[CentOS] Using tcpdump to sniff telnet password
John R Pierce
pierce at hogranch.comWed Feb 6 10:52:52 UTC 2008
- Previous message: [CentOS] Using tcpdump to sniff telnet password
- Next message: [CentOS] Using tcpdump to sniff telnet password
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Fajar Priyanto wrote: > Hi all, > As long as I can remember reading various articles/docs, they all say that > telnet is not secure because all traffic is in clear text. Well, out of > boredom, I try to sniff username and password from a telnet session. > > The command I use: tcpdump tcp port 23 -vvv -w test.txt > Then I read the result: strings test.txt > with wireshark, I easily see... ..... ..#..'.. .38400,38400....'.......VT100.................;.......!...test .test .. where, test and test are the account and password of the dummy account I created. you're not seeing it with `strings`, because its sent one character per packet as you type it.
- Previous message: [CentOS] Using tcpdump to sniff telnet password
- Next message: [CentOS] Using tcpdump to sniff telnet password
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list