hacking contest

hacking exploits security forum
hacking
compliance articles
upgrade backup exec
information security consultant
Help - Search - Member List - Calendar
Full Version: Simple Packet Sniffer
GovernmentSecurity.org > The Archives > Public Downloads
coder
Oct 23 2003, 06:21 PM
Hey all,

Here is simple Packet Sniffer written/compiled for Win32 Systems using the winpcap library...

I'm currently working on a copy that uses Perl like expressions to search/find certain data sets. Useful for sniffing on LAN's while looking for Plaintext transmissions...

user posted image
Neo_
Oct 23 2003, 08:11 PM
Great !
it looks like Matrix Code.

One usefull link : http://winpcap.polito.it/install/bin/WinPc...Pcap_3_01_a.exe

Just a question, is it possible to type
packetsniffer.exe>res.txt ?

because it asks "Select the number of the adapter to open"

Maybe packetsniffer.exe /1>res.txt


Dillinja
Oct 23 2003, 09:32 PM
Nice work coder!

Especially looking forward to that improved copy, but this works a treat!
TedOb1
Oct 24 2003, 06:18 AM
QUOTE (Neo_ @ Oct 23 2003, 08:11 PM)

Just a question, is it possible to type
packetsniffer.exe>res.txt ?

because it asks "Select the number of the adapter to open"

Maybe packetsniffer.exe /1>res.txt


if its not working for you it might be because its called packetsniff but

packetsniff /1 >res.txt

seems to work fine. im on a modem connection now and this proggie looks for eth but packetsniff /1 >ps.txt writes the header and errors im getting here to file. ill give it a shot tomorrow at work.

Thanks coder! this could be pretty useful.
Neo_
Oct 24 2003, 08:09 AM
lol, i'm not a n00bs biggrin.gif

I have three adapters

packetsniff /1>res.txt gives :

Adapters installed:

1 - \Device\NPF_{4EF32433-8919-472B-80A9-195C256EA52D}
2 - \Device\NPF_{G2343478-DE6A-4990-98F4-BFE7799B9F82}
3 - \Device\NPF_{432433A6-81E1-49BD-9C5D-1C6FD5A5AB98}

Select the number of the adapter to open :
-=[MePhIsTo]=-
Oct 24 2003, 08:22 AM
QUOTE (Neo_ @ Oct 23 2003, 08:11 PM)
Great !
it looks like Matrix Code.


Of course when set the color of the letters green tongue.gif
cartman
Oct 24 2003, 08:34 AM
Thx Coder I try it wink.gif
TedOb1
Oct 24 2003, 03:24 PM
Sorry NEO i wasn't suggesting you were a newb. even old timers can type packetsniffer instead of packetsniff. mistakes like this come with experiance.

coder...any chance of gazing at the src?
coder
Oct 24 2003, 03:37 PM
tedob1:

i posted this before... it's not the same code (my code is all nice and pretty dry.gif )


but this is the basic idea...

CODE
use Net::Pcap;

$count = 10;


my $err;
my $dev=Net::Pcap::lookupdev(\$err);

if (defined $err) {
  die ('Unable to determine network device for monitoring - ',$err);
}

my ($address, $netmask, $err);
if (Net::Pcap::lookupnet($dev, \$address, \$netmask, \$err)) {
  die 'Unable to look up device information for ', $dev, ' - ', $err;
}
print STDOUT "$dev: addr/mask -> $addr/$mask\n";

$object = Net::Pcap::open_live($dev, $snaplen, $promisc, $to_ms, \$err);
Net::Pcap::loop($object, $count, \&callback_function, $user_data);


Net::Pcap::close($object);


sub callback_function {
  my ($user_data, $header, $packet) = @_;
  print "$user_data\n\n";
}
GhostCow
Oct 25 2003, 12:27 AM
thanks coder now i got it working... using the perl script it just gave me my device name
hermel
Oct 26 2003, 12:53 PM
THX for the nice tool coder smile.gif
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
 
Invision Power Board © 2001-2005 Invision Power Services, Inc.