mailing list archives
Yang's status report - #8 of 16
From: "veotax" <hsluoyz () qq com>
Date: Tue, 30 Jul 2013 02:41:33 +0800
Hi everyone,Here's my status report for week #8.
After removing numbers of bugs, my new WinPcap driver --npf6x.sys has nearly been finished together with the dll file
packet.dll. This driver is already tested under Windows 8 Professional x86. I opened the Nmap and Wireshark at the same
time for several hours with no crash. Because this driver is for Windows 7 above. Anyone own Windows7/8, Server2008
R2/2012 can help me test this driver. Save your data in case your system suddenly crashes for BSoD.
Here're the instructions of Win7 for testing the driver:
1) Pull the following directory: https://svn.nmap.org/nmap-exp/yang/NPcap-20130730. Find npf6x.sys and npf6x.inf in
dir: packetWin7\npf6x\Win7Debug. Find packet.dll in dir: packetWin7\Dll\Project\Debug No NetMon and AirPcap.
2) Make sure you installed the official WinPcap 4.1.3 package, go to your machine's system32 directory, replace the
original packet.dll with my version.
3) Go to "Control Panel\Network and Internet\Network Connections", open the Properties page of your current connection.
Click the "Install..." button, select "Protocol from the list, click "Add...", Click "Have Disk...", browse the
npf6x.inf file saved before, click "OK", click "OK", if Windows popped up a alert windows, choose to install the driver
4) Open a "Command Prompt", execute "net stop npf" to stop the original WinPcap driver service, then execute "net start
npf" to start our new WinPcap driver service. You can see "WinPcap NDIS 6.x Driver" words when you starting the new
5) Now our new driver will be invoked when you use Nmap or Wireshark. You can This driver can work just like the
original one in functionalities. But it can achieve higher efficiency because Win7/Win8 supports the new driver better.
Accomplishments: * Finished the migration job of WinPcap from NDIS5.0 to NDIS6.2. Priorities: * Construct a friendly
Win7 debugging environment, I already have a Win7 VMware virtual machine on my host, but after opening this virtual
machine, my host will be too slow to work. So I will prepare a real machine for debugging, and buy some kind of
IEEE1394 line for two-machine debugging. * Remove bugs of npf6x.sys and packet.dll under Win7 and Win8.
* Do other remaining tasks. * Have a meeting with my mentor for the next step.
Cheers, Yang Luo http://veotax.com
Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/
- Yang's status report - #8 of 16 veotax (Jul 29)