Jump to content

Network Connections Viewer


Recommended Posts

  • Replies 63
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

There are situation when you know something is going off from or to your computer and you have no idea what that is or who's doing that. On the other hand, sometimes you are just curious to know (I kn

If you can put your brain in my head, I will do it! I'm a noob in this kind of stuff! But I will try it anyway. Don't expect a successfull result... UEZ

Well now since this has been bumped, I was wondering. Is there a way to get process receive/send bytes over network like procexp?

There are situation when you know something is going off from or to your computer and you have no idea what that is or who's doing that. On the other hand, sometimes you are just curious to know (I know I am) what's cooking.

Scrip below is analyzing every connection that your machine have. Either TCP or UDP. It'll give you port numbers, IP addresses, names of the processes issuing connections, their PIDs, connection statuses, and hints on protocols for used ports (so that you know roughly what that connection is or could be).

Script:

Many thanks!! I've always wondered what was going on when the drive activity light was on and I wasn't doing anything. I always wondered if there was something connecting to my PC without my knowledge!

Avian

A millihelen is the amount of beauty required to launch one ship.

Link to post
Share on other sites

The library has been updated.

I'm kidding :)

New script attached.

More informations available for endpoints. 'Elevated Mode' button is now showing its purpose when needed.

With this script I've assimilated a couple of functions written by Manko and wraithdu. They are rewritten to look the way I like it. I fixed Manko's (there were a bug with trying to access unavailable space causing a random crash).

So, what was the joke in the intro? I bet you don't know ;)

♡♡♡

.

eMyvnE

Link to post
Share on other sites

Very nice code demonstration again! :)

Btw, you can use netstat -na to get these information from cmd but from your tool it is much more comfortable and it has more infomation.

UEZ

*****

Edited by UEZ

Please don't send me any personal message and ask for support! I will not reply!

Selection of finest graphical examples at Codepen.io

The own fart smells best!
Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!
¯\_(ツ)_/¯  ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ

Link to post
Share on other sites

Thanks UEZ.

And a joke?

Btw, netstat.exe is, among others, using functions InternalGetTcpTableWithOwnerModule and InternalGetUdpTableWithOwnerModule but I couldn't find any documentation for those two even though they sound smart.

Never mind, going around sometimes is not that bad.

♡♡♡

.

eMyvnE

Link to post
Share on other sites

Ran it, nothing happened. Windows 7 x64, just a heads up.

How did you run it? With F5 in SciTE or double click?

If yes, then indeed it is crashing in x64 mode! I got error code: AutoIT3.exe ended.rc:-1073741819

I got German version and this is the crash info:

Problemsignatur:

Problemereignisname: APPCRASH

Anwendungsname: AutoIt3_x64.exe

Anwendungsversion: 3.3.0.0

Anwendungszeitstempel: 4951fa01

Fehlermodulname: AutoIt3_x64.exe

Fehlermodulversion: 3.3.0.0

Fehlermodulzeitstempel: 4951fa01

Ausnahmecode: c0000005

Ausnahmeoffset: 0000000000018660

Betriebsystemversion: 6.1.7600.2.0.0.256.1

Gebietsschema-ID: 1031

Zusatzinformation 1: d9e9

Zusatzinformation 2: d9e98e26e5862e4b8c1835bc653abe12

Zusatzinformation 3: 1735

Zusatzinformation 4: 1735faf7dba7c27eea43b7a3330f19b3

But if you compile it and start it afterwards it is working because it will started as x32 not x64 native version!

UEZ

Edited by UEZ

Please don't send me any personal message and ask for support! I will not reply!

Selection of finest graphical examples at Codepen.io

The own fart smells best!
Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!
¯\_(ツ)_/¯  ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ

Link to post
Share on other sites

Probably function Func _ProcessList() is causing "access violation" in for next loop

For $i = 1 To $aCall[5]

        $tWTS_PROCESS_INFO = DllStructCreate("dword SessionId;" & _
                "dword ProcessId;" & _
                "ptr ProcessName;" & _
                "ptr UserSid", _
                $aCall[4] + ($i - 1) * 16) ; looping thru structures

        $pString = DllStructGetData($tWTS_PROCESS_INFO, "ProcessName")
        $iStringLen = _PtrStringLenW($pString)
        $aOut[$i][0] = DllStructGetData(DllStructCreate("wchar[" & $iStringLen + 1 & "]", $pString), 1)
        $aOut[$i][1] = DllStructGetData($tWTS_PROCESS_INFO, "ProcessId")
        $aOut[$i][2] = _AccountName(DllStructGetData($tWTS_PROCESS_INFO, "UserSid"))

    Next

Maybe other functions are also not working but this is the 1st one!

UEZ

Edited by UEZ

Please don't send me any personal message and ask for support! I will not reply!

Selection of finest graphical examples at Codepen.io

The own fart smells best!
Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!
¯\_(ツ)_/¯  ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ

Link to post
Share on other sites

If you can put your brain in my head, I will do it! I'm a noob in this kind of stuff!

But I will try it anyway. Don't expect a successfull result...

UEZ

Please don't send me any personal message and ask for support! I will not reply!

Selection of finest graphical examples at Codepen.io

The own fart smells best!
Her 'sikim hıyar' diyene bir avuç tuz alıp koşma!
¯\_(ツ)_/¯  ٩(●̮̮̃•̃)۶ ٩(-̮̮̃-̃)۶ૐ

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...