Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/DanMcInerney/net-creds

Sniffs sensitive data from interface or pcap
https://github.com/DanMcInerney/net-creds

Last synced: about 1 month ago
JSON representation

Sniffs sensitive data from interface or pcap

Awesome Lists containing this project

README

        

Thoroughly sniff passwords and hashes from an interface or pcap file. Concatenates fragmented packets and does not rely on ports for service identification.

| Screenshots |
|:-----:|
| ![Screenie1](http://imgur.com/opQo7Bb.png) |
| ![Screenie2](http://imgur.com/Kl5I6Ju.png) |

### Sniffs

* URLs visited
* POST loads sent
* HTTP form logins/passwords
* HTTP basic auth logins/passwords
* HTTP searches
* FTP logins/passwords
* IRC logins/passwords
* POP logins/passwords
* IMAP logins/passwords
* Telnet logins/passwords
* SMTP logins/passwords
* SNMP community string
* NTLMv1/v2 all supported protocols: HTTP, SMB, LDAP, etc.
* Kerberos

### Examples

Auto-detect the interface to sniff

`sudo python net-creds.py`

Choose eth0 as the interface

`sudo python net-creds.py -i eth0`

Ignore packets to and from 192.168.0.2

`sudo python net-creds.py -f 192.168.0.2`

Read from pcap

`python net-creds.py -p pcapfile`

#### OS X

Credit to [epocs](https://github.com/epocs):

```bash
sudo easy_install pip
sudo pip install scapy
sudo pip install pcapy
brew install libdnet --with-python
mkdir -p /Users//Library/Python/2.7/lib/python/site-packages
echo 'import site; site.addsitedir("/usr/local/lib/python2.7/site-packages")' >> /Users//Library/Python/2.7/lib/python/site-packages/homebrew.pth
sudo pip install pypcap
brew tap brona/iproute2mac
brew install iproute2mac
```

Then replace line 74 '/sbin/ip' with '/usr/local/bin/ip'.

#### Thanks
* Laurent Gaffie
* psychomario