How can I capture network packets on a Windows file server without installing any third-party tools?

You can use the built-in `netsh trace` command with administrator privileges to capture network packets. For example, `netsh trace start capture=yes traceFile="c:\test\capture.etl" protocol=tcp ipv4.address=<server_ip> keywords=ut:authentication` will capture SMB authentication traffic. This method is supported on Windows 7, Server 2008 R2, and later systems, as detailed in Penetration Techniques - Using netsh to Capture NTLMv2 Hash from File Server Connections.