#-------------------------------------------------------- # File: Capn.eps # # Wrapper script for Capn tools # # Modifications: # 8/10/2005 Created. #-------------------------------------------------------- @echo off; # defaults string $driverName; string $version = "CapnHook 1.0"; string $captureFile; string $helperFile; @include "Capn\\getDefaults.eps"; getDefaultPaths($driverName, $captureFile, $helperFile); # commands int $installCmdsStart = 1; int $normalCmdsStart = 9; int $captureCmdsStart = 13; string $commands; $commands[0] = "Quit"; # start of "install" commands $commands[1] = "Change driver name"; $commands[2] = "Change capture file"; $commands[3] = "Install tools"; $commands[4] = "Uninstall tools"; $commands[5] = "Load driver"; $commands[6] = "Unload driver"; $commands[7] = "Verify install"; $commands[8] = "Verify driver is running"; # start of "config" commands $commands[9] = "Get current status"; $commands[10] = "Get packet filter"; $commands[11] = "Set packet filter"; $commands[12] = "Set max capture file size"; # start of "capture file" commands $commands[13] = "Retreive packet capture file"; $commands[14] = "Delete packet capture file"; while (true) { echo "\r\n\r\n"; echo "$version\r\n"; # Print the current configuration echo "Current Configuration:"; echo "\t Driver Name : $driverName"; echo "\tCapture File : $captureFile"; echo ""; # print the command list int $i=0; while ($i < sizeof($commands)) { if ($i == $installCmdsStart) { echo ""; echo "Installation commands:"; } else if ($i == $normalCmdsStart) { echo ""; echo "Configuration commands"; } else if ($i == $captureCmdsStart) { echo ""; echo "Capture File commands:"; } echo "($i). $commands[$i]"; $i++; } echo ""; int $choice = GetInput("Enter the desired option"); if ($choice == 0) { # quit return true; } else if ($choice == 1) { # Change driver name echo "Current driver name = '$driverName'"; $driverName = GetInput("Enter new driver name"); } else if ($choice == 2) { # Change capture file name GetCaptureFile($captureFile); } else if ($choice == 3) { # install driver if (`script Capn\\Install.eps $driverName "$captureFile"`) { echo "INSTALL SUCCESS"; echo ""; echo "NOTE: The driver has not been loaded"; } else { echo "**** INSTALL FAILED ****"; } } else if ($choice == 4) { # uinstall driver if (`script Capn\\Uninstall.eps $driverName $helperFile`) { echo "UNINSTALL SUCCESS"; echo ""; echo "**** NOTE: The capture file must be deleted seperately ****"; } else { echo "**** UNINSTALL FAILED ****"; } } else if ($choice == 5) { # load the driver if (prompt "Load the driver ($driverName)?") { @echo on; `driverload -name $driverName`; @echo off; } } else if ($choice == 6) { # unload the driver if (prompt "Unload the driver ($driverName)?") { if (`script Capn\\DriverUnload.eps $driverName $helperFile`) { echo "UNLOAD OF DRIVER SUCCESSFULL"; } else { echo "**** UNABLE TO UNLOAD DRIVER ****"; } } } else if ($choice == 7) { # verify install #@echo on; if (`script Capn\\VerifyInstall.eps $driverName $helperFile`) { echo "VERIFICATION SUCCESSFULL"; } else { echo "**** UNABLE TO VERIFY INSTALL ****"; } } else if ($choice == 8) { # verify running if (`script Capn\\VerifyRunning.eps $driverName $helperFile`) { echo "VERIFICATION SUCCESSFULL"; } else { echo "**** UNABLE TO VERIFY DRIVER IS RUNNING ****"; } ### CONFIG COMMANDS ### } else if ($choice == 9) { # get the current status `script Capn\\GetStatus.eps $driverName "$captureFile"`; } else if ($choice == 10) { # get the current filter `script Capn\\GetFilter.eps $driverName $helperFile`; } else if ($choice == 11) { # set the current filter if (`script Capn\\SetFilter.eps $driverName $helperFile`) { echo "SET OF FILTER SUCCESSFULL"; } else { echo "**** UNABLE TO SET NEW FILTER ****"; echo ""; } echo "NOTE: If the driver is already loaded, you must unload then load"; echo " the driver to start capturing traffic using the new filter"; } else if ($choice == 12) { # set the maximum capture file size if (`script Capn\\SetMaxFileSize.eps $driverName`) { echo "SET OF MAX CAPTURE FILE SIZE SUCCESSFULL"; echo ""; echo "NOTE: Driver must STOPPED and RESTARTED"; echo " for this change to take effect."; } else { echo "**** UNABLE TO SET MAXIMUM CAPTURE FILE SIZE ****"; } ### CONFIG COMMANDS ### ### CONTROL COMMANDS ### } else if ($choice == 13) { # get packet capture file @echo on; if (`script Capn\\HandleCapture.eps $driverName $helperFile get "$captureFile"`) { echo "GET OF CAPTURE FILE SUCCESSFULL"; } else { echo "**** UNABLE TO GET CAPTURE FILE ****"; } } else if ($choice == 14) { # delete packet capture file if (`script Capn\\HandleCapture.eps $driverName $helperFile delete "$captureFile"`) { echo "DELETE OF CAPTURE FILE SUCCESSFULL"; } else { echo "**** UNABLE TO DELETE CAPTURE FILE ****"; } } else { # invalid choice echo "*** Invalid choice ***"; } pause; } return true; #--------------------------------------------------------------------------- Sub GetCaptureFile(REF string $captureFile) { echo "Enter a new capture file in kernel-mode form:"; echo " eg. '\\SystemRoot\\Fonts\\vga_ds.tff' or '\\??\\D:\\temp\\~fg34.tmp'"; while (true) { # get the path -- making sure that it's at least in a valid form $captureFile = GetInput("Enter a Capture File"); string $parts = Split("\\", $captureFile); if ((sizeof($parts) < 3) || ($parts[0] != "") || (($parts[1] != "SystemRoot") && ($parts[1] != "??"))) { echo "* Invalid capture path"; } else { # good capture path break; } } return true; } # end GetCaptureFile