Search This Blog

Friday, July 22, 2011

RawCap: A Command Line Network Sniffer for Windows!

RawCap is a free command line network sniffer for Windows that users raw sockets. This means that you wont need external drivers such as WinPcap anymore! It can also sniff WiFi networks! All
this in a file that is just 17kb.



You might ask what good this might do to me. The answer is simple. If you find a way to compromise a perimeter devices running Windows, you can upload this small utility there and then view the dump file at your own leisure to sniff their internal traffic! Since it works at the raw sockets, you can sniff anything - right from a SSL connection to WPA2 encrypted WiFi conection. This can helpful to incident responders and penetration testers at the same time.

  • Features of RawCap:
  • Can sniff any interface that has got an IP address, including 127.0.0.1 (localhost/loopback)
  • RawCap.exe is just 17 kB
  • No external libraries or DLL’s needed other than .NET Framework 2.0
  • No installation required, just download RawCap.exe and sniff
  • Can sniff most interface types, including WiFi and PPP interfaces
  • Minimal memory and CPU load
  • Reliable and simple to use

You will need to have administrator privileges to run RawCap. Additionally, it might not run on a Windows 7 or Windows Vista machine.

or simply run
 
RawCap.exe 192.168.0.17 dumpfile.pcap

This tool has been currently tested on Windows XP.



Download RawCap from here: Download

Add To Google BookmarksStumble ThisFav This With TechnoratiAdd To Del.icio.usDigg ThisAdd To RedditTwit ThisAdd To FacebookAdd To Yahoo

0 comments:

Post a Comment