RE: Snarf files from a sniff dump


On Sat, 2006-02-25 at 08:00, Shenk, Jerry A wrote:
Ethereal will do that. If you right-click on a packet, you can "follow
TCP stream". Depending what your goal is, that may be enough. If it is
a text document, you'll clearly see the text.

If it's not a text document, you will probably need to work a little
harder. I've never done what you're talking about for a printer file
but I'm guessing that you're gonna see pretty much a raw printer data
stream that can simply be sent back to the printer to get a printed
output.


-----Original Message-----
From: 4secure@xxxxxx [mailto:4secure@xxxxxx]
Sent: Friday, February 24, 2006 8:19 AM
To: pen-test@xxxxxxxxxxxxxxxxx
Subject: Snarf files from a sniff dump

Hi List Members!


I am looking for a tool to snarf files (e.g. Word documents etc.) from a
sniff dump (e.g. ethereal or tcpdump) in an M$ Windows LAN (SMB) or
between a client and a printer (PS, PCL etc.). Does someone know such
tools (I know Dsniff, but it is not exactly what I am looking for)?

Thanks!

Istvan


Istvan,

Have a look at ettercap. Another nice little utlity to sniff packets on
your lan. Has some nice features built in.


--
Unique Security Forums at:
http://www.iatechconsulting.com



------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------