Hi, Christian Seifert wrote:
Getting closer. ...
sounds so ;-)
Can you 1. execute on the client 'CaptureClient.exe -c', 2. copy a file manually from a to b using your windows explorer 3. on the capture client window, press q and then enter crash or no crash?
no crash, logfile attached.
Also, have you tried out installing winpcap and 2005 c++ sp1 redist libs?
Aye, I installed both, but it still crashes.
Also, one more question: What exact version of CaptureClient are you using?
It's 251-384 for both catpure-server and capture-client. Thanks & Regards, Matthias
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\Administrator>cd \
C:\>cd "Program Files"
C:\Program Files>cd Capture
C:\Program Files\Capture>CaptureClient.exe -c
PROJECT: Capture-HPC
VERSION: 2.5
DATE: August 6, 2008
COPYRIGHT HOLDER: Victoria University of Wellington, NZ
AUTHORS:
Christian Seifert ([EMAIL PROTECTED])
Ramon Steenson([EMAIL PROTECTED])
Capture-HPC is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License, V2 as published by
the Free Software Foundation.
Capture-HPC is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with Capture-HPC; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301,USA
Option: Collecting modified files
Starting Capture Client 2.5
hereLoaded plugin: Application_ClientConfigManager.dll
inserted: added application: acrobatreader
inserted: added application: firefox
inserted: added application: opera
inserted: added application: word
inserted: added application: oowriter
Loaded plugin: Application_InternetExplorer.dll
inserted: added application: iexplore
Loaded plugin: Application_InternetExplorerBulk.dll
inserted: added application: iexplorebulk
Loaded plugin: Application_Safari.dll
inserted: added application: safari
Driver already loaded: CaptureProcessMonitor
Driver already loaded: CaptureRegistryMonitor
Loaded filter driver: CaptureFileMonitor
---------------------------------------------------------
Start capturing modified files ...
registry: SetValueKey 1284 C:\WINDOWS\explorer.exe -> -1 HKCU\Software\Microsoft
\Internet Explorer\Toolbar\Locked
registry: SetValueKey 1284 C:\WINDOWS\explorer.exe -> -1 HKCU\Software\Microsoft
\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
registry: SetValueKey 1284 C:\WINDOWS\explorer.exe -> -1 HKCU\Software\Microsoft
\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
registry: SetValueKey 1284 C:\WINDOWS\explorer.exe -> -1 HKCU\Software\Microsoft
\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet
registry: SetValueKey 1284 C:\WINDOWS\explorer.exe -> -1 HKCU\Software\Microsoft
\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
registry: SetValueKey 1284 C:\WINDOWS\explorer.exe -> -1 HKCU\Software\Microsoft
\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
registry: SetValueKey 1284 C:\WINDOWS\explorer.exe -> -1 HKCU\Software\Microsoft
\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet
registry: SetValueKey 1284 C:\WINDOWS\explorer.exe -> -1 HKCU\Software\Microsoft
\Internet Explorer\Toolbar\ShellBrowser\{01E04581-4EEE-11D0-BFE9-00AA005B4383}
registry: SetValueKey 1284 C:\WINDOWS\explorer.exe -> -1 HKCU\Software\Microsoft
\Internet Explorer\Toolbar\Explorer\ITBarLayout
process: created 4294967295 UNKNOWN -> C:\WINDOWS\explorer.exe 1708
file: Write 1284 C:\WINDOWS\explorer.exe -> -1 C:\Program Files\Capture\Copy of
COPYING
q
Copying monitored files
Copying file: C:\Program Files\Capture\Copy of COPYING
... done
Resetting hStopEventResetting hStopEventResetting hStopEvent
C:\Program Files\Capture>
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Capture-HPC mailing list Capture-HPC@public.honeynet.org https://public.honeynet.org/mailman/listinfo/capture-hpc
