RE: Snarf files from a sniff dump

From: nodialtone (nodialtone@comcast.net)
Date: Sat Feb 25 2006 - 11:36:00 EST


On Sat, 2006-02-25 at 08:00, Shenk, Jerry A wrote:
> Ethereal will do that. If you right-click on a packet, you can "follow
> TCP stream". Depending what your goal is, that may be enough. If it is
> a text document, you'll clearly see the text.
>
> If it's not a text document, you will probably need to work a little
> harder. I've never done what you're talking about for a printer file
> but I'm guessing that you're gonna see pretty much a raw printer data
> stream that can simply be sent back to the printer to get a printed
> output.
>
>
> -----Original Message-----
> From: 4secure@web.de [mailto:4secure@web.de]
> Sent: Friday, February 24, 2006 8:19 AM
> To: pen-test@securityfocus.com
> Subject: Snarf files from a sniff dump
>
> Hi List Members!
>
>
> I am looking for a tool to snarf files (e.g. Word documents etc.) from a
> sniff dump (e.g. ethereal or tcpdump) in an M$ Windows LAN (SMB) or
> between a client and a printer (PS, PCL etc.). Does someone know such
> tools (I know Dsniff, but it is not exactly what I am looking for)?
>
> Thanks!
>
> Istvan
>

Istvan,

Have a look at ettercap. Another nice little utlity to sniff packets on
your lan. Has some nice features built in.

-- 
Unique Security Forums at:
http://www.iatechconsulting.com
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 
Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:34 EDT