Name | Date | Size | #Lines | LOC | ||
---|---|---|---|---|---|---|
.. | 03-May-2022 | - | ||||
missing/ | H | 07-May-2022 | - | 1,493 | 806 | |
CHANGES | H A D | 19-Mar-2001 | 6.3 KiB | 258 | 130 | |
LICENSE | H A D | 14-Nov-2000 | 1.4 KiB | 28 | 22 | |
Makefile.in | H A D | 03-May-2022 | 4.8 KiB | 165 | 111 | |
README | H A D | 17-Mar-2001 | 3.9 KiB | 114 | 90 | |
TODO | H A D | 02-Dec-2000 | 387 | 16 | 8 | |
acconfig.h | H A D | 28-Nov-2000 | 541 | 23 | 10 | |
arp.c | H A D | 03-May-2022 | 2.3 KiB | 122 | 93 | |
arp.h | H A D | 15-Mar-2001 | 273 | 17 | 4 | |
arpspoof.8 | H A D | 28-Nov-2000 | 899 | 38 | 37 | |
arpspoof.c | H A D | 03-May-2022 | 4.2 KiB | 212 | 161 | |
asn1.c | H A D | 15-Mar-2001 | 823 | 68 | 47 | |
asn1.h | H A D | 15-Mar-2001 | 328 | 23 | 8 | |
base64.c | H A D | 15-Mar-2001 | 8.4 KiB | 246 | 96 | |
base64.h | H A D | 15-Mar-2001 | 212 | 16 | 4 | |
buf.c | H A D | 03-May-2022 | 3.8 KiB | 266 | 203 | |
buf.h | H A D | 15-Mar-2001 | 1.8 KiB | 83 | 32 | |
config.h.in | H A D | 28-Nov-2000 | 2.7 KiB | 111 | 75 | |
configure | H A D | 19-Mar-2001 | 104.6 KiB | 3,599 | 3,016 | |
configure.in | H A D | 20-Dec-2000 | 8.9 KiB | 341 | 325 | |
decode.c | H A D | 15-Mar-2001 | 5.1 KiB | 203 | 167 | |
decode.h | H A D | 15-Mar-2001 | 3.4 KiB | 87 | 62 | |
decode_aim.c | H A D | 03-May-2022 | 2.2 KiB | 119 | 78 | |
decode_citrix.c | H A D | 15-Mar-2001 | 1.3 KiB | 74 | 40 | |
decode_cvs.c | H A D | 15-Mar-2001 | 2.1 KiB | 76 | 51 | |
decode_ftp.c | H A D | 15-Mar-2001 | 1.1 KiB | 61 | 36 | |
decode_hex.c | H A D | 15-Mar-2001 | 1.2 KiB | 65 | 41 | |
decode_http.c | H A D | 15-Mar-2001 | 4.1 KiB | 200 | 157 | |
decode_icq.c | H A D | 15-Mar-2001 | 4.2 KiB | 162 | 116 | |
decode_imap.c | H A D | 15-Mar-2001 | 834 | 47 | 27 | |
decode_irc.c | H A D | 15-Mar-2001 | 1.6 KiB | 77 | 57 | |
decode_ldap.c | H A D | 15-Mar-2001 | 1.7 KiB | 91 | 55 | |
decode_mmxp.c | H A D | 15-Mar-2001 | 1.9 KiB | 96 | 54 | |
decode_mountd.c | H A D | 15-Mar-2001 | 1.8 KiB | 84 | 61 | |
decode_napster.c | H A D | 15-Mar-2001 | 831 | 51 | 26 | |
decode_nntp.c | H A D | 15-Mar-2001 | 1.2 KiB | 62 | 42 | |
decode_oracle.c | H A D | 15-Mar-2001 | 1.4 KiB | 72 | 45 | |
decode_ospf.c | H A D | 15-Mar-2001 | 494 | 34 | 15 | |
decode_pcanywhere.c | H A D | 15-Mar-2001 | 1.6 KiB | 82 | 50 | |
decode_pop.c | H A D | 15-Mar-2001 | 1.6 KiB | 78 | 53 | |
decode_portmap.c | H A D | 15-Mar-2001 | 1.6 KiB | 71 | 54 | |
decode_postgresql.c | H A D | 15-Mar-2001 | 1 KiB | 63 | 39 | |
decode_pptp.c | H A D | 03-May-2022 | 4.8 KiB | 215 | 166 | |
decode_rip.c | H A D | 15-Mar-2001 | 583 | 35 | 15 | |
decode_rlogin.c | H A D | 15-Mar-2001 | 1 KiB | 54 | 30 | |
decode_smb.c | H A D | 15-Mar-2001 | 1.7 KiB | 91 | 64 | |
decode_smtp.c | H A D | 15-Mar-2001 | 1.1 KiB | 56 | 39 | |
decode_sniffer.c | H A D | 15-Mar-2001 | 981 | 52 | 30 | |
decode_snmp.c | H A D | 15-Mar-2001 | 1 KiB | 56 | 34 | |
decode_socks.c | H A D | 15-Mar-2001 | 999 | 61 | 34 | |
decode_tds.c | H A D | 03-May-2022 | 4 KiB | 208 | 149 | |
decode_telnet.c | H A D | 15-Mar-2001 | 573 | 38 | 18 | |
decode_vrrp.c | H A D | 03-May-2022 | 1.5 KiB | 71 | 40 | |
decode_x11.c | H A D | 15-Mar-2001 | 667 | 44 | 22 | |
decode_yp.c | H A D | 15-Mar-2001 | 3.2 KiB | 146 | 114 | |
dnsspoof.8 | H A D | 14-Nov-2000 | 1.1 KiB | 42 | 41 | |
dnsspoof.c | H A D | 03-May-2022 | 6.6 KiB | 334 | 252 | |
dnsspoof.hosts | H A D | 19-Nov-2000 | 1.1 KiB | 49 | 48 | |
dsniff.8 | H A D | 15-Dec-2000 | 2.6 KiB | 82 | 81 | |
dsniff.c | H A D | 15-Mar-2001 | 3.1 KiB | 182 | 144 | |
dsniff.magic | H A D | 14-Nov-2000 | 1.8 KiB | 111 | 86 | |
dsniff.services | H A D | 15-Dec-2000 | 1.1 KiB | 71 | 70 | |
filesnarf.8 | H A D | 19-Nov-2000 | 699 | 34 | 33 | |
filesnarf.c | H A D | 03-May-2022 | 10.1 KiB | 513 | 412 | |
hex.c | H A D | 15-Mar-2001 | 1.5 KiB | 80 | 55 | |
hex.h | H A D | 15-Mar-2001 | 344 | 20 | 5 | |
install-sh | H A D | 14-Nov-2000 | 4.7 KiB | 239 | 152 | |
macof.8 | H A D | 14-Nov-2000 | 1 KiB | 45 | 44 | |
macof.c | H A D | 03-May-2022 | 3.3 KiB | 157 | 116 | |
magic.c | H A D | 15-Mar-2001 | 17.5 KiB | 848 | 664 | |
magic.h | H A D | 15-Mar-2001 | 339 | 19 | 5 | |
mailsnarf.8 | H A D | 19-Nov-2000 | 836 | 35 | 34 | |
mailsnarf.c | H A D | 15-Mar-2001 | 7.5 KiB | 392 | 311 | |
mount.x | H A D | 09-Dec-2000 | 5.9 KiB | 189 | 57 | |
msgsnarf.8 | H A D | 19-Nov-2000 | 726 | 35 | 34 | |
msgsnarf.c | H A D | 15-Mar-2001 | 14.5 KiB | 680 | 560 | |
nfs_prot.x | H A D | 14-Nov-2000 | 7.3 KiB | 397 | 275 | |
options.h | H A D | 15-Mar-2001 | 401 | 25 | 11 | |
pathnames.h | H A D | 15-Mar-2001 | 383 | 22 | 8 | |
pcaputil.c | H A D | 03-May-2022 | 1.8 KiB | 111 | 87 | |
pcaputil.h | H A D | 15-Mar-2001 | 352 | 21 | 6 | |
record.c | H A D | 03-May-2022 | 3.9 KiB | 219 | 164 | |
record.h | H A D | 15-Mar-2001 | 424 | 25 | 8 | |
remote.c | H A D | 14-Nov-2000 | 18.2 KiB | 696 | 580 | |
rpc.c | H A D | 15-Mar-2001 | 2.3 KiB | 134 | 91 | |
rpc.h | H A D | 15-Mar-2001 | 595 | 34 | 16 | |
ssh.c | H A D | 15-Mar-2001 | 14 KiB | 582 | 456 | |
ssh.h | H A D | 15-Mar-2001 | 1.4 KiB | 74 | 44 | |
sshcrypto.c | H A D | 03-May-2022 | 4.2 KiB | 197 | 139 | |
sshcrypto.h | H A D | 15-Mar-2001 | 869 | 29 | 11 | |
sshmitm.8 | H A D | 15-Dec-2000 | 825 | 37 | 36 | |
sshmitm.c | H A D | 03-May-2022 | 8 KiB | 408 | 314 | |
sshow.8 | H A D | 17-Mar-2001 | 860 | 40 | 39 | |
sshow.c | H A D | 19-Mar-2001 | 16 KiB | 664 | 551 | |
tcp_raw.c | H A D | 03-May-2022 | 4.8 KiB | 237 | 184 | |
tcp_raw.h | H A D | 03-May-2022 | 566 | 24 | 9 | |
tcpkill.8 | H A D | 17-Mar-2001 | 802 | 35 | 34 | |
tcpkill.c | H A D | 03-May-2022 | 3.1 KiB | 152 | 108 | |
tcpnice.8 | H A D | 17-Mar-2001 | 806 | 39 | 38 | |
tcpnice.c | H A D | 03-May-2022 | 4.9 KiB | 226 | 167 | |
trigger.c | H A D | 03-May-2022 | 12.9 KiB | 589 | 479 | |
trigger.h | H A D | 03-May-2022 | 879 | 36 | 18 | |
urlsnarf.8 | H A D | 19-Nov-2000 | 904 | 38 | 37 | |
urlsnarf.c | H A D | 03-May-2022 | 4.9 KiB | 250 | 197 | |
version.h | H A D | 19-Mar-2001 | 23 | 2 | 1 | |
vroot.h | H A D | 14-Nov-2000 | 4.8 KiB | 120 | 50 | |
webmitm.8 | H A D | 17-Mar-2001 | 722 | 35 | 34 | |
webmitm.c | H A D | 03-May-2022 | 10.1 KiB | 533 | 418 | |
webspy.8 | H A D | 14-Nov-2000 | 631 | 31 | 30 | |
webspy.c | H A D | 03-May-2022 | 4.6 KiB | 227 | 168 |
README
1 2dsniff-2.3 3---------- 4 5i wrote these tools with honest intentions - to audit my own network, 6and to demonstrate the insecurity of cleartext / weakly-encrypted 7network protocols and ad-hoc PKI. please do not abuse this software. 8 9these programs require: 10 11 Berkeley DB - http://www.sleepycat.com/ 12 OpenSSL - http://www.openssl.org/ 13 libpcap - http://www.tcpdump.org/ 14 libnids - http://www.packetfactory.net/Projects/Libnids/ 15 libnet - http://www.packetfactory.net/Projects/Libnet/ 16 17built and tested on OpenBSD, Linux, and Solaris. YMMV. 18 19what's here: 20 21arpspoof 22 redirect packets from a target host (or all hosts) on the LAN 23 intended for another local host by forging ARP replies. this 24 is an extremely effective way of sniffing traffic on a switch. 25 kernel IP forwarding (or a userland program which accomplishes 26 the same, e.g. fragrouter :-) must be turned on ahead of time. 27 28dnsspoof 29 forge replies to arbitrary DNS address / pointer queries on 30 the LAN. this is useful in bypassing hostname-based access 31 controls, or in implementing a variety of man-in-the-middle 32 attacks (HTTP, HTTPS, SSH, Kerberos, etc). 33 34dsniff 35 password sniffer. handles FTP, Telnet, SMTP, HTTP, POP, 36 poppass, NNTP, IMAP, SNMP, LDAP, Rlogin, RIP, OSPF, PPTP 37 MS-CHAP, NFS, VRRP, YP/NIS, SOCKS, X11, CVS, IRC, AIM, ICQ, 38 Napster, PostgreSQL, Meeting Maker, Citrix ICA, Symantec 39 pcAnywhere, NAI Sniffer, Microsoft SMB, Oracle SQL*Net, Sybase 40 and Microsoft SQL auth info. 41 42 dsniff automatically detects and minimally parses each 43 application protocol, only saving the interesting bits, and 44 uses Berkeley DB as its output file format, only logging 45 unique authentication attempts. full TCP/IP reassembly is 46 provided by libnids(3) (likewise for the following tools as 47 well). 48 49filesnarf 50 saves selected files sniffed from NFS traffic in the current 51 working directory. 52 53macof 54 flood the local network with random MAC addresses (causing 55 some switches to fail open in repeating mode, facilitating 56 sniffing). a straight C port of the original Perl Net::RawIP 57 macof program. 58 59mailsnarf 60 a fast and easy way to violate the Electronic Communications 61 Privacy Act of 1986 (18 USC 2701-2711), be careful. outputs 62 selected messages sniffed from SMTP and POP traffic in Berkeley 63 mbox format, suitable for offline browsing with your favorite 64 mail reader (mail -f, pine, etc.). 65 66msgsnarf 67 record selected messages from sniffed AOL Instant Messenger, 68 ICQ 2000, IRC, and Yahoo! Messenger chat sessions. 69 70sshmitm 71 SSH monkey-in-the-middle. proxies and sniffs SSH traffic 72 redirected by dnsspoof(8), capturing SSH password logins, and 73 optionally hijacking interactive sessions. only SSH protocol 74 version 1 is (or ever will be) supported - this program is far 75 too evil already. 76 77sshow 78 SSH traffic analysis tool. analyzes encrypted SSH-1 and SSH-2 79 traffic, identifying authentication attempts, the lengths of 80 passwords entered in interactive sessions, and command line 81 lengths. 82 83tcpkill 84 kills specified in-progress TCP connections (useful for 85 libnids-based applications which require a full TCP 3-whs for 86 TCB creation). 87 88tcpnice 89 slow down specified TCP connections via "active" traffic 90 shaping. forges tiny TCP window advertisements, and optionally 91 ICMP source quench replies. 92 93urlsnarf 94 output selected URLs sniffed from HTTP traffic in CLF 95 (Common Log Format, used by almost all web servers), suitable 96 for offline post-processing with your favorite web log 97 analysis tool (analog, wwwstat, etc.). 98 99webmitm 100 HTTP / HTTPS monkey-in-the-middle. transparently proxies and 101 sniffs web traffic redirected by dnsspoof(8), capturing most 102 "secure" SSL-encrypted webmail logins and form submissions. 103 104webspy 105 sends URLs sniffed from a client to your local Netscape 106 browser for display, updated in real-time (as the target 107 surfs, your browser surfs along with them, automagically). 108 a fun party trick. :-) 109 110-d. 111 112--- 113http://www.monkey.org/~dugsong/ 114