Penetration Testing mailing list archives
RE: extracting passwords from ethereal dump
From: Kyle Starkey <kstarkey () siegeworks com>
Date: Tue, 21 Jun 2005 08:06:10 -0600
What about using Cain/Abel for this process... If you are in a position to see broadcast network traffic (nice that someone still has a hubbed network that you can snoop on) or don't mind doing a little arp poisoning and acting as the router for a while, you will be able to run it in promiscuious mode... I usually run this in the background on my windows box while I snoop around doing recon work... It has the ability to snoop all kinds of clear text passwords, telnet, SMB, proxy, etc and run the arp spoofing for you.... That being said if you can replay the Ethereal session to a small hub, once back at the home office, then fire up another machine on that same hub and use cain/able to sort thru all the packets and find what you need... Dunno if that's possible with Ethereal, but I bow to others superior knowledge of packet capture playback... http://www.oxid.it/cain.html Cheers -K Random Thought: "Pen Testing is like bowling with some of the pins glued down. Sometimes you just have to find the right solvent." -----Original Message----- From: Mohamed Abdel Kader [mailto:makster12 () hotmail com] Sent: Monday, June 20, 2005 10:15 AM To: pen-test () securityfocus com Subject: extracting passwords from ethereal dump I was on a assessment and decided to get some of the traffic moving along the network. i got it using ethereal. now i want a program (other than ettercap) that can take this dump and extract the passwords. It would be helpful if the program can tell me the source and destination as well as the protocol in use for each detected password. thanks in advance pen-testers :o) MAK
Current thread:
- extracting passwords from ethereal dump Mohamed Abdel Kader (Jun 20)
- Re: extracting passwords from ethereal dump Nicolas Gregoire (Jun 21)
- Re: extracting passwords from ethereal dump Tim E (Jun 21)
- Re: extracting passwords from ethereal dump Noname (Jun 22)
- Re: extracting passwords from ethereal dump sfml (Jun 27)
- <Possible follow-ups>
- Re: extracting passwords from ethereal dump David Eduardo Acosta RodrÃguez (Jun 20)
- RE: extracting passwords from ethereal dump Todd Towles (Jun 20)
- RE: extracting passwords from ethereal dump Steve A (Jun 20)
- Re: extracting passwords from ethereal dump andre protas (Jun 20)
- RE: extracting passwords from ethereal dump Kyle Starkey (Jun 21)
- Re: extracting passwords from ethereal dump Nicolas Gregoire (Jun 21)