Driftnet – View Images From Live Network Traffic


Inspired by EtherPEG, Driftnet is a program which listens to network traffic and picks out images from TCP streams it observes. Fun to run on a host which sees lots of web traffic.

Driftnet

EtherPEG was a program that sniffed for JPEGs passing by on the AirPort networks at MacHack, and showed them on the huge screen to shame people into a) turning the 802.11 encryption on, or b) reducing amount of pr0n they download at weirdo Mac conventions.

Driftnet can do the same for your office, and make an attractive desktop accessory to boot. The program promiscuously sniffs and decodes any JPEG downloaded by anyone on your LAN, displaying it in an attractive, ever changing mosaic of fluffy kittens, oversized navigation buttons, and blurred images of Big Brother Elizabeth fiddling. It’s UNIX only. Your sysadmin is undoubtedly running it already.

Driftnet is in a rather early stage of development. Translation: you may not be able to make it compile, and, if you do, it probably won’t run quite right. To stand a chance of compiling it, you will need libpcap, GTK, libgif/libungif and libjpeg. If you want to play music, you need mpg123 or mpg321 or whatever. So far, driftnet has only been tested — I use the term in its loosest sense — on Linux and Solaris. If you want a Microsoft Windows version, well, go ahead and write one– the libraries you need support Microsoft Windows too.

You can also now use driftnet with Jamie Zawinski’s webcollage, so that it can run as a screen saver.

You can download Driftnet here:

driftnet-0.1.6.tar.gz

Or read more here.

Posted in: Hacking News

, ,


Latest Posts:


Karkinos - Beginner Friendly Penetration Testing Tool Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.
Vulhub - Pre-Built Vulnerable Docker Environments For Learning To Hack Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack
Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands.
LibInjection - Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks.
Grype - Vulnerability Scanner For Container Images & Filesystems Grype – Vulnerability Scanner For Container Images & Filesystems
Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based OS.
APT-Hunter - Threat Hunting Tool via Windows Event Log APT-Hunter – Threat Hunting Tool via Windows Event Log
APT-Hunter is a threat hunting tool for windows event logs made from the perspective of the purple team mindset to provide detection for APT movements hidden in the sea of windows event logs.


6 Responses to Driftnet – View Images From Live Network Traffic

  1. Bogwitch September 7, 2007 at 6:50 pm #

    Nice. This should make real-time monitoring more fun than watching URLs! I don’t think the MPEG audio streams feature will be too useful for me. Support for png and gif might be more useful.

    Now, if only I could find something that will strip out MS Word docs from email traffic. Any ideas anyone?

  2. TheRealDonQuixote September 8, 2007 at 5:16 am #

    Reminds me of that old screensaver called packet fountain. It was cool to watch people’s unencrypted packets pass by, especially when there was a big meeting!!

    This aught to be pretty kewl to try out at your local school of whatever. See if you can catch a teacher looking at naughty pix!!

  3. Sandeep Nain September 8, 2007 at 11:06 am #

    its a cool toy…. its fun to see what other people in the organization are watching… rather than going through the proxy log and finding who accessed the websites which should not have been visited….

  4. CK76 September 9, 2007 at 8:14 am #

    This is a great tool, it’s included on knoppix-std.

  5. Nobody_Holme September 9, 2007 at 11:42 am #

    Great fun… and yet i am SO not running this because i know what my housemates watch in the way of pr0n. :'(

  6. Sir Henry December 15, 2007 at 4:38 pm #

    This is wicked cool. I wonder what will result from running this on my neighbor’s open WAP… >:)