Capturing packets with nodejs on windows

Question

node.js v0.8.0 , XP / WIN7 (not Cygwin)

google and found node_pcap ( https://github.com/mranney/node_pcap )

but it only support osx and linux.

is there any module for windows?

thanks.

.

Answer 1

If you want something that's more cross-platform (e.g. compatible with Windows via WinPcap), I wrote cap awhile back: https://github.com/mscdex/cap

Answer 2

I was trying to capture, decode and monitor AMF requests on a windows machine and came up with the following solution for capturing packets using node.js, edge.js and pcap.net library.

Make sure you have the correct version (32bit or 64bit) of node.js and the requirements for edge.js

Also make sure to change/remove the packet filter around line 64 in the code.

var edge = require('edge');

var PacketCap = edge.func('cs', function () {/*
    #r "PcapDotNet.Base.dll"
    #r "PcapDotNet.Core.dll"
    #r "PcapDotNet.Core.Extensions.dll"
    #r "PcapDotNet.Packets.dll"
    #r "System.Xml.dll"
    #r "System.Xml.Linq.dll"

    using System.Collections.Generic;
    using System.Linq;
    using PcapDotNet.Core;
    using PcapDotNet.Packets;
    using PcapDotNet.Packets.IpV4;
    using PcapDotNet.Packets.Transport;
    using PcapDotNet.Packets.Http;
    using System.Text;
    using System.Collections;

    async (dynamic data) => {
        var NodeOut = (Func<object,Task<object>>)data.NodeOut;
        IList<LivePacketDevice> allDevices = LivePacketDevice.AllLocalMachine;
        if (allDevices.Count == 0)
        {
            Console.WriteLine("No interfaces found! Make sure WinPcap is installed.");
        }

        // Print the list
        for (int i = 0; i != allDevices.Count; ++i)
        {
            LivePacketDevice device = allDevices[i];
            Console.Write((i + 1) + ". " + device.Name);
            if (device.Description != null)
                Console.WriteLine(" (" + device.Description + ")");
            else
                Console.WriteLine(" (No description available)");
        }

        int deviceIndex = 0;
        do
        {
            Console.WriteLine("Enter the interface number (1-" + allDevices.Count + "):");
            string deviceIndexString = Console.ReadLine();
            if (!int.TryParse(deviceIndexString, out deviceIndex) ||
                deviceIndex < 1 || deviceIndex > allDevices.Count)
            {
                deviceIndex = 0;
            }
        } while (deviceIndex == 0);

        // Take the selected adapter
        PacketDevice selectedDevice = allDevices[deviceIndex - 1];

        // Open the device
        using (PacketCommunicator communicator = 
            selectedDevice.Open(65536,                                  // portion of the packet to capture
                                                                        // 65536 guarantees that the whole packet will be captured on all the link layers
                                PacketDeviceOpenAttributes.None, // promiscuous mode
                                1000))                                  // read timeout
        {
            Console.WriteLine("Listening on " + selectedDevice.Description + "...");

            using (BerkeleyPacketFilter filter = communicator.CreateFilter("src host 127.0.0.1 and port 80"))
            {
                // Set the filter
                communicator.SetFilter(filter);
            }

            // Retrieve the packets
            Packet packet;
            do
            {
                var encoding = Encoding.Default;
                PacketCommunicatorReceiveResult result = communicator.ReceivePacket(out packet);
                if (packet == null) { continue; }
                if (packet.Ethernet == null) { continue; }
                if (packet.Ethernet.IpV4 == null) { continue; }
                if (packet.Ethernet.IpV4.Tcp == null) { continue; }
                if (packet.Ethernet.IpV4.Tcp.Http == null) { continue; }

                int sourcePort = packet.Ethernet.IpV4.Tcp.SourcePort;
                int destinationPort = packet.Ethernet.IpV4.Tcp.DestinationPort;
                IpV4Address sourceAddress = packet.Ethernet.IpV4.Source;
                IpV4Address destinationAddress = packet.Ethernet.IpV4.Destination;

                IpV4Datagram ip = packet.Ethernet.IpV4;
                TcpDatagram tcp = ip.Tcp;
                HttpDatagram http = tcp.Http;
                string httpBody = "";
                string httpHeader = "";

                try
                {
                    // parse packet
                    await NodeOut(System.Convert.ToBase64String(packet.Buffer));
                }
                catch (Exception ex)
                {
                    //Console.WriteLine(ex.Message);
                }
            } while (true);
        }
        return "Program Exit!";
    }
*/});

var payload = {
NodeOut: function(input, callback) {
        //console.log("base64 -> " + input)
        var data = new Buffer(input, 'base64');
        try {
            strPacket = data.toString('binary');
            console.log(strPacket + "\r\n");
        }
        catch(error) {
          console.log(error.stack);
        }
        callback(null, "test");
    }
}

PacketCap(payload, function (error, result) {
    if (error) throw error;
    console.log(result);
});

My source : http://www.techresx.com/programming/packet-capture-nodejs-edgejs/