Java TCP 套接字嗅探
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/590510/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Java TCP Socket Sniffing
提问by user57175
I am using TCP sockets to communicate data between a server and client program using a specific port number on the same computer (localhost).
我正在使用 TCP 套接字在服务器和客户端程序之间使用同一台计算机(本地主机)上的特定端口号进行数据通信。
I need a software that can capture the data being sent/received through that socket?
我需要一个可以捕获通过该套接字发送/接收的数据的软件吗?
(or)
(或者)
What's the simplest way of sniffing packets from a specified port in Java?
在 Java 中从指定端口嗅探数据包的最简单方法是什么?
回答by Lennart Koopmann
I suggest using Wireshark. It's easy to use and runs on many platforms.
我建议使用 Wireshark。它易于使用并可在许多平台上运行。
回答by Anonymous
If you are up to some coding (and not just running the wireshark/tcpdump) then you have few choices. If you want stick to Java, then the only (?) option to use raw sockets is via JNI and there are few libraries that can help, for example:
如果您要进行一些编码(而不仅仅是运行wireshark/tcpdump),那么您几乎没有选择。如果您想坚持使用 Java,那么使用原始套接字的唯一 (?) 选项是通过 JNI,并且很少有库可以提供帮助,例如:
回答by Tom Hawtin - tackline
The easiest way is to replace the InputStream/OutputStreamfrom a socket in one of the programs with a proxy implementation, that either prints/logs or "tees" to the original and a print/log stream.
最简单的方法是用代理实现替换其中一个程序中的套接字中的InputStream/ OutputStream,该代理实现可以打印/记录或“tee”到原始和打印/日志流。
But there's plenty of sniffers out there if you really want to get messy.
但是如果你真的想弄得一团糟,那里有很多嗅探器。
回答by Darren Greaves
If you don't mind getting down and dirty with the command line you could try netcat.
It'll let you listen on a port and dump the output to a file if you like.
You can also make it send fake data and record the response.
如果您不介意使用命令行感到沮丧和肮脏,则可以尝试netcat。如果您愿意,它可以让您监听端口并将输出转储到文件中。
你也可以让它发送假数据并记录响应。
I often use it as a pretend HTTP proxy (and configure Firefox to use it) to discover what is being sent over the wire.
我经常将它用作假装的 HTTP 代理(并配置 Firefox 以使用它)来发现通过网络发送的内容。
回答by idarwin
Tcpdumpcan also be used directly, if the volume of traffic is not high, obviating the need to use wireshark. Just something like
Tcpdump也可以直接使用,如果流量不高,不需要使用wireshark。只是像
tcpdump -ni lo0 port 1234
should be all you need (lo0 is the loopback interface on all Unix/Linux systems; also change the port number of course).
应该是您所需要的(lo0 是所有 Unix/Linux 系统上的环回接口;当然也要更改端口号)。
回答by Luciano
Run your program like so:
像这样运行你的程序:
java -Djavax.net.debug=all helloworld.java
java -Djavax.net.debug=all helloworld.java
The switch is fully documented on the Oracle JSSE page
Oracle JSSE 页面上完整记录了该开关
Pros:
优点:
- Much simpler than other suggested solutions (requires no external software)
- Can also decrypt/dump TLS/SSL connections :)
- 比其他建议的解决方案简单得多(不需要外部软件)
- 还可以解密/转储 TLS/SSL 连接:)
Cons:
缺点:
- This will only work if you are using classes from
java.net.*e.g.OutputStreamorInputStreamThis will not work if you're using raw sockets. This is documented in the link. - Believe this may only work on the Oracle JDK.
- 这仅在您使用来自
java.net.*eg 的类OutputStreamInputStream时才有效,或者如果您使用原始套接字,则这将不起作用。这在链接中记录。 - 相信这可能只适用于 Oracle JDK。
回答by Manos
You can use tcpdumpthat gives you a variety of options. You save the capture in a .pcapfile with the -w option and when you are done you open that file with wireshark. The advantage of this way is that you can capture a high rate of packets per second without affecting the overall performance of your pc (even if it is low end).
您可以使用tcpdump它为您提供多种选择。.pcap使用 -w 选项将捕获保存在文件中,完成后使用wireshark. 这种方式的好处是你可以每秒捕获高速率的数据包,而不会影响你的电脑的整体性能(即使它是低端的)。
