#include <Array.au3>
#include <Winpcap.au3>
$filter = "tcp" ; Фильтр по типу трафика
$winpcap = _PcapSetup() ; initialize winpcap
If ($winpcap = -1) Then
MsgBox(16, "Pcap error !", "WinPcap not found !")
Exit
EndIf
$pcap_devices = _PcapGetDeviceList() ; Получение списка сетевых карт
If ($pcap_devices = -1) Then
MsgBox(16, "Pcap error !", _PcapGetLastError())
Exit
EndIf
$int = $pcap_devices[0][0]
$pcap = _PcapStartCapture($int, $filter, 0);start capture
If ($pcap = -1) Then
MsgBox(16, "Pcap error !", _PcapGetLastError())
EndIf
While 1
If IsPtr($pcap) Then
While 1
$packet = _PcapGetPacket($pcap)
If IsInt($packet) Then ExitLoop
$sniff = sniff($packet[3])
If $sniff <> False Then
ConsoleWrite($sniff & @CRLF)
EndIf
WEnd
EndIf
WEnd
_PcapFree() ; close winpcap
Func sniff($data)
Local $ipheaderlen = BitAND(_PcapBinaryGetVal($data, 15, 1), 0xF) * 4
Local $tcpoffset = $ipheaderlen + 14
Local $tcplen = _PcapBinaryGetVal($data, 17, 2) - $ipheaderlen ; ip total len - ip header len
Local $tcpheaderlen = BitShift(_PcapBinaryGetVal($data, $tcpoffset + 13, 1), 4) * 4
Local $tcpsrcport = _PcapBinaryGetVal($data, $tcpoffset + 1, 2)
Local $tcpdstport = _PcapBinaryGetVal($data, $tcpoffset + 3, 2)
Local $tcpsequence = _PcapBinaryGetVal($data, $tcpoffset + 5, 4)
Local $tcpflags = _PcapBinaryGetVal($data, $tcpoffset + 14, 1)
Local $httpoffset = $tcpoffset + $tcpheaderlen + 1
Local $httplen = $tcplen - $tcpheaderlen
$sniff_packet = BinaryMid($data, $httpoffset)
If $httplen = 0 Then Return False ; empty tcp packet
If $tcpsrcport = 4002 Then ; Tcp порт
Return ">IN:" & $sniff_packet ; server ==> client
EndIf
If $tcpdstport = 4002 Then ; Tcp порт
Return "<OUT:" & $sniff_packet ; client ==> server
EndIf
EndFunc ;==>sniff