Romm Posted February 6, 2008 Posted February 6, 2008 How to interact WinDump and AutoIT? :/ (how to "read" WinDump in AutoIt) And for example how this will look in AutoIt? tcpdump 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' Im new here
erezlevi Posted February 6, 2008 Posted February 6, 2008 Guys please help well I tried to use windump but the file attached is the output result, can't see how to convert it to ASCII.
Romm Posted February 6, 2008 Author Posted February 6, 2008 I got something like this...ФГІЎ яя §G_ < < яяяяяя 1шЎ3 1шЎ3Ь! Ь- §GД k k 1шЎ3 lйю№ E ]/u ЂХTе}ГФЙ·"№ I !_±W тj^ы ajiМv:·Q%лJбСёО8#ёoY6ІQyЛЩ?#ШЖхћџ`#¦Хє;ВeMt~§Gt¶ > > 1шЎ3 lйю№ E 0/v ЂХGTе}ГФЙ·"№ +А! УЫ §GИ < < lйю№ 1шЎ3 E &Can you just copy/past script here?
erezlevi Posted February 7, 2008 Posted February 7, 2008 hi Romm, sorry for not answering, I saw your private message...here:first use this:http://wiki.tibbo.net/doku.php/windumpautoit:run ("cmd") sleep (500) send ("cd\") send ("{enter}") send ("c:\windump.exe -i 5 -X -x -s 400 ip host 9.164.185.11 > erezlog.txt") send ("{enter}") sleep (10000) send ("{^c}") sleep (500) Run ("notepad C:\erezlog.txt")output of file attached!
Romm Posted February 8, 2008 Author Posted February 8, 2008 Ok now i use this Run(@ComSpec & " /c windump.exe > erezlog.txt") The problem is that WinDump stops WinDump.exe : Listening on \Device..... If i use Run(@ComSpec & " /c windump.exe")All is ok, but i need write to log.
erezlevi Posted February 8, 2008 Posted February 8, 2008 Ok now i use this Run(@ComSpec & " /c windump.exe > erezlog.txt") The problem is that WinDump stops WinDump.exe : Listening on \Device..... If i use All is ok, but i need write to log. well I don't think it will work that way, this is why I used "Send" commands.
Romm Posted February 9, 2008 Author Posted February 9, 2008 I got same result using run ("cmd") sleep (500) send ("cd\") send ("{enter}") send ("c:\windump.exe > erezlog.txt") send ("{enter}") sleep (10000) send ("{^c}") sleep (500) Run ("notepad C:\erezlog.txt")
erezlevi Posted February 9, 2008 Posted February 9, 2008 I got same result using run ("cmd") sleep (500) send ("cd\") send ("{enter}") send ("c:\windump.exe > erezlog.txt") send ("{enter}") sleep (10000) send ("{^c}") sleep (500) Run ("notepad C:\erezlog.txt") well did you read the windump.exe help file? start with: Windump.exe -D to see where is your interface, and then use -X -x -s 400 to get 400 bytes of data payload including TCP header and then put your IP address like "ip host 9.164.185.11 > erezlog.txt" and the filename at the end.
DeepakVimalnath Posted July 13, 2009 Posted July 13, 2009 Hi Bro, PLease can u explain my the commands once again, as i cant able to obtain results when I used the below commands... i just a want a output of windump in areadable format... windump -X -x 500 IP host 192.168.1.109 > filename.txt Cheers, Deepak. hi Romm, sorry for not answering, I saw your private message... here: first use this: http://wiki.tibbo.net/doku.php/windump autoit: run ("cmd") sleep (500) send ("cd\") send ("{enter}") send ("c:\windump.exe -i 5 -X -x -s 400 ip host 9.164.185.11 > erezlog.txt") send ("{enter}") sleep (10000) send ("{^c}") sleep (500) Run ("notepad C:\erezlog.txt") output of file attached!
lsakizada Posted August 4, 2009 Posted August 4, 2009 Hi Bro,PLease can u explain my the commands once again, as i cant able to obtain results when I used the below commands... i just a want a output of windump in areadable format...windump -X -x 500 IP host 192.168.1.109 > filename.txtCheers,Deepak.Read the manual here:http://www.winpcap.org/windump/docs/manual.htm Be Green Now or Never (BGNN)!
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now