Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Snarf files from a sniff dump

from [Nagareshwar Talekar] Network Security [Permanent Link]
Subject: Re: Snarf files from a sniff dump
Date: Mon, 27 Feb 2006 12:32:25 +0530 
Hi

    Try filesnarf from the dsniff package...that copies files
transfered over the network to the disk...




On 2/27/06, Jim Morgan <peripatetic@myrealbox.com> wrote:

At 25/02/2006 21:00, you wrote:

I am looking for a tool to snarf files (e.g. Word documents etc.) from a
sniff dump (e.g. ethereal or tcpdump) in an M$ Windows LAN (SMB) or
between a client and a printer (PS, PCL etc.). Does someone know such
tools (I know Dsniff, but it is not exactly what I am looking for)?


http://tcpxtract.sourceforge.net/

tcpxtract is a tool for extracting files from network traffic based
on file signatures. Extracting files based on file type headers and
footers (sometimes called "carving") is an age old data recovery
technique. Tools like Foremost employ this technique to recover files
from arbitrary data streams. Tcpxtract uses this technique
specifically for the application of intercepting files transmitted
across a network. Other tools that fill a similar need are driftnet
and EtherPEG. driftnet and EtherPEG are tools for monitoring and
extracting graphic files on a network and is commonly used by network
administrators to police the internet activity of their users. The
major limitations of driftnet and EtherPEG is that they only support
three filetypes with no easy way of adding more. The search technique
they use is also not scalable and does not search across packet
boundries. tcpxtract features the following:
Supports 26 popular file formats out-of-the-box. New formats can be
added by simply editing its config file.
With a quick conversion, you can use your old Foremost config file
with tcpxtract.
Custom written search algorithm is lightning fast and very scalable.
Search algorithm searches across packet boundries for total coverage
and forensic quality.
Uses libpcap, a popular, portable and stable library for network data capture.
Can be used against a live network or a tcpdump formatted capture file.


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:

Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers 
do!
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------





--
With Regards
Nagareshwar

------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Snarf files from a sniff dump, Craig Wright
Next by Date:  Re: Windows Administrator access, ROB DIXON
Previous by Thread:  RE: Snarf files from a sniff dump, Jim Morgan
Next by Thread:  RE: Snarf files from a sniff dump, 4secure
Indexes:  [Date] [Thread] [Top] [All Lists]