CDPSnarf – CDP Packet Sniffer

Outsmart Malicious Hackers


CDPSnarf if a network sniffer exclusively written to extract information from CDP packets. It provides all the information a “show cdp neighbors detail” command would return on a Cisco router and even more.

The application is written in C using the popular PCAP library.

Sample Output

Cisco AIR-AP1231G-E-K9 Access Point:

You can download CDPSnarf here:

CDPSnarf 0.1.6

Or read more here.

Posted in: Hacking Tools, Networking Hacking

, , ,


Latest Posts:


OWASP ZSC - Obfuscated Code Generator Tool OWASP ZSC – Obfuscated Code Generator Tool
OWASP ZSC is an open source obfuscated code generator tool in Python which lets you generate customized shellcodes and convert scripts to an obfuscated script.
A Look Back At 2017 – Tools & News Highlights A Look Back At 2017 – Tools & News Highlights
So here we are in 2018, taking a look back at 2017, quite a year it was. Here is a quick rundown of some of the best hacking/security tools released in 2017, the biggest news stories and the 10 most viewed posts on Darknet as a bonus.
Spectre & Meltdown Checker - Vulnerability Mitigation Tool For Linux Spectre & Meltdown Checker – Vulnerability Mitigation Tool For Linux
Spectre & Meltdown Checker is a simple shell script to tell if your Linux installation is vulnerable against the 3 "speculative execution" CVEs that were made public early 2018.
Hijacker - Reaver For Android Wifi Hacker App Hijacker – Reaver For Android Wifi Hacker App
Hijacker is a native GUI which provides Reaver for Android along with Aircrack-ng, Airodump-ng and MDK3 making it a powerful Wifi hacker app.
Sublist3r - Fast Python Subdomain Enumeration Tool Sublist3r – Fast Python Subdomain Enumeration Tool
Sublist3r is a Python-based tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting.
coWPAtty Download - Audit Pre-shared WPA Keys coWPAtty Download – Audit Pre-shared WPA Keys
coWPAtty is a C-based tool for running a brute-force dictionary attack against WPA-PSK and audit pre-shared WPA keys.


10 Responses to CDPSnarf – CDP Packet Sniffer

  1. ZaD MoFo April 30, 2008 at 10:32 pm #

    I must admit: I’am kinda addicted to this site…

    Thank you http://www.darknet.org.uk !
    You have a very informative website. I come to visit periodically and whenever I visit each time I learn new tricks & tools.

    By the way: shutdown day this saturday…

    My best regards.

    ZaD MoFo

  2. Giacomo May 1, 2008 at 12:12 am #

    I think ethereal/wireshark is enought to discover this infos, without any other extra tool, isn’t it ?

  3. Bogwitch May 1, 2008 at 11:18 am #

    @Giacomo

    Yes, Wireshark will discover this information but you cannot set a capture filter for JUST this information.
    It’s the same as the dsniff tools, it has a much smaller footprint and performs a single task. I use the mailsnarf and urlsnarf utilities from dsniff on a regular basis for constant monitoring when Wireshark would be overkill.

  4. watcher May 1, 2008 at 3:33 pm #

    its nice to have something small like this, just think of how easy it is to see someone using wireshark or some other bandwidth hog, now try this one.

  5. Reticent May 2, 2008 at 3:40 am #

    @Bogwitch: I think you’ll find typing ‘cdp’ in the filter will do exactly that.

  6. Bogwitch May 2, 2008 at 8:47 am #

    @Reticent,
    I was talking specifically about capture filters rather than view filters. Sure, it can filter the view of cdp packets but the background capture is still capturing more packets than are specifically required. On a heavily loaded network, Wireshark can start running out of memory pretty fast if it is capturing large numbers of packets.
    Don’t get me wrong, wireshark is an exellent product and I use it often. If they could narrow the capture filters the same way that they narrow the view filters, I would probably use it even more!

  7. yoshi May 2, 2008 at 9:02 pm #

    nothing new here – cdpr has been doing this for years

  8. Reticent May 4, 2008 at 12:37 am #

    true. I usually capture stuff using tcpdump and write it to a file I open with wireshark; tcpdump gives you lots of nice options so you only end up with the traffic you wan’t to analyse (so it still suitable on busy networks). Alternatively, using the -A flag means you get to see the clear text protocols without using any sort of specialised tool anyway.

    Sorta offtopic, does anyone know a urlsnarf type application which is able to reconstruct html pages. Ie I run the tool and it’s able to write html pages locally as it see’s them? Wouldn’t mind having a play with such a tool.

  9. Umesh Chaurasia July 29, 2008 at 10:53 am #

    Hi,

    I want to capture CDP packets from windows environment. I downloaded you CDPSnarf sample.
    I also downloded getopt.c and getopt.h file from some other website.
    I am able to comile CDPSnarf application by commenting 2 lines //#include
    //#include

    In place of unistd.h, i am using getopt.h.

    When I am running my binary I am getting “unable to open Adapter” error. Following is the error details.
    ———————————————————-

    C:\Documents and Settings\umesh.c.PARSEC>D:\SW\CDPSnarf-v0.1.6\CDPSnarf-v0.1.6\R
    elease\cdpsnarf.exe -i CDP
    CDPSnarf v0.1.6 [$Rev: 797 $] initiated.
    Author: Zapotek
    Website: http://www.segfault.gr

    Couldn’t open device CDP: Error opening adapter: The system cannot find the device specified. (20)

    ————————————————————–

    Can you please suggest what I am doing wrong?

    Regards,
    Umesh

  10. dentonj August 3, 2008 at 3:56 pm #

    @yoshi

    From the code, CDPSnarf supports more CDP value types than cdpr.