摘要
用API拦截和函数入口指令替换的方法,能够对网络数据包方便、快捷地抓取。该方法通过HOOK远程注入技术,修改系统程序的运行逻辑,使程序跳转到自定义的函数中运行,调用Windows部分API实现网路数据包的抓取,不涉及Windows驱动开发等专业知识。该方法主要应用于计算机相关专业的教学演示,具有技术实现简单、无需驱动编程的知识、代码量小、易于学生理解等特点。
This paper uses API interception technology and function entry instruction replacement technology to achieve computer network data packet capture.This method through the HOOK remote injection technology modifies the system running logic,so that the program can jump to a custom function to operate.Calling part of the Windows API to achieve the capture of network data packets does not involve Windows driver development and other professional knowledge.This method is mainly used in teaching demonstration in the field of computer teaching.It features simple technology,it is not necessary to drive programming knowledge,its code amount is small and it is easy to understand for students.
出处
《实验技术与管理》
CAS
北大核心
2016年第4期135-137,共3页
Experimental Technology and Management
基金
重庆市教改项目"运用计算机虚拟技术构建通信系统实践教学新模式"(133017)
重庆邮电大学教改项目"移动通信系统仿真平台的设计与实现"(XJG1302)
关键词
数据包抓取
API拦截
网络实验教学
互联网
data packet capture
API interception
network experimental teaching
Internet
