#! c:\perl\bin\perl.exe use strict; use Win32::Lanman; my(@state) = ("", "Stopped", "Start_Pending", "Stop_Pending", "Running", "Continue_Pending", "Pause_Pending", "Paused"); my(@startup) = ("", "", "Automatic", "Manual", "Disabled"); my $server = shift || Win32::NodeName; print "\nSniffer Detector, by H. Carvey (keydet89\@yahoo.com)\n\n"; my @services; if (Win32::Lanman::EnumServicesStatus("\\\\$server","", &SERVICE_DRIVER,&SERVICE_STATE_ALL,\@services)) { foreach my $service (@services) { my %info; if (Win32::Lanman::QueryServiceConfig("\\\\$server","",${$service}{name},\%info)) { if ($info{filename} =~ m/packet\.sys$/i) { print "Packet capture device driver detected!\n\n"; print "Display Name : ${$service}{display}\n"; print "Service Name : ${$service}{name}\n"; print "State : ".$state[${$service}{state}]."\n"; print "Filename : $info{filename}\n"; print "Startup : ".$startup[$info{start}]."\n"; } } else { my $err = Win32::FormatMessage Win32::Lanman::GetLastError(); $err = Win32::Lanman::GetLastError() if ($err eq ""); print "Error in QueryServiceConfig: $err\n"; } } } else { my $err = Win32::FormatMessage Win32::Lanman::GetLastError(); $err = Win32::Lanman::GetLastError() if ($err eq ""); print "Error in EnumServicesStatus: $err\n"; }