Penetration Testing mailing list archives
RE: extracting passwords from ethereal dump
From: "Steve A" <pen.test.mail () logicallysecure org>
Date: Tue, 21 Jun 2005 00:49:08 +0100
Mak TCPFlow (http://www.circlemud.org/~jelson/software/tcpflow/) will extract the various connections between systems based upon their IP address and the port they use. It is not a finished product but I have never had any problems with it. I like the output as it places data in folders based upon the connection IP addresses and direction eg : x-> y is different from y -> x. If you know the server IP address you should be able to parse the dump file for connections to that and then look in the first few packets in each folder for the initial authentication. Now I may be grasping at straws here but . . . I believe LoftCrack (or LC4 / LC5) has the ability to sniff the authentication from a live connection. You could try this in conjunction with snort to replay the traffic. Steve A steve<at>logicallysecure.org -----Original Message----- From: Mohamed Abdel Kader [mailto:makster12 () hotmail com] Sent: 20 June 2005 17:15 To: pen-test () securityfocus com Subject: extracting passwords from ethereal dump I was on a assessment and decided to get some of the traffic moving along the network. i got it using ethereal. now i want a program (other than ettercap) that can take this dump and extract the passwords. It would be helpful if the program can tell me the source and destination as well as the protocol in use for each detected password. thanks in advance pen-testers :o) MAK
Current thread:
- extracting passwords from ethereal dump Mohamed Abdel Kader (Jun 20)
- Re: extracting passwords from ethereal dump Nicolas Gregoire (Jun 21)
- Re: extracting passwords from ethereal dump Tim E (Jun 21)
- Re: extracting passwords from ethereal dump Noname (Jun 22)
- Re: extracting passwords from ethereal dump sfml (Jun 27)
- <Possible follow-ups>
- Re: extracting passwords from ethereal dump David Eduardo Acosta RodrÃguez (Jun 20)
- RE: extracting passwords from ethereal dump Todd Towles (Jun 20)
- RE: extracting passwords from ethereal dump Steve A (Jun 20)
- Re: extracting passwords from ethereal dump andre protas (Jun 20)
- RE: extracting passwords from ethereal dump Kyle Starkey (Jun 21)
- Re: extracting passwords from ethereal dump Nicolas Gregoire (Jun 21)