Driftnet – View Images From Live Network Traffic


Inspired by EtherPEG, Driftnet is a program which listens to network traffic and picks out images from TCP streams it observes. Fun to run on a host which sees lots of web traffic.

Driftnet

EtherPEG was a program that sniffed for JPEGs passing by on the AirPort networks at MacHack, and showed them on the huge screen to shame people into a) turning the 802.11 encryption on, or b) reducing amount of pr0n they download at weirdo Mac conventions.

Driftnet can do the same for your office, and make an attractive desktop accessory to boot. The program promiscuously sniffs and decodes any JPEG downloaded by anyone on your LAN, displaying it in an attractive, ever changing mosaic of fluffy kittens, oversized navigation buttons, and blurred images of Big Brother Elizabeth fiddling. It’s UNIX only. Your sysadmin is undoubtedly running it already.

Driftnet is in a rather early stage of development. Translation: you may not be able to make it compile, and, if you do, it probably won’t run quite right. To stand a chance of compiling it, you will need libpcap, GTK, libgif/libungif and libjpeg. If you want to play music, you need mpg123 or mpg321 or whatever. So far, driftnet has only been tested — I use the term in its loosest sense — on Linux and Solaris. If you want a Microsoft Windows version, well, go ahead and write one– the libraries you need support Microsoft Windows too.

You can also now use driftnet with Jamie Zawinski’s webcollage, so that it can run as a screen saver.

You can download Driftnet here:

driftnet-0.1.6.tar.gz

Or read more here.

Posted in: Hacking News

, ,


Latest Posts:


GitLab Watchman - Audit Gitlab For Sensitive Data & Credentials GitLab Watchman – Audit Gitlab For Sensitive Data & Credentials
GitLab Watchman is an app that uses the GitLab API to audit GitLab for sensitive data and credentials exposed internally, this includes code, commits, wikis etc
GKE Auditor - Detect Google Kubernetes Engine Misconfigurations GKE Auditor – Detect Google Kubernetes Engine Misconfigurations
GKE Auditor is a Java-based tool to detect Google Kubernetes Engine misconfigurations, it aims to help security & dev teams streamline the configuration process
zANTI - Android Wireless Hacking Tool Free Download zANTI – Android Wireless Hacking Tool Free Download
zANTI is an Android Wireless Hacking Tool that functions as a mobile penetration testing toolkit that lets you assess the risk level of a network using mobile.
HELK - Open Source Threat Hunting Platform HELK – Open Source Threat Hunting Platform
The Hunting ELK or simply the HELK is an Open-Source Threat Hunting Platform with advanced analytics capabilities such as SQL declarative language, graphing etc
trape - OSINT Analysis Tool For People Tracking Trape – OSINT Analysis Tool For People Tracking
Trape is an OSINT analysis tool, which allows people to track and execute intelligent social engineering attacks in real-time.
Fuzzilli - JavaScript Engine Fuzzing Library Fuzzilli – JavaScript Engine Fuzzing Library
Fuzzilii is a JavaScript engine fuzzing library, it's a coverage-guided fuzzer for dynamic language interpreters based on a custom intermediate language.


6 Responses to Driftnet – View Images From Live Network Traffic

  1. Bogwitch September 7, 2007 at 6:50 pm #

    Nice. This should make real-time monitoring more fun than watching URLs! I don’t think the MPEG audio streams feature will be too useful for me. Support for png and gif might be more useful.

    Now, if only I could find something that will strip out MS Word docs from email traffic. Any ideas anyone?

  2. TheRealDonQuixote September 8, 2007 at 5:16 am #

    Reminds me of that old screensaver called packet fountain. It was cool to watch people’s unencrypted packets pass by, especially when there was a big meeting!!

    This aught to be pretty kewl to try out at your local school of whatever. See if you can catch a teacher looking at naughty pix!!

  3. Sandeep Nain September 8, 2007 at 11:06 am #

    its a cool toy…. its fun to see what other people in the organization are watching… rather than going through the proxy log and finding who accessed the websites which should not have been visited….

  4. CK76 September 9, 2007 at 8:14 am #

    This is a great tool, it’s included on knoppix-std.

  5. Nobody_Holme September 9, 2007 at 11:42 am #

    Great fun… and yet i am SO not running this because i know what my housemates watch in the way of pr0n. :'(

  6. Sir Henry December 15, 2007 at 4:38 pm #

    This is wicked cool. I wonder what will result from running this on my neighbor’s open WAP… >:)