📄 u_owns.pas
字号:
{$A+,B-,C+,D+,E-,F-,G+,H+,I+,J+,K-,L+,M-,N+,O+,P+,Q-,R-,S-,T-,U-,V+,W-,X+,Y+,Z1}
{$MINSTACKSIZE $00004000}
{$MAXSTACKSIZE $00100000}
{$IMAGEBASE $00400000}
{$APPTYPE GUI}
(*
* One Way Network Sniffer (OWNS)
* Copyright (C) 2001-2002 OWNS
*
* http://owns.sourceforge.net/
* http://www.owns.st
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
*)
(* $Id: u_Owns.pas,v 1.13 2002/11/23 21:49:50 owns Exp $ *)
unit u_Owns;
interface
uses
IdGlobal, SysUtils, QForms, QExtCtrls, QStdCtrls, QControls, Classes, QDialogs, QTypes,QComCtrls,
u_Packet, u_EthernetFrame, u_ConnectionsTCP, u_TCPPacket, u_statistics, u_Filter,
u_capture,
u_Debug, u_FilterHttp,
u_OwnsInitFile,
u_Sniffer, u_ObserverSniffer,u_LibpCapSniffer,u_Utils,
QGraphics
{$IFDEF MSWINDOWS}
,u_SysInfo,u_SehSniffer
{$ENDIF}
;
// For cyberstream satellite cards, you should modify ini files :
// replace buffers0=200 by buffers0=800 and the others
// There will be less damaged files
//
// You should also disable zonealarm if you use this software
type
// interface
TfrmOwns = class(TForm)
btnCaptureStart: TButton;
btnStopCapture: TButton;
Timer: TTimer;
PageControl: TPageControl;
TabSheetParams: TTabSheet;
TabSheetStats: TTabSheet;
GroupBox1: TGroupBox;
rbtnPath1: TRadioButton;
rbtnPath2: TRadioButton;
rbtnPath3: TRadioButton;
GroupBox3: TGroupBox;
rbtnCaptureTous: TRadioButton;
rbtnCaptureIP: TRadioButton;
edtIP: TEdit;
Label1: TLabel;
Label2: TLabel;
Label3: TLabel;
Label8: TLabel;
Label9: TLabel;
Label10: TLabel;
Label11: TLabel;
Label14: TLabel;
Label4: TLabel;
Label15: TLabel;
Label16: TLabel;
Label12: TLabel;
Label17: TLabel;
Label13: TLabel;
lblTimeElapsed: TLabel;
lblBytesSaved: TLabel;
lblBytesReceived: TLabel;
lblFilesCreated: TLabel;
lblAverageSpeed: TLabel;
lblCurrentSpeed: TLabel;
lblDamaged: TLabel;
lblNbConnectionsTotal: TLabel;
lblNbConnectionsEnCours: TLabel;
lblCurrentFile: TLabel;
TabSheetDebug: TTabSheet;
MemoDebug: TMemo;
Label20: TLabel;
Label21: TLabel;
Label22: TLabel;
lblTramesTCP: TLabel;
lblTramesAutres: TLabel;
TabSheetSource: TTabSheet;
OpenDialog: TOpenDialog;
Label19: TLabel;
lblPop3: TLabel;
Label24: TLabel;
lblWww: TLabel;
Label25: TLabel;
lblNntp: TLabel;
TabSheetHttpFilter: TTabSheet;
chkSaveNonTCP: TCheckBox;
GroupBox5: TGroupBox;
Label27: TLabel;
EdtTimeOutTCP: TEdit;
rbtnPath4: TRadioButton;
Label28: TLabel;
Label29: TLabel;
lblBytesTCP: TLabel;
lblBytesNonTCP: TLabel;
ProgressBarMemoryLoad: TProgressBar;
ProgressBarSwapFileUsage: TProgressBar;
Label30: TLabel;
Label31: TLabel;
TimerSwapMem: TTimer;
Image1: TImage;
chkHttp: TCheckBox;
GroupBoxSaveHttpHeaders: TGroupBox;
chkHttpHeadersHotmail: TCheckBox;
chkhttpHeadersAll: TCheckBox;
chkHttpHeadersSaved: TCheckBox;
GroupBoxSaveFilesHttp: TGroupBox;
chkWeb: TCheckBox;
chkImages: TCheckBox;
chkArchives: TCheckBox;
chkMusique: TCheckBox;
chkvideo: TCheckBox;
ChkInconnus: TCheckBox;
chkRejectPartialContentMessage: TCheckBox;
Label6: TLabel;
edtTailleMin: TEdit;
chkSaveHttpFiles: TCheckBox;
GroupBoxSaveHttpTCPStream: TGroupBox;
chkHttpAllFilesSaved: TCheckBox;
TabSheet2: TTabSheet;
GroupBox7: TGroupBox;
chkPop3SaveFiles: TCheckBox;
chkPop3SaveTCPStream: TCheckBox;
GroupBox10: TGroupBox;
chkNntpSaveFiles: TCheckBox;
chkNntpSaveTCPStream: TCheckBox;
GroupBox11: TGroupBox;
chkOthersSaveTCPStream: TCheckBox;
chkHttpAllTCPStreams: TCheckBox;
GroupBox2: TGroupBox;
RadioButtonLibpCap: TRadioButton;
RadioButtonSeh: TRadioButton;
GroupBox4: TGroupBox;
RadioButtonInterface: TRadioButton;
cmbInterfaces: TComboBox;
RadioButtonFile: TRadioButton;
EditFileName: TEdit;
ButtonOpenFile: TButton;
RadioButtonObserver: TRadioButton;
Image2: TImage;
GroupBoxBpf: TGroupBox;
BpfExpression: TEdit;
Label5: TLabel;
Label7: TLabel;
Label18: TLabel;
EditOutputDirectory: TEdit;
Label23: TLabel;
procedure FormCreate(Sender: TObject);
procedure btnCaptureStartClick(Sender: TObject);
procedure btnStopCaptureClick(Sender: TObject);
procedure FormDestroy(Sender: TObject);
procedure TimerTimer(Sender: TObject);
procedure ButtonOpenFileClick(Sender: TObject);
procedure EditFileNameClick(Sender: TObject);
procedure cmbInterfacesClick(Sender: TObject);
procedure TimerSwapMemTimer(Sender: TObject);
procedure chkHttpClick(Sender: TObject);
procedure chkSaveHttpFilesClick(Sender: TObject);
procedure RadioButtonSehClick(Sender: TObject);
procedure RadioButtonLibpCapClick(Sender: TObject);
procedure RadioButtonObserverClick(Sender: TObject);
private
{ Private declarations }
FCapture : TCapture;
FTickCount : Cardinal;
FBytesReceived : Int64;
FLibpCapSniffer : TLibpCapSniffer;
FSehSniffer : TSniffer;
FObserverSniffer : TObserverSniffer;
FOwnsIniFile : TOwnsIniFile;
procedure startCapture;
procedure enableGroupBox(p_GroupBox : TGroupBox;p_Enable : boolean);
procedure setSniffer(p_Sniffer : TSniffer);
procedure endCapture;
procedure saveOptions;
procedure readOptions();
public
{ Public declarations }
end;
var
frmOwns: TfrmOwns;
implementation
{$R *.xfm}
procedure TfrmOwns.FormCreate(Sender: TObject);
var
errStr : String;
begin
FOwnsIniFile := TOwnsIniFile.create('./owns.ini');
{$IFDEF MSWINDOWS}
RadioButtonLibpCap.Caption := 'WinpCap';
{$ENDIF}
{$IFDEF LINUX}
RadioButtonLibpCap.Caption := 'LibpCap';
{$ENDIF}
// we create FCapture
FCapture := TCapture.create;
FCapture.OnendCapture := endCapture;
// we create all the sniffer that can be used with FCapture
FLibpCapSniffer := nil;
FSehSniffer := nil;
FObserverSniffer := TObserverSniffer.create;
if TLibpCapSniffer.isAvailable then
begin
FLibpCapSniffer := TLibpCapSniffer.create;
if (FLibpCapSniffer.getAdapters(errStr) = false) then
begin
ShowMessage('LipCap is present but cannot be used : '+errStr);
FLibpCapSniffer.free;
FLibpCapSniffer := nil;
end;
end;
{$IFDEF MSWINDOWS}
if TSehSniffer.isAvailable then
begin
FSehSniffer := TSehSniffer.create;
if (FSehSniffer.getAdapters(errStr) = false) then
begin
ShowMessage('FSehSniffer is present but cannot be used : '+errStr);
FSehSniffer.free;
FSehSniffer := nil;
end;
end;
{$ENDIF}
RadioButtonLibpCap.Enabled := FLibpCapSniffer <> nil;
RadioButtonSeh.Enabled := FSehSniffer <> nil;
// we set the current sniffer depending on which are available
if (FLibpCapSniffer <> nil) then
setSniffer(FLibpCapSniffer)
else
if (FSehSniffer <> nil) then
setSniffer(FSehSniffer)
else
setSniffer(FObserverSniffer); // always available !
PageControl.ActivePage := TabSheetSource;
readOptions();
end;
procedure TfrmOwns.FormDestroy(Sender: TObject);
begin
saveOptions;
FownsIniFile.Free;
FCapture.free;
FLibpCapSniffer.free;
FSehSniffer.free;
FObserverSniffer.free;
end;
// start capture
procedure TfrmOwns.btnCaptureStartClick(Sender: TObject);
begin
startCapture;
end;
// start capture
procedure TfrmOwns.startCapture;
begin
if (EditOutputDirectory.text = '') then EditOutputDirectory.text := './files'; // don't call forcedirectories with an empty string
if (ForceDirectories(convertPath(EditOutputDirectory.text)) = false) then
begin
ShowMessage('Cannot create output directory');
PageControl.ActivePage := TabSheetParams;
EditOutputDirectory.SetFocus;
EditOutputDirectory.SelectAll;
exit;
end;
with g_Filter do
begin
// Parameters
OutputDir := EditOutputDirectory.text;
if rbtnPath1.Checked then
FilePathConfig := Ext_Id;
if rbtnPath2.Checked then
FilePathConfig := Ext_IPDest_PortDest_Id;
if rbtnPath3.Checked then
FilePathConfig := IPDest_Ext_Id;
if rbtnPath4.Checked then
FilePathConfig := Mime_IpDest_PortDest_Id;
// Http filter
SaveHttp := chkHttp.Checked;
with FilterHttp do
begin
// Save Files
SaveFiles := chkSaveHttpFiles.Checked;
minSize := StrToInt(edtTailleMin.text);
filtreExtensions := [];
if chkWeb.Checked then filtreExtensions := filtreExtensions + [TypeText];
if chkImages.Checked then filtreExtensions := filtreExtensions + [TypeImage];
if chkArchives.Checked then filtreExtensions := filtreExtensions + [TypeApplication];
if chkMusique.Checked then filtreExtensions := filtreExtensions + [TypeAudio];
if chkvideo.Checked then filtreExtensions := filtreExtensions + [TypeVideo];
if ChkInconnus.Checked then filtreExtensions := filtreExtensions + [TypeInconnu];
RejectPartialContentMessage := chkRejectPartialContentMessage.checked;
// Save http headers
filterHeaders := [];
if chkHttpHeadersSaved.checked then filterHeaders := filterHttp.filterHeaders + [FileSavedHeaders];
if chkHttpHeadersHotmail.checked then filterHeaders := filterHttp.filterHeaders + [HotMailHeaders];
if chkhttpHeadersAll.checked then filterHeaders := [AllHeaders];
// Save Tcp streams
FilterHttpTCPStream := [];
if chkHttpAllFilesSaved.Checked then filterHttp.FilterHttpTCPStream := filterHttp.FilterHttpTCPStream+[FileSavedTCPStreams];
if chkHttpAllTCPStreams.Checked then filterHttp.FilterHttpTCPStream := [AllTCPStreams];
end;
// other filters
FilterPop3.SaveFiles := chkPop3SaveFiles.checked;
FilterPop3.SaveTCPStream := chkPop3SaveTCPStream.checked;
FilterNntp.SaveFiles := chkNntpSaveFiles.Checked;
FilterNntp.SaveTCPStream := chkNntpSaveTCPStream.checked;
FilterOthers.SaveTCPStream := chkOthersSaveTCPStream.checked;
end;
FCapture.SaveNonTCP := chkSaveNonTCP.Checked;
FCapture.TimeOutTCP := StrToInt(EdtTimeOutTCP.Text);
if (RadioButtonInterface.checked) then
begin
if (cmbInterfaces.ItemIndex = -1) then
begin
ShowMessage('No adapter detected. Do you have necessary rights ?');
exit; // no adapters detected
end;
FCapture.Sniffer.AdapterIndex := cmbInterfaces.ItemIndex;
FCapture.Sniffer.mode := Live;
end
else
begin
if (FCapture.Sniffer = FObserverSniffer) then
FObserverSniffer.FilePath := EditFileName.Text;
if (FCapture.Sniffer = FLibpCapSniffer) then
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -