Resend packet captured from Wireshark

mscdex / cap

A cross-platform binding for performing packet capturing with node.js

MIT License

361 stars 46 forks source link

Resend packet captured from Wireshark #96

Open wyxcoder opened 4 years ago

wyxcoder commented 4 years ago

With Wireshark, I capture a websoket packet with the below code var device = Cap.findDevice('192.168.1.161'); var filter = 'tcp and dst port 54592';

Now I have hex stream of a packet like d5404e297c8575b980c20b32501801fcb35c0000

I want to send the packet from nodejs code, but the below code doesn't work?

var Cap = require('cap').Cap; var c = new Cap(); var device = Cap.findDevice('192.168.1.161'); var filter = 'tcp'; var bufSize = 10 1024 1024; var buffer = Buffer.alloc(65535);

var linkType = c.open(device, filter, bufSize, buffer);

var buffer = Buffer.from("d5404e297c8575b980c20b32501801fcb35c0000"); try { c.send(buffer, buffer.length); console.log("sent"); } catch (e) { console.log("Error sending packet:", e); }

mscdex commented 4 years ago

Assuming you're not getting an exception thrown, that doesn't look like a complete packet. You need to include every layer (including the Ethernet frame for example) and not just a TCP/UDP payload since the buffer you're sending here is what will be literally transmitted by the network card.

wyxcoder commented 4 years ago

Assuming you're not getting an exception thrown, that doesn't look like a complete packet. You need to include every layer (including the Ethernet frame for example) and not just a TCP/UDP payload since the buffer you're sending here is what will be literally transmitted by the network card.

Great! Thank you for the quick reply. Cap is great. I cannot believe the capture part just work without any problem. So the send part. Seems the filter does nothing. I thought set filter to TCP means you can send TCP packet. So what filter I should set for sending?

mscdex commented 4 years ago

The filter is only for the traffic you want to capture. send() literally just sends the provided data over the network card and is not affected by anything else.

wyxcoder commented 4 years ago

I just tested, in Wireshark, I captured a packet sent from an app from my machine to a remote server. The packet size is 81, so I copied the Hex stream, and send it out. But I did't capture it in Wireshark. Any idea? Thanks!

var buffer = Buffer.from("a84e3f6c6642281878fe6aeb08004500004319c4400080060000c0a801a1ca27f132eb5b4e235bbc04e725b9a329501802007dd900008295872d0c178e280e10872d0c17872d0c1ea9370d17841c3e2487");

erfanmola commented 2 years ago

Same issue, The library can not do any .send() with any data, as example here is my full packet :

var buffer = Buffer.from("01005E0000FB0A0027000011080045000051CB700000FF111686C0A83801E00000FB14E914E9003D119F000000000001000000000000095F7733787032373266045F737562095F626C697A7A617264045F756470056C6F63616C00000C0001");