Sniffing a LAN : Jpcap java program only seems to catch my packets

Question

I have to create a program that sniff a local network for school. I chose to work with Java and found out that you can capture packets with jpcap. So I wanted to follow one of the example provided in jpcap's github and it seems like I can only find my own packets.

Like I said, I've looked at the code and chose my wifi interface. The program is capturing packets and I put all the source ip addresses in a text file to run some tests. I have also created a hashmap the ip addresses I've finded when I did a arp -a. From what I've read online, this command shows you ip addresses in your network.I created a boolean set to false and I then proceeded to run a loop that goes through the textfile and looked if the ip address was in the hashMap : if one of the addresses appeared in the hashmap, the boolean would be change to true and it would mean that I've managed to catch something. After running the test, the boolean came out false.

Here's the example code

   ``public class PacketCaptor {
        private static final int INFINITE = -1;
        private static final int PACKET_COUNT = INFINITE; 
      /*
          private static final String HOST = "203.239.110.20";
          private static final String FILTER = 
          "host " + HOST + " and proto TCP and port 23";
      */

      private static final String FILTER = 
        // "port 23";
        "";

      public static void main(String[] args) {

        try {
          if(args.length == 1){
              PacketCaptor sniffer = new PacketCaptor(args[0]);
          } else {
        System.out.println("Usage: java Sniffer [device name]");
        System.out.println("Available network devices on your machine:");
        String[] devs = PacketCapture.lookupDevices();

        for(int i = 0; i < devs.length ; i++)
          System.out.println("\t" + devs[i]);
          }
        } catch(Exception e) {
          e.printStackTrace();
          }

      }

      public PacketCaptor(String device) throws Exception {
        // Initialize jpcap
        PacketCapture pcap = new PacketCapture();
        System.out.println("Using device '" + device + "'");
        pcap.open(device, true);
        //pcap.setFilter(FILTER, true);
        pcap.addPacketListener(new PacketHandler());

        System.out.println("Capturing packets...");
        pcap.capture(PACKET_COUNT);
      }
    }


    class PacketHandler implements PacketListener 
    {
        WritingClass writing = new WritingClass();

      public void packetArrived(Packet packet) {
        try {
          // only handle TCP packets

          if(packet instanceof TCPPacket) {
        TCPPacket tcpPacket = (TCPPacket)packet;
        byte[] data = tcpPacket.getTCPData();

        String srcHost = tcpPacket.getSourceAddress();
        String dstHost = tcpPacket.getDestinationAddress();
        String isoData = new String(data, "ISO-8859-1");

        System.out.println(srcHost+" -> " + dstHost + ": " + isoData);
        String datas = srcHost+"|"+dstHost+"|";

        writing.write(datas, this.writing.getFileName());

          }
        } catch( Exception e ) {
          e.printStackTrace();
        }
      }

Can anyone help me figure out why It doesn't work ? Thank you so much for your help

Answer 1

The reason why you aren't able to capture more packets is because you need an interface in promisc or raw mode, I advice you to use a proper sniffer like wireshark to check if other packets that aren't addressed to you can be captured. If not, means you need apply a mitm method because you are in a commuted network. For use that code on wifi should be enough an interface in monitor mode (check aircrack-ng suite). In GNU/Linux Debian based systems may use the command iw dev wlan0 interface add mon0 type monitor (from package wireless-tools)