(for Windows 2000 / XP / 2003)
GrabItAll performs traffic redirection by sending spoofed ARP replies. It can redirect traffic from one computer to the attackers computer, or redirect traffic between two other computers through the attackers computer. In the last case you need to enable IP Forwarding which can be done with GrabItAll too.
Download the zip file and extract the files inside. Look for instructions in the Q&A for how to install the necessary driver. Then run the GrabItAll program from a Command Prompt. It is pretty self explaining.
Q: When I double-click on the client file a window comes up and disappears immediately. What's wrong?
A: You must run the file from a Command Prompt.
Q: How do I install the driver in Windows 2000?
A: Right-click on My Network Places and select Properties. Right-click on one of the Local Area Connections and select Properties. Click on Install, then Protocol and Add. Click on Have Disk, then Browse. Find the directory where the unzipped files are located and double-click on the EthDrv.inf file. From there things should be obvious.
Q: How do I install the driver in Windows XP?
A: Click Start, then Control Panel, Network and Internet Connections, and Network Connections. Right-click on one of the Local Area Connections and select Properties. Click Install, Protocol, then Add. Click Have disk and then Browse. Find the directory where the unzipped files are located and double-click on the EthDrv.inf file. From there things should be obvious.
Q: Is there a way to see if GrabItAll is being used against me?
A: Yes, GrabItAll always sends a UDP datagram to port 7777 containing an identification string if it hasn't been filtered out somehow. Don't rely on it though, but it's a feature I've included to make it easier to identify GrabItAll usage.
Q: I have a question that is not covered here. Where can I get help?
A: Send me
your question. I can't promise that I will have time to answer, but I'll do my best.