PaulDotCom mailing list archives
Re: extracting MSSQL from a pcap
From: Robin Wood <robin () digininja org>
Date: Tue, 26 Nov 2013 19:28:39 +0000
On 26 Nov 2013 18:58, "c1b3rh4ck" <c1b3rh4ck () gmail com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 El 25/11/2013 06:09 p.m., Robin Wood escribió:I've got a pcap which contains unencrypted MSSQL traffic, can anyone recommend an app which will extract all the SQL? I can see it in Wireshark but it isn't decoding it for some reason, if I save the packets as text I can manipulate it into mostly readable form by some simple replaces but would rather a nice clean extraction, especially as I know this has usernames and passwords in. Robin _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.comHi, You can use python libraries to parse the content,take a look at scapy :) Best regards .
Does Scapy have a dissector for MSSQL/TDS? Robin
- ------------------------------ Debian User Penetration Testing Colombian Security Enthusiast Paranoid Security Addict LinuxUser #506301 - ------------------------------------ Quien se infiltra en la oscuridad,es Quien encuentra la verdad .Lao Tse -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBAgAGBQJSlOVJAAoJEH744K9jmDitVSEH+weDHbDNoNoJ3hgLrFPYvVuV ZLymjMxLVaJH5OJRlQi+wIBhnJ1s5pmWXPAva57nGspO36rROIEylUCmYL/GAFvO rj8QL/EvsWJaAMyo+kLeTwvVQ6l6q0GjStluaicOMT7SwOc8lRyjJ+LByUaCSM5I nOXlKffvwOj3Y1WzA8Qviy3RAHCmWGDN7vI8mrTvb1tdXjt4ui+aDpcRwuysbLR2 BAoCMPtQMzr0Dq+Scw/suIfTVnP1JkHjL9XZlwuZLQHL5pRZ7bNu9jT1v2M9/zBH vxgddslFYYsaXvht1C9AhaJNZMk4TcCOQY/57HfC+0VPi5UbFqwYRLzObZ3IbUU= =OW3f -----END PGP SIGNATURE----- _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- extracting MSSQL from a pcap Robin Wood (Nov 26)
- Re: extracting MSSQL from a pcap c1b3rh4ck (Nov 26)
- Re: extracting MSSQL from a pcap Robin Wood (Nov 27)
- Re: extracting MSSQL from a pcap c1b3rh4ck (Nov 28)
- Re: extracting MSSQL from a pcap Erik Hjelmvik (Nov 29)
- Re: extracting MSSQL from a pcap Robin Wood (Dec 02)
- Re: extracting MSSQL from a pcap Robin Wood (Dec 02)
- Re: extracting MSSQL from a pcap Erik Hjelmvik (Dec 04)
- Re: extracting MSSQL from a pcap Robin Wood (Nov 27)
- Recommendations for a Linux tool-writing approach? Glen Roberts (Dec 02)
- Re: Recommendations for a Linux tool-writing approach? Robin Wood (Dec 03)
- Re: Recommendations for a Linux tool-writing approach? Frank Michael (Dec 04)
- Re: Recommendations for a Linux tool-writing approach? Jason Drury (Dec 10)
- Re: extracting MSSQL from a pcap c1b3rh4ck (Nov 26)
- Re: Recommendations for a Linux tool-writing approach? Jamil Ben Alluch (Dec 03)