Yang's Status Report - #4 of 17

[食肉大灰兔V5 <hsluoyz () gmail com>]

Hi all,



Accomplishments:

* Test the bug reported by Rapid7 about winpcap-nmap-4.13.exe.

I wrote a bat to test it: (npcap_test_bug2.bat)


start winpcap-nmap-4.13.exe /S
start windump -i 4
nmap -v -A -T4 192.168.0.1


When running npcap_test_bug2.bat for:

the 1st time, windump will crash for lacking wpcap.dll, nmap runs well.

the 2nd time, windump crashes, sometimes nmap stopped for lacking the driver.


This is because "winpcap-nmap-4.13.exe /S" command will uninstall the
winpcap if winpcap already exists. And windump and nmap will exit as
winpcap is uninstalled. Maybe this is the cause, because if the user
has already installed the winpcap, then Rapid7 running
"winpcap-nmap-4.13.exe /S" will uninstall the driver.


I didn't see the system reboot happening. And if we install the
winpcap again, all things will recover.



* Signed the NPcap driver with the DigiCert certificate provided by fyodor.


* Modify NPFInstall to support old npf.sys driver installing and uninstalling.


* Evacuate my old SVN repo.



Priorities:

* Discuss whether to offer an npcap_* API and whether we can install
and work alongside winpcap or if users can only have winpcap or npcap
installed at a time.

* Have a meeting with fyodor for the next step.

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/