Penetration Testing mailing list archives

Command line network sniffing tools on NT/W2K

From: "Zwan-van-der.Erwin" <Erwin.Zwan-van-der () siemens nl>
Date: Thu, 6 Dec 2001 14:01:28 +0100

Hi,

During pen-tests I am regularly coming across situations were a remote
command line is available on an exploited dual homed NT or W2K box. To go a
step further I want to exploit the network behind this box as well. However
I am missing some good tools in my toolbox. In particular I am looking for
command line:
- network sniffing tools (both general ones like windump and password
sniffing ones)
- ARP spoofing tool from a NT or W2K box to another node
- methods to find multi homed systems fast in a large LAN/WAN environment

The Foundstone tools like Fpipe and Fscan are great since they do not
require any additional installed drivers and produce reliable results so
far. Buttsniff+ crashes and like other tools as Dsniff needs additional
drivers to be installed (like winpcap). Is Fsniff already out?

Appreciate any help and ideas.

Erwin.

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

Command line network sniffing tools on NT/W2K Zwan-van-der.Erwin (Dec 06)
- Re: Command line network sniffing tools on NT/W2K Erik Parker (Dec 10)
- Re: Command line network sniffing tools on NT/W2K andreas junestam (Dec 10)
- <Possible follow-ups>
- Re: Command line network sniffing tools on NT/W2K H Carvey (Dec 10)
- RE: Command line network sniffing tools on NT/W2K Slighter, Tim (Dec 10)
- RE: Command line network sniffing tools on NT/W2K Zwan-van-der.Erwin (Dec 11)