Penetration Testing mailing list archives
Re: replay captured tcpdump sessions to the screen?
From: Christian Ehlen <christian.ehlen () gmx de>
Date: Tue, 27 Nov 2007 22:30:43 +0100
Hi offset, maybe you can try snort-replay:
Snort-replay is a simple output system for Snort (a patch for
snort-2.0.1) that prints (not sends!) the payloads >using the same delay between the packets as was seen on the wire. http://www.algonet.se/~nitzer/snort-replay/ http://www.snort.org/dl/contrib/patches/snort-replay/ http://www.snort.org/dl/old/snort-2.0.1.tar.gz tcpflow is another tool which will extract and visualize the payload of tcp-sessions. http://www.circlemud.org/~jelson/software/tcpflow/
correct ascii/terminal drawings for the menu system that is being used.
this could get problematic with tcpflow. I think Honeywall/Roo has such capabilities, too. http://www.honeynet.org/papers/cdrom/roo/index.html Balabit (zorp, syslog-ng) offers a "Shell Control Box" for auditing - unfortunately I haven't tried it yet. http://www.balabit.com/network-security/scb/ Bye, Christian offset wrote:
Does anyone know of software that will allow someone to replay sessions (ie. captured telnet tcpdump data) to a screen? (I don't want to replay this back out to the network) I'd like to be able to replay captured telnet mitm sessions in a terminal like environment to get all the correct ascii/terminal drawings for the menu system that is being used. A long time ago, I thought the 'evidence' section of the www.takedown.com was cool in that you could telnet to a port on their server and have the sessions replayed back to you. I've been using chaosreader ( http://chaosreader.sourceforge.net/ ) to split the tcpdump data into sessions, not sure if anyone has other tools that work in similar fashion or any other suggestions.
------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- replay captured tcpdump sessions to the screen? offset (Nov 27)
- Re: replay captured tcpdump sessions to the screen? Christian Ehlen (Nov 27)
- Re: replay captured tcpdump sessions to the screen? offset (Nov 29)
- Re: replay captured tcpdump sessions to the screen? Christian Ehlen (Nov 27)