📄 catchx.ctl
字号:
VERSION 5.00
Begin VB.UserControl CatchX
ClientHeight = 375
ClientLeft = 0
ClientTop = 0
ClientWidth = 375
InvisibleAtRuntime= -1 'True
Picture = "CatchX.ctx":0000
ScaleHeight = 375
ScaleWidth = 375
End
Attribute VB_Name = "CatchX"
Attribute VB_GlobalNameSpace = False
Attribute VB_Creatable = True
Attribute VB_PredeclaredId = False
Attribute VB_Exposed = True
Option Explicit
'声明本控件具有事件RecevAll,Mode=0时触发此事件,PackData()为网络完整包数据(包括IP头+TCP/UDP/ICMP头+实际数据)
'PackData()网络包完整数据、PackLen为完整包数据长度
Public Event RecevAll(PackData() As Byte, PackLen As Long)
'声明本控件具有事件Recev,Mode=1时触发此事件,Data()仅为网络包中的实际数据(不包括IP头、TCP/UDP/ICMP头)
'Data()网络包中的实际数据、DataLen为实际数据长度、Proto为协议标识(ICMP = 1、TCP = 6、UDP = 17)
'SIp为发送方IP地址、DIp接收方IP地址、Sport发送方端口号(ICMP协议无意义)、Dport接收方端口号(ICMP协议无意义)
Public Event Recev(Data() As Byte, DataLen As Long, Proto As Byte, SIp As String, DIp As String, Sport As Long, Dport As Long)
Private vBegin As Boolean '用于保存是否启动抓包状态,True为已启动,False为停止
Private vMode As Integer
Private vCatchIP As String
Private vCatchIP_Byte(3) As Byte
Private RecvLen As Long
Private DataBuff() As Byte
Private DataStart As Integer, DataLen As Long, SIp As String, DIp As String, Sport As Long, Dport As Long
Private Tmp_Int As Integer
Public Enum IPPROTO 'Ip_Header.Proto的取值
IPproto_ICMP = 1 '即PING协议
IPproto_TCP = 6 'TCP协议
IPproto_UDP = 17 'UDP协议
End Enum
Public Type Ip_Header 'IP头数据格式
Lenver As Byte
Tos As Byte
Len As Integer
Ident As Integer
flags As Integer
Ttl As Byte
Proto As Byte
Checksum As Integer
SourceIP As Long
DestIP As Long
End Type
Public Type Tcp_Header 'TCP头数据格式
Sport As Integer
Dport As Integer
Seq As Long
Ack As Long
Lenres As Byte
Flag As Byte
Win As Integer
Sum As Integer
Urp As Integer
End Type
Public Type Udp_Header 'UDP头数据格式
Sport As Integer
Dport As Integer
Len As Integer
Sum As Integer
End Type
Public Type Icmp_Header 'ICMP头数据格式
Type As Byte
Code As Byte
Sum As Integer
Id As Integer
Seq As Integer
' time As Long
End Type
'当控件实例首次实例化时(把控件实例放置到窗体),设置属性的初值
Private Sub UserControl_InitProperties()
vBegin = False
vMode = 0
vCatchIP = ""
UserControl.AutoRedraw = True
UserControl.Print "抓包" '显示“抓包”二字,用于标识控件的显示
End Sub
'通过UserControl_MouseUp事件,接受Winsock异步中断事件,并根据本控件的Mode属性,产生控件事件RecevAll或Recev
Private Sub UserControl_MouseUp(Button As Integer, Shift As Integer, X As Single, Y As Single)
If Not vBegin Then '判别是否停止抓包
WCleanup s '若为停止,则终止
Exit Sub
End If
RecvLen = recv(s, buffer(0), PACKMAX, 0&) '读网卡上数据到buffer(),RecvLen为完整数据包长度
If vCatchIP = "" Then '判别是否捕捉所有IP地址的数据包
'是捕捉所有IP地址的数据包
If vMode = 0 Then '
RaiseEvent RecevAll(buffer, RecvLen)
Else
Select Case buffer(9)
Case IPproto_TCP
Tmp_Int = (buffer(0) Mod 16) * 4 'IPHeader长度
DataStart = Tmp_Int + (buffer(Tmp_Int + 12) \ 16) * 4 'IPHeader长+TCPHeader长
DataLen = buffer(2) * 256& + buffer(3) - DataStart '数据长度
If DataLen > 0 Then
ReDim DataBuff(DataLen)
CopyMemory DataBuff(0), buffer(DataStart - 1), DataLen
SIp = buffer(12) & "." & buffer(13) & "." & buffer(14) & "." & buffer(15)
DIp = buffer(16) & "." & buffer(17) & "." & buffer(18) & "." & buffer(19)
Sport = buffer(Tmp_Int) * 256& + buffer(Tmp_Int + 1)
Dport = buffer(Tmp_Int + 2) * 256& + buffer(Tmp_Int + 3)
RaiseEvent Recev(DataBuff, DataLen, buffer(9), SIp, DIp, Sport, Dport)
End If
Case IPproto_UDP
Tmp_Int = (buffer(0) Mod 16) * 4 'IPHeader长度
DataStart = Tmp_Int + 8 'IPHeader长+UDPHeader长
DataLen = buffer(2) * 256& + buffer(3) - DataStart '数据长度
If DataLen > 0 Then
ReDim DataBuff(DataLen)
CopyMemory DataBuff(0), buffer(DataStart - 1), DataLen
SIp = buffer(12) & "." & buffer(13) & "." & buffer(14) & "." & buffer(15)
DIp = buffer(16) & "." & buffer(17) & "." & buffer(18) & "." & buffer(19)
Sport = buffer(Tmp_Int) * 256& + buffer(Tmp_Int + 1)
Dport = buffer(Tmp_Int + 2) * 256& + buffer(Tmp_Int + 3)
RaiseEvent Recev(DataBuff, DataLen, buffer(9), SIp, DIp, Sport, Dport)
End If
Case IPproto_ICMP
Tmp_Int = (buffer(0) Mod 16) * 4 'IPHeader长度
DataStart = Tmp_Int + 8 'IPHeader长+ICMPHeader长
DataLen = buffer(2) * 256& + buffer(3) - DataStart '数据长度
If DataLen > 0 Then
ReDim DataBuff(DataLen)
CopyMemory DataBuff(0), buffer(DataStart - 1), DataLen
SIp = buffer(12) & "." & buffer(13) & "." & buffer(14) & "." & buffer(15)
DIp = buffer(16) & "." & buffer(17) & "." & buffer(18) & "." & buffer(19)
Sport = 0
Dport = 0
RaiseEvent Recev(DataBuff, DataLen, buffer(9), SIp, DIp, Sport, Dport)
End If
Case Else
Tmp_Int = (buffer(0) Mod 16) * 4 'IPHeader长度
DataStart = Tmp_Int 'IPHeader长,随后即作为数据
DataLen = buffer(2) * 256& + buffer(3) - DataStart '数据长度
If DataLen > 0 Then
ReDim DataBuff(DataLen)
CopyMemory DataBuff(0), buffer(DataStart - 1), DataLen
SIp = buffer(12) & "." & buffer(13) & "." & buffer(14) & "." & buffer(15)
DIp = buffer(16) & "." & buffer(17) & "." & buffer(18) & "." & buffer(19)
Sport = 0
Dport = 0
RaiseEvent Recev(DataBuff, DataLen, buffer(9), SIp, DIp, Sport, Dport)
End If
End Select
End If
ElseIf (vCatchIP_Byte(0) = buffer(12) And vCatchIP_Byte(1) = buffer(13) And vCatchIP_Byte(2) = buffer(14) And vCatchIP_Byte(3) = buffer(15)) Or _
(vCatchIP_Byte(0) = buffer(16) And vCatchIP_Byte(1) = buffer(17) And vCatchIP_Byte(2) = buffer(18) And vCatchIP_Byte(3) = buffer(19)) Then
If vMode = 0 Then
RaiseEvent RecevAll(buffer, RecvLen)
Else
Select Case buffer(9)
Case IPproto_TCP
Tmp_Int = (buffer(0) Mod 16) * 4 'IPHeader长度
DataStart = Tmp_Int + (buffer(Tmp_Int + 12) \ 16) * 4 'IPHeader长+TCPHeader长
DataLen = buffer(2) * 256& + buffer(3) - DataStart '数据长度
ReDim DataBuff(DataLen)
If DataLen > 0 Then
CopyMemory DataBuff(0), buffer(DataStart - 1), DataLen
SIp = buffer(12) & "." & buffer(13) & "." & buffer(14) & "." & buffer(15)
DIp = buffer(16) & "." & buffer(17) & "." & buffer(18) & "." & buffer(19)
Sport = buffer(Tmp_Int) * 256& + buffer(Tmp_Int + 1)
Dport = buffer(Tmp_Int + 2) * 256& + buffer(Tmp_Int + 3)
RaiseEvent Recev(DataBuff, DataLen, buffer(9), SIp, DIp, Sport, Dport)
End If
Case IPproto_UDP
Tmp_Int = (buffer(0) Mod 16) * 4 'IPHeader长度
DataStart = Tmp_Int + 8 'IPHeader长+UDPHeader长
DataLen = buffer(2) * 256& + buffer(3) - DataStart '数据长度
ReDim DataBuff(DataLen)
If DataLen > 0 Then
CopyMemory DataBuff(0), buffer(DataStart - 1), DataLen
SIp = buffer(12) & "." & buffer(13) & "." & buffer(14) & "." & buffer(15)
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -