tcpdump script
brad
brad at ispn.net
Thu May 29 20:07:25 CDT 2003
Gerald wrote:
> Tcpdump isn't quite suited to a task like this. You might try using
> dsniff, ngrep, or any of the password-specific tools listed at
> http://neworder.box.sk/codebox.links.php?&key=sniff
I am trying to do it manually just for experience as opposed to using a sniffer.
It seems like tcpdump gives me what I want, but I don't know enough
scripting to parse the file for just the user/pass.
> You could also run John the Ripper on the shadow file directly (assuming
> they have a shadow file, of course):
>
> http://www.openwall.com/john/
They do not do their own engineering...it is outsourced, so I don't have
access to the server. All I have is their user db with the original
passes, many of which have been changed of course.
Thanks,
Brad
More information about the Kclug
mailing list