Re: extracting passwords from ethereal dump

From: David Eduardo Acosta Rodríguez (david.acosta@internet-solutions.com.co)
Date: Mon Jun 20 2005 - 19:02:47 EDT


Hi:

You can use DSniff http://www.monkey.org/~dugsong/dsniff/.

>From the description in the web site:

"...dsniff is a collection of tools for network auditing and penetration
testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy
passively monitor a network for interesting data (passwords, e-mail, files,
etc.). arpspoof, dnsspoof, and macof facilitate the interception of network
traffic normally unavailable to an attacker (e.g, due to layer-2 switching).
sshmitm and webmitm implement active monkey-in-the-middle attacks against
redirected SSH and HTTPS sessions by exploiting weak bindings in ad-hoc PKI.
.."

         Ing. David E. Acosta R.
      Security Consultant - CISSP
       Internet Solutions Colombia
  "The Information Security Experts"
http://www.internet-solutions.com.co
 david.acosta@internet-solutions.com.co
       Phone (movil):(300)2089961
 Phone (office):(091)3120910 ext 17

CONFIDENCIAL. La información contenida en este e-mail y cualquier archivo
anexo es confidencial y sólo puede ser utilizada por el individuo o la
compañía a la cual está dirigido. Si no es usted el destinatario
autorizado, cualquier retención, difusión, distribución o copia de este
mensaje está prohibida y es sancionada por la ley. Si por error recibe este
mensaje, le ofrecemos disculpas y le agradecemos reenviar el mensaje al
emisor original y eliminarlo de su inbox inmediatamente.

----- Original Message -----
From: "Mohamed Abdel Kader" <makster12@hotmail.com>
To: <pen-test@securityfocus.com>
Sent: Monday, June 20, 2005 11:14 AM
Subject: extracting passwords from ethereal dump

> I was on a assessment and decided to get some of the traffic moving along
> the network. i got it using ethereal.
> now i want a program (other than ettercap) that can take this dump and
> extract the passwords.
> It would be helpful if the program can tell me the source and destination
as
> well as the protocol in use for each detected password.
>
> thanks in advance pen-testers :o)
> MAK
>



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:26 EDT