RE: sniffing files from ftp session

["Nhon Yeung" <Nhon.Yeung () cranegroup com au>]

Not too sure if this will do the job.. eeye iris can do session reconstruction
<<http://www.eeye.com/html/products/iris/index.html>>

Nhon Yeung
Network Architect
Crane Group

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Augusto Pereyra
Sent: Friday, 5 June 2009 8:58 AM
To: pen-test list
Subject: Re: sniffing files from ftp session

Anyone know some tool to recover video streamming from a pcap file?

Thanks to all



On Thu, Jun 4, 2009 at 4:03 PM, Ondrej Krehel
<OKrehel () strozfriedberg com> wrote:
> I haven't seen one, but you could just use tcpdump limited to the ftp traffic, set the size to full packet, and use 
> chaosreader to parse it, if you don't want to review it in the tcpdump/wireshark.
>
> http://chaosreader.sourceforge.net/
> http://www.wireshark.org/
>
> Ondrej Krehel, CISSP, CEH
>
> -----Original Message-----
> From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Robert Jaroszuk
> Sent: Tuesday, June 02, 2009 3:22 PM
> To: pen-test () securityfocus com
> Subject: sniffing files from ftp session
>
> Hi all.
>
> I need a sniffer which could sniff and save files from ftp traffic.
> I think about something silimar to filesnarf or mailsnarf (dsniff).
> Anyone knows such tool ?
>
> Regards,
>
> --
> ... Robert Jaroszuk ...
> GCS/IT/O d? s: a- C++ ULB++++$ P+ L++++$ E- W++ K- N+ DI+ V-
> w M- PS+ PE Y(+) PGP-(+++) t-- 5? X R !tv b++>++++ D- y+ G++
> .. The superior warrior wins without fighting -- Sun Tzu. ..
>        -> New photos: http://zim.iq.pl/photo/
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
> and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
> and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------



Any views expressed in this message are those of the individual sender, except where the sender specifically states 
them to be the views of Crane Group


------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------