Hello all, You're all probably getting tired of me writing to this mailing list asking questions about remote packet sniffing and such, and for that I apologize. I think having the capability to sniff traffic from a compromised host and being able to send that sniffed traffic back via a channel would be an invaluable tool for anyone and everyone. However, I also realize that I might be the only one to think so. :)
I would love to be able to write an addition to the Meterpreter Net extension that provides this sniffing feature. I found a packet sniffing SDK that looks to make it possible to be able to create a self-contained executable that doesn't rely on libpcap at all (it's the SDK used in the stand-alone version of tcpdump for Windows). While I'm a pretty avid Ruby developer, I'm not much of a C developer. :( Can someone take a look at the SDK I found and let me know if it could be used for this? If so, I'll take the time to see if I can develop an extension on my own (hopefully with help from this list when needed :). http://www.microolap.com/products/network/pssdk/ -- Thanks! Bryan
_______________________________________________ Framework-Hackers mailing list Framework-Hackers@spool.metasploit.com http://spool.metasploit.com/mailman/listinfo/framework-hackers
