{"id":465,"date":"2007-03-08T04:39:47","date_gmt":"2007-03-08T04:39:47","guid":{"rendered":"https:\/\/www.darknet.org.uk\/2007\/03\/preplay-a-pcap-network-traffic-replay-tool-for-windows\/"},"modified":"2015-09-09T19:40:17","modified_gmt":"2015-09-09T11:40:17","slug":"preplay-a-pcap-network-traffic-replay-tool-for-windows","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2007\/03\/preplay-a-pcap-network-traffic-replay-tool-for-windows\/","title":{"rendered":"PReplay – A pcap Network Traffic Replay Tool for Windows"},"content":{"rendered":"

There are not many good tools for replaying traffic, most people use WireShark (formely known as Ethereal) for capturing the traffic, but what happens if you want to take that capture and reply it over the wire?<\/p>\n

Someone has this problem so they decided to code their own solution, thankfully for us! There are quite a few tools to do this for *nix based systems but none for Windows, so here we go, a traffic replay tool for the Windows platform!<\/p>\n

PReplay is a utility to replay captured data over the network, its main feature is that it will record the time difference between two packets (not very accurately but it works for micro\/millisecond difference) it reads the capture file and then determines the time difference for the next packet.<\/p>\n

You can give list of capture file which you want to send in the Preplay.ini in the [SendingFileName] section as below:<\/p>\n

1=IPDump.cap\r\n2=IPDump2.cap<\/code><\/pre>\n
Semicolon (;) is used for commenting a line you don’t want the program to read, so you can
\ncomment out the file name which you don’t want to send like this:<\/p>\n