flat assembler
Message board for the users of flat assembler.
Index
> Windows > Packet Sniffing |
Author |
|
me 15 Aug 2003, 00:01
I wondering how to packet sniff in windows xp / win2k in fasmw.
|
|||
15 Aug 2003, 00:01 |
|
me 18 Aug 2003, 00:11
Sorry about my first post. I was very busy at the time that I posted it and did not realise how general it sounded.
I wondering what api calls to use packet sniff in windows XP and 2000. So that I can write a simple packet sniffer for my self in fasm. I know that I need to get the network card into promiscuous mode but how ?. I hope that this is suitable for this forum. |
|||
18 Aug 2003, 00:11 |
|
Rottbott 03 Sep 2003, 15:16
It could be used to help debug programs that use the network...
|
|||
03 Sep 2003, 15:16 |
|
comrade 04 Sep 2003, 01:55
If you want to just sniff socket activity, you can getaway with simple API hooks on wsock32.send and wsock32.recv. For complete network sniffing, you need NDIS driver hooking. There is article somewhere on http://www.sysinternals.com/ on how to build a firewall (with functioning source I believe) and accomplishes NDIS hooking.
|
|||
04 Sep 2003, 01:55 |
|
comrade 04 Sep 2003, 02:01
Not sysinternals article, but there is somewhere mention of Mark Russinovich, so I mixed up.
Here it is: http://www.ntkernel.com/articles/firewalleng.shtml |
|||
04 Sep 2003, 02:01 |
|
me 04 Sep 2003, 06:20
Yo , hi . Yeah i'm i'm currently studing network engineering. I was planning to make a firewall and i was not trying to hack. If i wanted to hack i would have used tools like fluke or ethereal. drr.So i wanted to do the complete opisite.
I read in a windows 2000 api manual that there was an eaiser way called,Windows 2000 Filter-Hook Driver. I really don't want to play around with NDIS drivers. As most corperate servers are windows 2000 server. NOTE : ( I'm not trying to start a OS war here ) I worked out how to get the network card into pericous mode but then realised that in pericous mode that network does not send packets. I'm sorry for not explaining my self better but it's hard to think when you are so busy. Thanks Rottbott and comrade for trusting me. rm. |
|||
04 Sep 2003, 06:20 |
|
comrade 04 Sep 2003, 23:18
Why would hacking discussion be inappropriate for this forum?
|
|||
04 Sep 2003, 23:18 |
|
HarryTuttle 26 Sep 2003, 13:49
comrade wrote: Why would hacking discussion be inappropriate for this forum? because it would be to associate with harmful activity but in the past hacker was a good name unforunatele the meaning has changed... _________________ Microsoft: brings power of yesterday to computers of today. |
|||
26 Sep 2003, 13:49 |
|
comrade 26 Sep 2003, 14:29
HarryTuttle wrote:
So? |
|||
26 Sep 2003, 14:29 |
|
HarryTuttle 26 Sep 2003, 14:51
everybody are shivering all over when something sounds like hacking hack or something like that.
The fear is in my opinion groundless but the others think differently. Anyway I respect this convention. _________________ Microsoft: brings power of yesterday to computers of today. |
|||
26 Sep 2003, 14:51 |
|
scientica 26 Sep 2003, 16:35
comrade wrote:
Let's change it back, and inform the mases, hackers aren't crackers. Unless we do that the big masses will continue to belive the media, that calls crackers hackers - one should send them an e-mail pointing out their fact error. (because that's what it is, it's kinda like AV-programmers being confused with virii-makers, the AV-makers know the tricks of the viriists but they're not writing viriis but user their knowledge to counter act (unless they have nothing to do a booring monday - "if you aint got job, make job" ) - do you understand what I'm saying?) btw, Rottbott, didn't think of that. _________________ ... a professor saying: "use this proprietary software to learn computer science" is the same as English professor handing you a copy of Shakespeare and saying: "use this book to learn Shakespeare without opening the book itself. - Bradley Kuhn |
|||
26 Sep 2003, 16:35 |
|
HarryTuttle 26 Sep 2003, 18:20
yes I do,
it means that "to change it back" is hard to do or rather impossible... _________________ Microsoft: brings power of yesterday to computers of today. |
|||
26 Sep 2003, 18:20 |
|
scientica 26 Sep 2003, 22:15
HarryTuttle wrote: is hard to do or rather impossible... It just a matter of whenever somebody "confuses"/mis-uses the word hacker to correct that person. Informing him/her about the difference, so that (s)he don't make the same misstake/error. _________________ ... a professor saying: "use this proprietary software to learn computer science" is the same as English professor handing you a copy of Shakespeare and saying: "use this book to learn Shakespeare without opening the book itself. - Bradley Kuhn |
|||
26 Sep 2003, 22:15 |
|
comrade 06 Oct 2003, 03:55
Change szFileName symbol in loader.asm to hook a different executable.
|
|||||||||||
06 Oct 2003, 03:55 |
|
HarryTuttle 08 Oct 2003, 13:47
not so bad
_________________ Microsoft: brings power of yesterday to computers of today. |
|||
08 Oct 2003, 13:47 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.