Password sniffing with Metasploit

A packet sniffer is a computer program that intercepts and logs traffic passing over a network.
The sniffer captures each packet, decodes the packet’s raw data, showing the values of various
fields in the packet, and analyzes its content. If network communications are not encrypted (ssl)
then it is possible to intercept communications and capture passwords that are transmitted in
plain text.
psnuffle
Metasploit password sniffing module named ‘psnuffle‘ and will sniff passwords off the wire
similar to the tool dsniff. It currently supports pop3, imap, ftp, and HTTP GET. Using the
psnuffle‘ module is extremely simple. Just select it and run it. To select psnuffle execute,

use auxiliary/sniffer/psnuffle

There are some options available. You can specify the filter string for
capturing traffic, the name of the interface, the name of the PCAP capture file to process, a
comma-delimited list of protocols, the number of bytes to capture and the number of seconds to
wait for new data.

 
This post is part of my article about metasploit which was originally published in PenTest Magazine, August issue.

%d bloggers like this: