Romm Posted February 6, 2008 Share Posted February 6, 2008 How to interact WinDump and AutoIT? :/ (how to "read" WinDump in AutoIt) And for example how this will look in AutoIt? tcpdump 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' Im new here Link to comment Share on other sites More sharing options...
Romm Posted February 6, 2008 Author Share Posted February 6, 2008 Guys please help Link to comment Share on other sites More sharing options...
erezlevi Posted February 6, 2008 Share Posted February 6, 2008 Guys please help well I tried to use windump but the file attached is the output result, can't see how to convert it to ASCII. Link to comment Share on other sites More sharing options...
Romm Posted February 6, 2008 Author Share Posted February 6, 2008 I got something like this...ФГІЎ яя §G_ < < яяяяяя 1шЎ3 1шЎ3Ь! Ь- §GД k k 1шЎ3 lйю№ E ]/u ЂХTе}ГФЙ·"№ I !_±W тj^ы ajiМv:·Q%лJбСёО8#ёoY6ІQyЛЩ?#ШЖхћџ`#¦Хє;ВeMt~§Gt¶ > > 1шЎ3 lйю№ E 0/v ЂХGTе}ГФЙ·"№ +А! УЫ §GИ < < lйю№ 1шЎ3 E &Can you just copy/past script here? Link to comment Share on other sites More sharing options...
Romm Posted February 7, 2008 Author Share Posted February 7, 2008 bump Link to comment Share on other sites More sharing options...
erezlevi Posted February 7, 2008 Share Posted February 7, 2008 hi Romm, sorry for not answering, I saw your private message...here:first use this:http://wiki.tibbo.net/doku.php/windumpautoit:run ("cmd") sleep (500) send ("cd\") send ("{enter}") send ("c:\windump.exe -i 5 -X -x -s 400 ip host 9.164.185.11 > erezlog.txt") send ("{enter}") sleep (10000) send ("{^c}") sleep (500) Run ("notepad C:\erezlog.txt")output of file attached! Link to comment Share on other sites More sharing options...
Romm Posted February 8, 2008 Author Share Posted February 8, 2008 Ok now i use this Run(@ComSpec & " /c windump.exe > erezlog.txt") The problem is that WinDump stops WinDump.exe : Listening on \Device..... If i use Run(@ComSpec & " /c windump.exe")All is ok, but i need write to log. Link to comment Share on other sites More sharing options...
erezlevi Posted February 8, 2008 Share Posted February 8, 2008 Ok now i use this Run(@ComSpec & " /c windump.exe > erezlog.txt") The problem is that WinDump stops WinDump.exe : Listening on \Device..... If i use All is ok, but i need write to log. well I don't think it will work that way, this is why I used "Send" commands. Link to comment Share on other sites More sharing options...
Romm Posted February 9, 2008 Author Share Posted February 9, 2008 I got same result using run ("cmd") sleep (500) send ("cd\") send ("{enter}") send ("c:\windump.exe > erezlog.txt") send ("{enter}") sleep (10000) send ("{^c}") sleep (500) Run ("notepad C:\erezlog.txt") Link to comment Share on other sites More sharing options...
erezlevi Posted February 9, 2008 Share Posted February 9, 2008 I got same result using run ("cmd") sleep (500) send ("cd\") send ("{enter}") send ("c:\windump.exe > erezlog.txt") send ("{enter}") sleep (10000) send ("{^c}") sleep (500) Run ("notepad C:\erezlog.txt") well did you read the windump.exe help file? start with: Windump.exe -D to see where is your interface, and then use -X -x -s 400 to get 400 bytes of data payload including TCP header and then put your IP address like "ip host 9.164.185.11 > erezlog.txt" and the filename at the end. Link to comment Share on other sites More sharing options...
DeepakVimalnath Posted July 13, 2009 Share Posted July 13, 2009 Hi Bro, PLease can u explain my the commands once again, as i cant able to obtain results when I used the below commands... i just a want a output of windump in areadable format... windump -X -x 500 IP host 192.168.1.109 > filename.txt Cheers, Deepak. hi Romm, sorry for not answering, I saw your private message... here: first use this: http://wiki.tibbo.net/doku.php/windump autoit: run ("cmd") sleep (500) send ("cd\") send ("{enter}") send ("c:\windump.exe -i 5 -X -x -s 400 ip host 9.164.185.11 > erezlog.txt") send ("{enter}") sleep (10000) send ("{^c}") sleep (500) Run ("notepad C:\erezlog.txt") output of file attached! Link to comment Share on other sites More sharing options...
lsakizada Posted August 4, 2009 Share Posted August 4, 2009 Hi Bro,PLease can u explain my the commands once again, as i cant able to obtain results when I used the below commands... i just a want a output of windump in areadable format...windump -X -x 500 IP host 192.168.1.109 > filename.txtCheers,Deepak.Read the manual here:http://www.winpcap.org/windump/docs/manual.htm Be Green Now or Never (BGNN)! Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now