alldevs), "ptr", DllStructGetPtr($Pcap_errbuf)) if (@error > 0) Then return -1 if $r[0]=-1 Then return -1 Local $next=DllStructGetData($alldevs,1) Local $list[1][14] Local $i=0; while ($next<>0) Local $pcap_if = DllStructCreate("ptr next;ptr name;ptr desc;ptr addresses;uint flags",$next) Local $len_name = DllCall("kernel32.dll", "int", "lstrlen", "ptr", DllStructGetData($pcap_if,2)) Local $len_desc = DllCall("kernel32.dll", "int", "lstrlen", "ptr", DllStructGetData($pcap_if,3)) $list[$i][0]=DllStructGetData(DllStructCreate("char["&($len_name[0]+1)&"]",DllStructGetData($pcap_if,2)),1) $list[$i][1]=DllStructGetData(DllStructCreate("char["&($len_desc[0]+1)&"]",DllStructGetData($pcap_if,3)),1) Local $next_addr=DllStructGetData($pcap_if,"addresses") ; retrieve mac address Local $device=StringTrimLeft($list[$i][0],8) Local $snames = DllStructCreate("char Name["&(StringLen($device)+1)&"]") DllStructSetData($snames,1,$device) Local $handle=DllCall("packet.dll", "ptr:cdecl", "PacketOpenAdapter", "ptr", DllStructGetPtr($snames)) If IsPtr($handle[0]) Then Local $packetoiddata = DllStructCreate("ulong oid;ulong length;ubyte data[6]") DllStructSetData($packetoiddata,1,0x01010102) ; OID_802_3_CURRENT_ADDRESS DllStructSetData($packetoiddata,2,6) Local $status=DllCall("packet.dll", "byte:cdecl", "PacketRequest", "ptr", $handle[0],"byte",0,"ptr",DllStructGetPtr($packetoiddata)) If $status[0] Then Local $mac=DllStructGetData($packetoiddata,3) $list[$i][6]=StringMid($mac,3,2)&":"&StringMid($mac,5,2)&":"&StringMid($mac,7,2)&":"&StringMid($mac,9,2)&":"&StringMid($mac,11,2)&":"&StringMid($mac,13,2) EndIf Local $nettype = DllStructCreate("uint type;uint64 speed") $status=DllCall("packet.dll", "byte:cdecl", "PacketGetNetType", "ptr", $handle[0], "ptr", DllStructGetPtr($nettype)) If $status[0] Then $list[$i][5]=DllStructGetData($nettype,2) EndIf DllCall("packet.dll", "none:cdecl", "PacketCloseAdapter", "ptr", $handle[0]) EndIf ; retrieve lintypes Local $pcap=_PcapStartCapture($list[$i][0],"host 1.2.3.4",0,32) If IsPtr($pcap) Then Local $types=_PcapGetLinkType($pcap) If IsArray($types) Then $list[$i][2]=$types[0] $list[$i][3]=$types[1] $list[$i][4]=$types[2] EndIf _PcapStopCapture($pcap) EndIf ; retrieve ip addresses while $next_addr<>0 Local $pcap_addr = DllStructCreate("ptr next;ptr addr;ptr netmask;ptr broadaddr;ptr dst",$next_addr) Local $j,$addr For $j=2 to 4 $addr=_PcapSock2addr(DllStructGetData($pcap_addr,$j)) If StringLen($addr)>15 Then $list[$i][$j+8]=$addr ElseIf StringLen($addr)>6 Then $list[$i][$j+5]=$addr EndIf Next $next_addr=DllStructGetData($pcap_addr,1) Wend $list[$i][13]=DllStructGetData($pcap_if,5) $next=DllStructGetData($pcap_if,1) $i+=1 if $next<>0 Then Redim $list[$i+1][14] Wend DllCall($Pcap_dll, "none:cdecl", "pcap_freealldevs", "ptr", DllStructGetData($alldevs,1)) return $list EndFunc Does this clarify much for you? Link to comment Share on other sites More sharing options...
JohnOne Posted August 29, 2014 Share Posted August 29, 2014 What does _PcapSetup() return? AutoIt Absolute Beginners Require a serial Pause Script Video Tutorials by Morthawt ipify Monkey's are, like, natures humans. Link to comment Share on other sites More sharing options...
Maelstrom Posted August 30, 2014 Author Share Posted August 30, 2014 What does _PcapSetup() return? it is returning the string "4.1.3" like it should. Link to comment Share on other sites More sharing options...
Rajat231 Posted May 4, 2015 Share Posted May 4, 2015 HI,I am also facing same issue while using func PcapGetDeviceList() #include <Array.au3>#include <Winpcap.au3>;Comment: need Winpcap.au3;Comment: opensource.grisambre.net/pcapau3/; Comment:Displaying your device list with full information$winpcap=_PcapSetup() ; initialize winpcap$pcap_devices=_PcapGetDeviceList() ; get devices list_ArrayDisplay($pcap_devices,"Devices list",-1,1) ; display it_PcapFree() ; The outcome is basically showing only one interface data (rather all interfaces) that too in off-format but the expectation is to get all the list of interfaces Row|Col 0[0]|rpcap://\Device\NPF_{2C3FCA5C-235F-4B65-B580-6313D58D76D1}[1]|Network adapter 'VMware Virtual Ethernet Adapter' on local host[2]|1[3]|EN10MB[4]|Ethernet[5]|100000000[6]|00:50:56:xx:xx:xx[7]|192.168.xx.1[8]|255.255.255.0[9]|255.255.255.255[10]|[11]|[12]|[13]|0 Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now