Re: dsniff-like tool?

• Previous message: Martin Walker: "RE: how to isolate a virtual hosted website, in order to do a A&P?"
• In reply to: Andrew Stewart: "dsniff-like tool?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 12 Feb 2003 10:03:56 +0100
From: Volker Tanger <volker.tanger@discon.de>
To: pen-test@securityfocus.com

Greetings!

Andrew Stewart wrote:
> Does anyone know of a tool with credential sniffing capabilities similar
> to dsniff? (But that isn't dsniff ;-)
>
> I've played with Ethereal but I'd like to try and find a tool with
> focused password/credential snarfing ability.

http://phenoelit.de/phoss/

"PHoss is a sniffer designed to find HTTP, FTP, LDAP, Telnet, IMAP4 and
POP3 logins on the wire. It also sniffs the VNC challange/response
handshake."
Especially in non-switchd networks quite an eye-opener. Lists nicely
protocol, name and password for each appropriate packet coming along.

Personal experience with Phenoelit: some of them tried to social
engineer into our CeBit network few years ago (out of sportsmanship I
figure) but ended up getting social engineered themselves as they handed
me their real, private "business card". But I guess they got better in
that by now... (Greetings!) ;-)

Bye

Volker Tanger
IT-Security Consulting

-- 
discon gmbh
Wrangelstraße 100
D-10997 Berlin
Telefon  (030) 6104-3307
Telefax  (030) 6104-3461
volker.tanger@discon.de
http://www.discon.de/
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

• Next message: Rob Shein: "RE: Vulnebrability level definition"
• Previous message: Martin Walker: "RE: how to isolate a virtual hosted website, in order to do a A&P?"
• In reply to: Andrew Stewart: "dsniff-like tool?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: faster scans? (nmap) ... one host using nmap for syn scans in burst mode with the ... >>>This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... (Pen-Test) Re: pen test help please asap ... > Machine A on client site makes a configurable encrypted OUTBOUND ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... This list is provided by the SecurityFocus Security Intelligence Alert ... (Pen-Test) Re: ettercap help ... Anyways have never tried Ettercap for VNC. ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... This list is provided by the SecurityFocus Security Intelligence Alert ... (Pen-Test) RE: CFM SQL injection ... You should better use union or alike get unauthorized data from the ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... (Pen-Test) Re: ettercap help ... > I can get it to sniff telnet, ftp, pop, smb, but no vnc. ... > This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ... (Pen-Test)