![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Red Squirrel
[H]F Junkie
- Joined
- Nov 29, 2009
- Messages
- 9,211
I wrote this mini app that basically starts a silent wireshark capture:
If I run it locally or even on a test VM it works fine. On another set of PCs, it does not work. It's very weird.
I'll use psexec to run it and it acts as if it runs, it may create the folder or the log file, but nothing else actually happens. It says that it starts the capture, but it does not. Often nothing happens, then maybe 10 minutes later, I'll see the log file. there is some kind of weird delay or something, but overall it just plain does not work.
Why would it work on some machines, and not on others? All machines have wireshark installed, obviously.
This app is compiled as a "win32 app" (as opposed to "win32 console app") in devc++ in order to hide the console.
Anyone know why it would work on some PCs but not others?
Edit: Meant to post this in Webmastering & Programming section.
Code:
#include <windows.h>
#include <unistd.h>
#include <iostream>
#include <fstream>
using namespace std;
void Exec(string path)
{
unsigned int ret = WinExec(path.c_str(), SW_HIDE);
fstream logfile("c:\\capture\\autocap.log",ios::out | ios::app);
switch(ret)
{
case 0: logfile<<"[The system is out of memory or resources.] "; break;
case ERROR_BAD_FORMAT: logfile<<"[The .exe file is invalid.] "; break;
case ERROR_FILE_NOT_FOUND: logfile<<"[The specified file was not found.] "; break;
case ERROR_PATH_NOT_FOUND: logfile<<"[The specified path was not found.] "; break;
default: logfile<<"["<<ret<<"] ";
}
logfile<<path<<"\r\n";
logfile.close();
}
int main(int argc, char* argv[])
{
//startup stuff:
chdir("c:\\program files\\wireshark\\");
mkdir("c:\\capture");
unlink("c:\\capture\\autocap.log");
//if no argument is specified just print interfaces:
if(argc!=2)
{
//print interfaces
Exec("dumpcap.exe -D >c:\\capture\\interfaces.txt");
return 0;
}
//get interface ID argument
string intid = string(argv[1]);
Exec("date /T > c:\\capture\\date.txt");
string cmd="dumpcap.exe -i " + intid + " -b filesize:131200 -w c:\\capture\\packets.cap";
Exec(cmd);
return 0;
}If I run it locally or even on a test VM it works fine. On another set of PCs, it does not work. It's very weird.
I'll use psexec to run it and it acts as if it runs, it may create the folder or the log file, but nothing else actually happens. It says that it starts the capture, but it does not. Often nothing happens, then maybe 10 minutes later, I'll see the log file. there is some kind of weird delay or something, but overall it just plain does not work.
Why would it work on some machines, and not on others? All machines have wireshark installed, obviously.
This app is compiled as a "win32 app" (as opposed to "win32 console app") in devc++ in order to hide the console.
Anyone know why it would work on some PCs but not others?
Edit: Meant to post this in Webmastering & Programming section.
Last edited: