Netresec released a new Windows network sniffer tool that looks promising: RawCap. It has no winpcap dependencies and with its small 17kB foot print it does not require installing. (Having said that you still need .NET Framework libraries and DLLs.)
Here are the properties of RawCap from their webpage:
- Can sniff any interface that has got an IP address, including 127.0.0.1 (localhost/loopback)
- RawCap.exe is just 17 kB
- No external libraries or DLL’s needed other than .NET Framework 2.0
- No installation required, just download RawCap.exe and sniff
- Can sniff most interface types, including WiFi and PPP interfaces
- Minimal memory and CPU load
- Reliable and simple to use
For downloading and some screenshots and more information click here.
Eğer siz de benim gibi ailenize Amerika`dan ucuz laptoplar getirip ingilizce windows kullanmak zorunda kalıyorsanız, türkçe harfleri bazı durumlarda görüntülemeniz zor olabilir. Bu durumlar için çok basit bir çözüm var.
Start -> Control Panel -> Regional and Language Options seçeneğine gidin. Açılan pencerede Advanced sekmesine klikleyin. Language for non Unicode programs kısmında ise Turkish seçin. Aşağıdaki ekran görüntüsünde olduğu gibi yani. 🙂
From Emre virus labs:
This motherfucker virus was living in my parents` computers. (Since I use Linux I don`t have any as usual…) And it`s a pain in the ass…
What the virus does:
- Shares your drives to the world as PATRON1, PATRON2, etc…
- Copies itself to any writeable devices around you. USB sticks are great examples.
- On a USB drive, it generates an autorun.inf file and a copy of itself. Each time you connect your USB drive it infects your computer again…
- It uses the CPU at least to 70%… Noisy bitch…
How do you know that you are infected:
- Press CTRL+Shift+Esc buttons. You`ll see the activexdebugger32.exe process running.
- You can see a copy of the executable (activexdebugger32.exe) in your USB drives if you enabled the STUPID Windows to show you hidden files.
How to kill the bastard and have a nice smiley day/night (It`s 3am ok?) If you kill your computer i`m not responsible.
- Plugin your USB stick (if you have one)
- Kill the process activexdebugger32.exe
- Delete the activexdebugger32.exe binary. It usually lives under c:windowssystem32 (or c:winntsystem32 depending your Windows installation)
- open regedit. Go to the top of the tree on the left pane. hit F3 (or CTRL+L) to open the search dialog. type, yes you know it, activexdebugger32.exe, NUKE the damn registry entries wherever it`s found. (Search until the end)
- Go to the root folder of your USB stick and delete, yes you`re right again, activexdebugger32.exe and autorun.inf
- Update: Motherfucker leaves more trails… Delete the file NESNELER.EXE (meaning objects.exe in turkish) under c:Documents and SettingsLocal SettingsTemp
- Update: Delete all the files under C:windowssystem32 named: Ijl11.dll, KMON.OCX, KTKBDHK3.DLL, MSWINSCK.OCX, PAC, scrrntr.dll, scrrun.dll
Lastly, fuck microsoft and windows, have a nice life….
Update after 4 months: Damn I was angry when I wrote this. And it was 3 am. The entry was somewhat full of typos so i edited and changed some info. 😛
This is how you find all the domain controllers in Active Directory.
dig +short srv _ldap._tcp.active.domain
here .domain part is your domain. Ex: ad.us.domain.org