Penetration Testing mailing list archives
Re: sniffing files from ftp session
From: David Howe <DaveHowe.Pentest () googlemail com>
Date: Wed, 03 Jun 2009 12:33:10 +0100
Robert Jaroszuk wrote:
Hi all. I need a sniffer which could sniff and save files from ftp traffic. I think about something silimar to filesnarf or mailsnarf (dsniff). Anyone knows such tool ?
you don't need one. due to the nature of ftp traffic, any packet capture analysis tool (wireshark, for example) can save off the file for you. wireshark example: type "ftp" into filter, locate the RETR line for the file you want remove filter, note the syn/syn-ack handshake below the RETR line that is the actual data flow starting right click, select "follow tcp stream" select "raw" and "save", save off as whatever name you want. ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- sniffing files from ftp session Robert Jaroszuk (Jun 02)
- Re: sniffing files from ftp session IndianZ (Jun 03)
- Re: sniffing files from ftp session Przemyslaw Skowron (Jun 03)
- Re: sniffing files from ftp session Eric Kollmann (Jun 03)
- Re: sniffing files from ftp session David Howe (Jun 03)
- Re: sniffing files from ftp session Jonathan James (Jun 03)
- Message not available
- RE: sniffing files from ftp session Ondrej Krehel (Jun 04)
- Re: sniffing files from ftp session Augusto Pereyra (Jun 04)
- RE: sniffing files from ftp session Nhon Yeung (Jun 08)
- Re: sniffing files from ftp session Jared Curtis (Jun 09)
- RE: sniffing files from ftp session David Klein (Jun 09)
- Re: sniffing files from ftp session Adriel T. Desautels (Jun 10)
- Re: sniffing files from ftp session Adriel T. Desautels (Jun 10)
- RE: sniffing files from ftp session Ondrej Krehel (Jun 04)
- <Possible follow-ups>
- RE: sniffing files from ftp session Shenk, Jerry A (Jun 03)