Nmap Development mailing list archives
Re: same issues with this npcap
From: 食肉大灰兔V5 <hsluoyz () gmail com>
Date: Fri, 29 Jul 2016 00:08:52 +0800
Hi Mike, Please do this: 1) Create a Windows loopback adapter based on this: https://social.technet.microsoft.com/Forums/windows/en-US/259c7ef2-3770-4212-8fca-c58936979851/how-to-install-microsoft-loopback-adapter?forum=w7itpronetworking Then look at the result of "nmap --iflist", make sure the new loopback adapter has a "WINDEVICE" value. You can check its IP/MASK for its DEV name. If even the created Windows loopback adapter doesn't have a "WINDEVICE" value, you have to use your eth0 as the "Npcap Loopback Adapter". For your machine, it's: eth0 \Device\NPF_{E6793762-9633-432B-B8A6-B4C2F6AA5179} You record the "WINDEVICE" value like the above "\Device\NPF_{E6793762-9633-432B-B8A6-B4C2F6AA5179}", remove the "NPF_", so you get "\Device\{E6793762-9633-432B-B8A6-B4C2F6AA5179}" 2) Open the registry, replace the following two registry REG_SZ values with the above string (no double quote) 1. HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Npcap\LoopbackAdapter 2. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\npcap\LoopbackAdapter 3) Open an Administrator CMD, enter "net stop npcap" and "net start npcap" to restart the Npcap driver. 4) enter "nmap --iflist" again to look at the result. You should see that the Npcap Loopback Adapter (lo0) has taken the place of the specified "WINDEVICE" value. For the above example, you should see: lo0 \Device\NPF_{E6793762-9633-432B-B8A6-B4C2F6AA5179} If you see this, then this hacking method succeeds. You should be able to normally use commands like "nmap -n -T3 -ttl 64 -d2 -open -Pn -max-retries 1 -F 127.0.0.1" now. Cheers, Yang On Thu, Jul 28, 2016 at 11:01 PM, Mike . <dmciscobgp () hotmail com> wrote:
so im giving up on this. i have an interface supposedly up as you can see here : DEV (SHORT) IP/MASK TYPE UP MTU MAC eth0 (eth0) 192.168.0.16/24 ethernet up 1500 00:1C:25:74:AB:E1 lo0 (lo0) ::1/128 loopback up -1 lo0 (lo0) 127.0.0.1/8 loopback up -1 and yet again NO recognization as far as a created GUID in nmap or wireshark! DEV WINDEVICE eth0 \Device\NPF_{E6793762-9633-432B-B8A6-B4C2F6AA5179} lo0 <none> lo0 <none> <none> \Device\NPF_NdisWanIpv6 <none> \Device\NPF_NdisWanIp maybe you can have someone else test on win 7 because i am now getting a headache Mike (lastly, everytime i go to ENABLE loopback in network connections i get a continuous "identifying..." is that MAC related or what?) _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- same issues with this npcap Mike . (Jul 28)
- Re: same issues with this npcap 食肉大灰兔V5 (Jul 28)