I'm trying to do an internal pen test and here's my dilemma...
I compromise a (Windows) machine and have cmd line access. I want to start sniffing traffic coming from and to the machine. How do I do that. As far as i know windump is the way to go, but it needs winpcap to run properly. The winpcap install is gui based. How do I get that on the system to allow me to sniff traffic.

Or is there another, better way to do this, perhaps with a different sniffer?

Thanks!