I want to sniff network packets without wincap library, kindly give me some hints or direction so that I can make it possible.
A:
You could start to do kernel level programming and catch there the packets. This is for sure complicated but you'll learn much.
Quonux
2010-07-16 12:09:53
Catching packets using netfilter hooks in the kernel is a pain.Catching packets in a huge sized, non documented and closed kernel as the Microsoft one is shooting yourself in a foot.IMHO of course.
thesp0nge
2010-07-16 14:03:31
+8
A:
You know, libpcap exists for a reason: It does something that's necessary.
You need to set up a system-level hook for TCP/IP events, and the way global hooks work means you need to do this from a DLL.
Having hooked those events, you have to figure out the contents of the packets you get.
Are you sure you want to re-invent this wheel?
I found some introductory info on hooking Windows events here.
Carl Smotricz
2010-07-16 12:12:59