mailing list archives
Yang's status report - #16 of 16
From: "veotax" <hsluoyz () qq com>
Date: Tue, 24 Sep 2013 01:31:22 +0800
Here's my status report for the last week. I am very happy to have worked together with you guys last three months. I
learnt a lot from my mentor Fyodor.I had great time chatting with Jacek and many other friends. And I will be busy
looking for a job these months:)
I have finished a WFP (Windows Filter Platform) prototype this week. NetDump is a packet capturing software just like
Wireshark. While it can sniffle loopback packets. It can display specified packets based on the filters. So if you want
to only capture loopback ICMP packets, you can use the command:
NetDump.exe "icmp and (ip.DstAddr == 127.0.0.1 or ip.SrcAddr == 127.0.0.1)"
PacketInjecter is a packet injecter. It can send loopback ICMP packets when running. So you can open the NetDump for
capturing, then open PacketInjecter to send loopback ICMP packets.
This prototype is for the loopback packet missing problem for the current WinPcap. The most obvious drawback of the
original WinPcap on Nmap is that Nmap cannot test the machine itself. I hope someone could integrate this prototype
within the LWF version WinPcap (NPcap)
The WFP prototype:
The entire code base:
The installer only:
* Finished the WFP prototype.
* Have a meeting with my mentor.
Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/
- Yang's status report - #16 of 16 veotax (Sep 23)