[CentOS] Using tcpdump to sniff telnet password
Michel van Deventer
michel at van.deventer.cx
Wed Feb 6 09:38:33 UTC 2008
Hi,
you should set the snaplen (length of packets to be captured) to 0 (max
packetsize) like :
tcpdump tcp port 23 -s 0 -w test.txt
Otherwise you won't get the full packets.
And you can use wireshark to read the dumpfile and easily find the
password(s).
Michel
On Wed, 2008-02-06 at 15:57 +0700, Fajar Priyanto wrote:
> Hi all,
> As long as I can remember reading various articles/docs, they all say that
> telnet is not secure because all traffic is in clear text. Well, out of
> boredom, I try to sniff username and password from a telnet session.
>
> The command I use: tcpdump tcp port 23 -vvv -w test.txt
> Then I read the result: strings test.txt
> |`D
> |fD
> |fD
> 38400,38400
> Red Hat Enterprise Linux ESD
> Ologin: D
> 5eE
> LsE
> _tE
> Password: F
> [aG
> |hG
> jaH
> Last login: Wed Feb 6 15:53:3H
> ]0;test4 at server:~
> GV{
>
> But it succeeds with FTP.
> strings test.txt
> <.9@
> 4.:@
> 220 (vsFTPd 2.0.1)
> 4.;@
> @.<@
> USER test4
> 331 Please specify the passwor
> 4.=@
> B.>@
> PASS secret
> 230 Login successful.
> 4.?@
> :.@@
> SYST
> 215 UNIX Type: L8
> 4.A@
>
>
> Did I miss something? How do we capture telnet password using tcpdump?
> Thank you.
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
More information about the CentOS
mailing list