From: Volker Tanger (volker.tanger@discon.de)
Date: Wed Feb 12 2003 - 04:03:56 EST
Greetings!
Andrew Stewart wrote:
> Does anyone know of a tool with credential sniffing capabilities similar
> to dsniff? (But that isn't dsniff ;-)
>
> I've played with Ethereal but I'd like to try and find a tool with
> focused password/credential snarfing ability.
"PHoss is a sniffer designed to find HTTP, FTP, LDAP, Telnet, IMAP4 and
POP3 logins on the wire. It also sniffs the VNC challange/response
handshake."
Especially in non-switchd networks quite an eye-opener. Lists nicely
protocol, name and password for each appropriate packet coming along.
Personal experience with Phenoelit: some of them tried to social
engineer into our CeBit network few years ago (out of sportsmanship I
figure) but ended up getting social engineered themselves as they handed
me their real, private "business card". But I guess they got better in
that by now... (Greetings!) ;-)
Bye
Volker Tanger
IT-Security Consulting
-- discon gmbh Wrangelstraße 100 D-10997 Berlin Telefon (030) 6104-3307 Telefax (030) 6104-3461 volker.tanger@discon.de http://www.discon.de/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:28 EDT