There are about 20 computers in the organization (W7), unfortunately there is no possibility to start up all the computers through the server, for this reason access to the Internet on all computers via a wi-fi router.

What program can I put to take readings of Internet traffic on the network with other computers? If the list of visited sites can be pulled out, it will be just great.

  • You need to put a sniffer? On each computer or how? - lampa
  • Yes, for all coma something like sinifera and all the data pull on your computer! - Cone
  • And what kind of wai-wai router, he is able to collect statistics? - alexlz
  • ASUS with a TOMATO, There is an account, but it is important for me to know the traffic on the IP and it shows the general or the interfaces, it is also desirable to see a detailed log of who went where! - Cone
  • 1. What is the router? (model) 2. Why is it not possible to let everyone through the server? (maybe it's not that hard) - ArcherGodson

1 answer 1

My favorite simple AutoIT !

We are developing the winpcap library and the драйвер itself.

And sobstno ready code:

 #include <Array.au3> #include <GUIConstantsEx.au3> #include <WindowsConstants.au3> #Include <GuiListView.au3> #include <StaticConstants.au3> #include <EditConstants.au3> #Include <WinAPI.au3> #include <ComboConstants.au3> #include <Winpcap.au3> $winpcap=_PcapSetup() If ($winpcap=-1) Then MsgBox(16,"Pcap error !","WinPcap not found !") exit EndIf $pcap_devices=_PcapGetDeviceList() If ($pcap_devices=-1) Then MsgBox(16,"Pcap error !",_PcapGetLastError()) exit EndIf $int=SelectInterface($pcap_devices) $pcap=_PcapStartCapture($pcap_devices[$int][0],"host "&$pcap_devices[$int][7]&" and tcp port (80 or 8080)",0,65536,2^24,0) If IsInt($pcap) Then MsgBox(16,"Pcap error !",_PcapGetLastError()) _PcapFree() exit EndIf $file = FileOpen("domains.txt", 1) ; Check if file opened for writing OK If $file = -1 Then MsgBox(0, "Error", "Unable to open file.") Exit EndIf $i=0 Do If IsPtr($pcap) Then ; If $pcap is a Ptr, then the capture is running $time0=TimerInit() While (TimerDiff($time0)<500) ; Retrieve packets from queue for maximum 500ms before returning to main loop, not to "hang" the window for user $packet=_PcapGetPacket($pcap) If IsInt($packet) Then ExitLoop $http=HttpCapture($packet[3]) If $http == False Then ContinueLoop FileWriteLine($file, $http & @CRLF) $i+=1 Wend EndIf Until false ; close all remaining open captures For $j=0 to Ubound($recordings)-2 _WinAPI_CloseHandle($recordings[$j][1]) Next ; close winpcap wrapper _PcapStopCapture($pcap) _PcapFree() Func HttpCapture ($data) Local $ipheaderlen=BitAnd(_PcapBinaryGetVal($data,15,1),0xF)*4 Local $tcpoffset=$ipheaderlen+14 Local $tcplen=_PcapBinaryGetVal($data,17,2)-$ipheaderlen ; ip total len - ip header len Local $tcpheaderlen=BitShift(_PcapBinaryGetVal($data, $tcpoffset+13,1),4)*4 Local $tcpsrcport=_PcapBinaryGetVal($data,$tcpoffset+1,2) Local $tcpdstport=_PcapBinaryGetVal($data,$tcpoffset+3,2) Local $tcpsequence=_PcapBinaryGetVal($data,$tcpoffset+5,4) Local $tcpflags=_PcapBinaryGetVal($data, $tcpoffset+14,1) Local $r[2]=["",""] ; From here, we are watching http payload Local $httpoffset=$tcpoffset+$tcpheaderlen+1 Local $httplen=$tcplen-$tcpheaderlen If $httplen=0 Then return false Local $http=BinaryToString(BinaryMid ($data, $httpoffset, $httplen)) Local $host = StringRegExp ( $http, "Host: (.*)" , 1) If @Error <>0 Then return false return $host[0] EndFunc Func SelectInterface($devices) ; auto selects an ethernet pcap interface or prompt user for choice Local $ipv4=0,$int=0,$i,$win0,$first,$interface,$ok,$which,$msg For $i=0 To Ubound($devices)-1 If $devices[$i][3]="EN10MB" AND StringLen($devices[$i][7])>6 Then ; for ethernet devices with valid ip address only ! $ipv4+=1 $int=$i EndIf Next If $ipv4=0 Then MsgBox(16,"Error","No network interface found with a valid IPv4 address !") _PcapFree() Exit EndIf If $ipv4>1 Then $win0=GUICreate("Interface choice", 500, 50) $interface=GUICtrlCreateCombo("", 10, 15, 400,default,$CBS_DROPDOWNLIST) $first=true For $i = 0 to Ubound($devices)-1 If $devices[$i][3]="EN10MB" AND StringLen($devices[$i][7])>6 Then If $first Then GUICtrlSetData(-1, $devices[$i][7]&" - "&_PcapCleanDeviceName($devices[$i][1]),$devices[$i][7]&" - "&_PcapCleanDeviceName($devices[$i][1])) $first=false Else GUICtrlSetData(-1, $devices[$i][7]&" - "&_PcapCleanDeviceName($devices[$i][1])) EndIf EndIf Next $ok=GUICtrlCreateButton ( " Ok ", 430, 15,60) GUISetState() While true $msg = GUIGetMsg() If $msg=$ok Then $which=GUICtrlRead($interface) For $i=0 To Ubound($devices)-1 If StringLen($devices[$i][7])>6 AND StringInStr($which,$devices[$i][7]) Then $int=$i ExitLoop EndIf Next GUIDelete($win0) ExitLoop EndIf If $msg=$GUI_EVENT_CLOSE Then Exit Wend EndIF return $int EndFunc

You can take out anything, starting from the address and ending with the content.

If we want more, then we make an order :-) Or we fight ourselves - it also delivers.

  • Thank you very much, I will understand what is what and what it is! - Cone