RE: sniffing files from ftp session

[Ondrej Krehel <OKrehel () StrozFriedberg com>]

I haven't seen one, but you could just use tcpdump limited to the ftp traffic, set the size to full packet, and use 
chaosreader to parse it, if you don't want to review it in the tcpdump/wireshark.

http://chaosreader.sourceforge.net/
http://www.wireshark.org/

Ondrej Krehel, CISSP, CEH

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Robert Jaroszuk
Sent: Tuesday, June 02, 2009 3:22 PM
To: pen-test () securityfocus com
Subject: sniffing files from ftp session

Hi all.

I need a sniffer which could sniff and save files from ftp traffic.
I think about something silimar to filesnarf or mailsnarf (dsniff).
Anyone knows such tool ?

Regards,

-- 
... Robert Jaroszuk ...
GCS/IT/O d? s: a- C++ ULB++++$ P+ L++++$ E- W++ K- N+ DI+ V-
w M- PS+ PE Y(+) PGP-(+++) t-- 5? X R !tv b++>++++ D- y+ G++
.. The superior warrior wins without fighting -- Sun Tzu. ..
        -> New photos: http://zim.iq.pl/photo/


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------