dsniff Download – Tools for Network Auditing & Password Sniffing


Dsniff download is a collection of tools for network auditing & penetration testing. Dsniff, filesnarf, mailsnarf, msgsnarf, URLsnarf, and WebSpy passively monitor a network for interesting data (passwords, e-mail, files, etc.).

dsniff Download - Tools for Network Auditing & Password Sniffing


ARPspoof, DNSspoof, and macof facilitate the interception of network traffic normally unavailable to an attacker (e.g, due to layer-2 switching). sshmitm and webmitm implement active monkey-in-the-middle attacks against redirected SSH and HTTPS sessions by exploiting weak bindings in ad-hoc PKI.

These tools were written with honest intentions – for the author to audit his own network, and to demonstrate the insecurity of cleartext/weakly-encrypted network protocols and ad-hoc PKI. please do not abuse this software.

Features/Contents for Dsniff Network Auditing & Password Sniffing

The name Dsniff refers both to the package of all the below tools and the one eponymous tool “Dsniff” included within.

  • arpspoof – redirect packets from a target host (or all hosts) on the LAN intended for another local host by forging ARP replies. this is an extremely effective way of sniffing traffic on a switch. kernel IP forwarding (or a userland program which accomplishes the same, e.g. fragrouter :-) must be turned on ahead of time.
  • dnsspoof – forge replies to arbitrary DNS address / pointer queries on the LAN. this is useful in bypassing hostname-based access controls, or in implementing a variety of man-in-the-middle attacks (HTTP, HTTPS, SSH, Kerberos, etc).
  • dsniff – password sniffer. handles FTP, Telnet, SMTP, HTTP, POP, poppass, NNTP, IMAP, SNMP, LDAP, Rlogin, RIP, OSPF, PPTP, MS-CHAP, NFS, VRRP, YP/NIS, SOCKS, X11, CVS, IRC, AIM, ICQ, Napster, PostgreSQL, Meeting Maker, Citrix ICA, Symantec pcAnywhere, NAI Sniffer, Microsoft SMB, Oracle SQL*Net, Sybase and Microsoft SQL auth info.
  • filesnarf – saves selected files sniffed from NFS traffic in the current working directory.
  • macof – flood the local network with random MAC addresses (causing some switches to fail open in repeating mode, facilitating sniffing). a straight C port of the original Perl Net::RawIP macof program.
  • mailsnarf – a fast and easy way to violate the Electronic Communications Privacy Act of 1986 (18 USC 2701-2711), be careful. outputs selected messages sniffed from SMTP and POP traffic in Berkeley mbox format, suitable for offline browsing with your favorite mail reader (mail -f, pine, etc.).
  • msgsnarf – record selected messages from sniffed AOL Instant Messenger, ICQ 2000, IRC, and Yahoo! Messenger chat sessions.
  • sshmitm – SSH monkey-in-the-middle. proxies and sniffs SSH traffic redirected by dnsspoof(8), capturing SSH password logins, and optionally hijacking interactive sessions. only SSH protocol version 1 is (or ever will be) supported – this program is far too evil already.
  • sshow – SSH traffic analysis tool. analyzes encrypted SSH-1 and SSH-2 traffic, identifying authentication attempts, the lengths of passwords entered in interactive sessions, and command line lengths.
  • tcpkill – kills specified in-progress TCP connections (useful for libnids-based applications which require a full TCP 3-whs for TCB creation).
  • tcpnice – slow down specified TCP connections via “active” traffic shaping. forges tiny TCP window advertisements, and optionally ICMP source quench replies.
  • urlsnarf – output selected URLs sniffed from HTTP traffic in CLF (Common Log Format, used by almost all web servers), suitable for offline post-processing with your favourite web log analysis tool (analog, wwwstat, etc.).
  • webmitm – HTTP / HTTPS monkey-in-the-middle. transparently proxies and sniffs web traffic redirected by dnsspoof(8), capturing most “secure” SSL-encrypted webmail logins and form submissions.
  • webspy – sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time (as the target surfs, your browser surfs along with them, automagically). a fun party trick. :-)

You can download Dsniff here:

dsniff-2.3.tar.gz

Or read more here.

Posted in: Networking Hacking Tools


Latest Posts:


SharpHose - Asynchronous Password Spraying Tool SharpHose – Asynchronous Password Spraying Tool
SharpHose is an asynchronous password spraying tool in C# for Windows environments that takes into consideration fine-grained password policies and can be run over Cobalt Strike's execute-assembly.
Axiom - Pen-Testing Server For Collecting Bug Bounties Axiom – Pen-Testing Server For Collecting Bug Bounties
Project Axiom is a set of utilities for managing a small dynamic infrastructure setup for bug bounty, basically a pen-testing server out of the box with 1-line.
Quasar RAT - Windows Remote Administration Tool Quasar RAT – Windows Remote Administration Tool
Quasar is a fast and light-weight Windows remote administration tool coded in C#. Used for user support through day-to-day administrative work to monitoring.
Pingcastle - Active Directory Security Assessment Tool Pingcastle – Active Directory Security Assessment Tool
PingCastle is a Active Directory Security Assessment Tool designed to quickly assess the Active Directory security level based on a risk and maturity framework.
Second Order - Subdomain Takeover Scanner Tool Second Order – Subdomain Takeover Scanner Tool
Second Order Subdomain Takeover Scanner Tool scans web apps for second-order subdomain takeover by crawling the application and collecting URLs (and other data)
Binwalk - Firmware Security Analysis & Extraction Tool Binwalk – Firmware Security Analysis & Extraction Tool
Binwalk is a fast and easy to use Python-based firmware security analysis tool that allows for firmware analysis, reverse engineering & extracting of firmware.


Comments are closed.