1 # Config
2 $urlPath = "https://github.com/hsluoyz/WinDump/releases/download/v0.2/WinDump-for-Npcap-0.2.zip"
3 $checksum = "9182934bb822511236b4112ddaa006c95c86c864ecc5c2e3c355228463e43bf2"
4 
5 ############
6 ############
7 # Download the file
8 wget $urlPath -UseBasicParsing -OutFile $PSScriptRoot"\npcap.zip"
9 Add-Type -AssemblyName System.IO.Compression.FileSystem
10 function Unzip
11 {
12     param([string]$zipfile, [string]$outpath)
13 
14     [System.IO.Compression.ZipFile]::ExtractToDirectory($zipfile, $outpath)
15 }
16 Unzip $PSScriptRoot"\npcap.zip" $PSScriptRoot"\npcap"
17 Remove-Item $PSScriptRoot"\npcap.zip"
18 # Now let's check its checksum
19 $_chksum = $(CertUtil -hashfile $PSScriptRoot"\npcap\x64\WinDump.exe" SHA256)[1] -replace " ",""
20 if ($_chksum -ne $checksum){
21     echo "Checksums does NOT match !"
22     exit
23 } else {
24     echo "Checksums matches !"
25 }
26 # Finally, move it and remove tmp files
27 Move-Item -Force $PSScriptRoot"\npcap\x64\WinDump.exe" "C:\Windows\System32\windump.exe"
28 Remove-Item $PSScriptRoot"\npcap" -recurse
29