Driftnet – View Images From Live Network Traffic

Inspired by EtherPEG, Driftnet is a program which listens to network traffic and picks out images from TCP streams it observes. Fun to run on a host which sees lots of web traffic.


EtherPEG was a program that sniffed for JPEGs passing by on the AirPort networks at MacHack, and showed them on the huge screen to shame people into a) turning the 802.11 encryption on, or b) reducing amount of pr0n they download at weirdo Mac conventions.

Driftnet can do the same for your office, and make an attractive desktop accessory to boot. The program promiscuously sniffs and decodes any JPEG downloaded by anyone on your LAN, displaying it in an attractive, ever changing mosaic of fluffy kittens, oversized navigation buttons, and blurred images of Big Brother Elizabeth fiddling. It’s UNIX only. Your sysadmin is undoubtedly running it already.

Driftnet is in a rather early stage of development. Translation: you may not be able to make it compile, and, if you do, it probably won’t run quite right. To stand a chance of compiling it, you will need libpcap, GTK, libgif/libungif and libjpeg. If you want to play music, you need mpg123 or mpg321 or whatever. So far, driftnet has only been tested — I use the term in its loosest sense — on Linux and Solaris. If you want a Microsoft Windows version, well, go ahead and write one– the libraries you need support Microsoft Windows too.

You can also now use driftnet with Jamie Zawinski’s webcollage, so that it can run as a screen saver.

You can download Driftnet here:


Or read more here.

Posted in: Hacking News

, ,

Latest Posts:

SecLists - Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells SecLists – Usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place.
DeepSound - Audio Steganography Tool DeepSound – Audio Steganography Tool
DeepSound is an audio steganography tool and audio converter that hides secret data into audio files, the application also enables you to extract from files.
2019 High Severity Vulnerabilities What are the MOST Critical Web Vulnerabilities in 2019?
So what is wild on the web this year? Need to know about the most critical web vulnerabilities in 2019 to protect your organization?
GoBuster - Directory/File & DNS Busting Tool in Go GoBuster – Directory/File & DNS Busting Tool in Go
GoBuster is a tool used to brute-force URIs (directories and files) in web sites and DNS subdomains (inc. wildcards) - a directory/file & DNS busting tool.
BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads
Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.

6 Responses to Driftnet – View Images From Live Network Traffic

  1. Bogwitch September 7, 2007 at 6:50 pm #

    Nice. This should make real-time monitoring more fun than watching URLs! I don’t think the MPEG audio streams feature will be too useful for me. Support for png and gif might be more useful.

    Now, if only I could find something that will strip out MS Word docs from email traffic. Any ideas anyone?

  2. TheRealDonQuixote September 8, 2007 at 5:16 am #

    Reminds me of that old screensaver called packet fountain. It was cool to watch people’s unencrypted packets pass by, especially when there was a big meeting!!

    This aught to be pretty kewl to try out at your local school of whatever. See if you can catch a teacher looking at naughty pix!!

  3. Sandeep Nain September 8, 2007 at 11:06 am #

    its a cool toy…. its fun to see what other people in the organization are watching… rather than going through the proxy log and finding who accessed the websites which should not have been visited….

  4. CK76 September 9, 2007 at 8:14 am #

    This is a great tool, it’s included on knoppix-std.

  5. Nobody_Holme September 9, 2007 at 11:42 am #

    Great fun… and yet i am SO not running this because i know what my housemates watch in the way of pr0n. :'(

  6. Sir Henry December 15, 2007 at 4:38 pm #

    This is wicked cool. I wonder what will result from running this on my neighbor’s open WAP… >:)