Home page logo

nmap-dev logo Nmap Development mailing list archives

Yang's status report - #8 of 16
From: "veotax" <hsluoyz () qq com>
Date: Tue, 30 Jul 2013 02:41:33 +0800

Hi everyone,Here's my status report for week #8.
After removing numbers of bugs, my new WinPcap driver --npf6x.sys has nearly been finished together with the dll file 
packet.dll. This driver is already tested under Windows 8 Professional x86. I opened the Nmap and Wireshark at the same 
time for several hours with no crash. Because this driver is for Windows 7 above. Anyone own Windows7/8, Server2008 
R2/2012 can help me test this driver. Save your data in case your system suddenly crashes for BSoD.
Here're the instructions of Win7 for testing the driver:
1) Pull the following directory: https://svn.nmap.org/nmap-exp/yang/NPcap-20130730. Find npf6x.sys and npf6x.inf in 
dir: packetWin7\npf6x\Win7Debug. Find packet.dll in dir: packetWin7\Dll\Project\Debug No NetMon and AirPcap.
2)  Make sure you installed the official WinPcap 4.1.3 package, go to your machine's system32 directory, replace the 
original packet.dll with my version.
3) Go to "Control Panel\Network and Internet\Network Connections", open the Properties page of your current connection. 
Click the "Install..." button, select "Protocol from the list, click "Add...", Click "Have Disk...", browse the 
npf6x.inf file saved before, click "OK", click "OK", if Windows popped up a alert windows, choose to install the driver 
4) Open a "Command Prompt", execute "net stop npf" to stop the original WinPcap driver service, then execute "net start 
npf" to start our new WinPcap driver service. You can see "WinPcap NDIS 6.x Driver" words when you starting the new 
5) Now our new driver will be invoked when you use Nmap or Wireshark. You can This driver can work just like the 
original one in functionalities. But it can achieve higher efficiency because Win7/Win8 supports the new driver better.

Accomplishments: * Finished the migration job of WinPcap from NDIS5.0 to NDIS6.2. Priorities: * Construct a friendly 
Win7 debugging environment, I already have a Win7 VMware virtual machine on my host, but after opening this virtual 
machine, my host will be too slow to work. So I will prepare a real machine for debugging, and buy some kind of 
IEEE1394 line for two-machine debugging. * Remove bugs of npf6x.sys and packet.dll under Win7 and Win8.
* Do other remaining tasks. * Have a meeting with my mentor for the next step.
Cheers, Yang Luo http://veotax.com
Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
  • Yang's status report - #8 of 16 veotax (Jul 29)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]