Penetration Testing mailing list archives

Re: Command line network sniffing tools on NT/W2K

From: Erik Parker <eparker () mindsec com>
Date: Fri, 7 Dec 2001 13:52:16 -0800 (PST)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


If you're just sitting and cmd.exe via Netcat or something.. You could
upload the libpcap and tcpdump, just do a large packet capture, and
offload that file for processing on your side later. It's not as elegant
as the alternatives, but most anything can process the raw data from
tcpdump. (Ethereal)

You could also write a script for the win2k's, that enables snmp on those
servers.. Just have it exploit each one, start snmp service, and run an
snmp scanner across them all, and pull network, architecture, process, and
anything else you usually need, right there.

Or just ipconfig to a log :P

And of course, lophtcrack is great for grabbing the passwords.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (SunOS)
Comment: For info see http://www.gnupg.org

iEYEARECAAYFAjwROhEACgkQr8DeRYtXr+KQrgCfUulkzBBEiftGLC9NkjFqYlRT
9IoAn1L+IWRCwSjKqtmMzUixubr1DdkR
=Dly3
-----END PGP SIGNATURE-----


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

Command line network sniffing tools on NT/W2K Zwan-van-der.Erwin (Dec 06)
- Re: Command line network sniffing tools on NT/W2K Erik Parker (Dec 10)
- Re: Command line network sniffing tools on NT/W2K andreas junestam (Dec 10)
- <Possible follow-ups>
- Re: Command line network sniffing tools on NT/W2K H Carvey (Dec 10)
- RE: Command line network sniffing tools on NT/W2K Slighter, Tim (Dec 10)
- RE: Command line network sniffing tools on NT/W2K Zwan-van-der.Erwin (Dec 11)