Just curious if any one has tried sniffing the Win 7 online activation process. If so, it would be nice to have a Pcap file of a successful online activation. I'm interested in trying to spoof the response. Redirecting the unactivated machine would be easy enough. Could use ettercap w/filters to drop and inject the appropriate response. Just a thought, may or may not be possible...any ideas welcomed.