what you don't know can hurt you
Showing 1 - 17 of 17 RSS Feed

Files from Dug Song

Email addressdugsong at monkey.org
First Active1999-12-21
Last Active2004-06-18
dsniff-2.4b2.tar.gz
Posted Jun 18, 2004
Authored by Dug Song | Site monkey.org

dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a powerful sniffer which automatically detects and parses many protocols, only saving the interesting bits. filesnarf saves files sniffed from network file system traffic. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time.

Changes: This particular version is a modified release by Michael Robin that has been migrated to work with libnet 1.2 libraries. Includes a new tool called filenamesnarf.
tags | tool, local, sniffer, tcp, protocol
MD5 | 7642a9227c2d293a0078e86faa8cca8d
fragroute-1.2.tar.gz
Posted Apr 23, 2002
Authored by Dug Song | Site monkey.org

Fragroute intercepts, modifies, and rewrites egress traffic destined for a specified host, implementing most of the attacks described in the Secure Networks "Insertion, Evasion, and Denial of Service: Eluding Network Intrusion Detection" paper of January 1998. It features a simple ruleset language to delay, duplicate, drop, fragment, overlap, print, reorder, segment, source-route, or otherwise monkey with all outbound packets destined for a target host, with minimal support for randomized or probabilistic behavior. Includes scripts to defeat even the current CVS snort IDS.

tags | denial of service
systems | unix
MD5 | 7e4de763fae35a50e871bdcd1ac8e23a
dsniff-2.3.tar.gz
Posted Dec 18, 2000
Authored by Dug Song | Site monkey.org

dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a powerful sniffer which automatically detects and parses many protocols, only saving the interesting bits. filesnarf saves files sniffed from network file system traffic. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time.

Changes: New programs: dnsspoof, msgsnarf, sshmitm, webmitm. Dnsspoof forges DNS queries and answers, msgsnarf records selected messages from sniffed AOL Instant Messenger, ICQ 2000, IRC, and Yahoo! Messenger chat sessions, sshmitm monkey-in-the-middle. proxies and sniffs SSH traffic redirected by dnsspoof(8), capturing SSH password logins, and optionally hijacking interactive sessions. webmitm transparently proxies and sniffs web traffic redirected by dnsspoof(8), capturing most "secure" SSL-encrypted webmail logins and form submissions. Also added VRRP, pcAnywhere 7, 9.x, SMTP, rexec, RPC ypserv, NNTPv2, Checkpoint Firewall-1 Session Authentication Agent, and Microsoft PPTP MS-CHAP (v1, v2) parsing to dsniff.
tags | tool, local, sniffer, tcp, protocol
MD5 | 43c0aa3fd57ba296e608b5475ec2cd76
blackhat-fw1.tgz
Posted Sep 1, 2000
Authored by Dug Song, John McDonald, Thomas Lopatic

A Stateful Inspection of FireWall-1 - In this advisory we summarize our findings from BlackHat 2000 on Checkpoint Firewall-1. It is susceptible to several trivial attacks against its inter-module authentication protocols, IP address verification has flaws, FWN1 and FWA1 is vulnerable to a replay attack, Fastmode vulnerabilities, FWZ Encapsulation vulnerabilities, and Stateful Inspection problems, and much more. Included in the tarball is the presentation in two formats, the technical documentation for the vulnerabilities, and the source code used in the demonstation.

tags | paper, vulnerability, protocol
MD5 | 91477466f1f877e3f89271565b27a371
dsniff-2.2.tar.gz
Posted Jun 19, 2000
Authored by Dug Song | Site monkey.org

dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a powerful sniffer which automatically detects and parses many protocols, only saving the interesting bits. filesnarf saves files sniffed from network file system traffic. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time.

Changes: New filesnarf program which saves files sniffed from network file system traffic, Rewrote HTTP decoding in dsniff, Alpha platform support, Fixed arp discovery in arpredirect on Linux, Added -m flag to enable automatic protocol detection in dsniff (based on the classic file(1) command), Added TDS (Sybase, Microsoft SQL Server) parsing to dsniff, and Added regular expression matching and POP support to mailsnarf.
tags | tool, local, sniffer, tcp, protocol
MD5 | 6b4529263d390149961cf3ca74d82141
dsniff-2.1.tar.gz
Posted May 22, 2000
Authored by Dug Song | Site monkey.org

dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time.

Changes: Add -c flag to specify half-duplex TCP stream reassembly in dsniff (better support for sniffing off switched ports using arpredirect), fixed OSPF parsing in dsniff, fixed webspy URL ignoring.
tags | tool, local, sniffer, tcp, protocol
MD5 | f1eb169bc13658b89fe119c265ffd5d4
dsniff-2.0.tar.gz
Posted May 18, 2000
Authored by Dug Song | Site monkey.org

dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time.

Changes: Major dsniff rewrite! Add configurable decode triggers and debug traps to dsniff, rewrote dsniff RPC framework, added portmap, NFS, mountd, PostgreSQL, Meeting Maker, poppass, RIP, OSPF parsing dsniff decoders. Made dsniff savefile format portable, fixed RSET handling in mailsnarf.
tags | tool, local, sniffer, tcp, protocol
MD5 | b6322963147707e15faefd579c5df794
dsniff-1.8.tar.gz
Posted Apr 11, 2000
Authored by Dug Song | Site monkey.org

dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time.

Changes: Added SOCKS parsing, pcanywhere parsing, SMB parsing, IRC parsing, and NAI sniffer parsing to dsniff.
tags | tool, local, sniffer, tcp, protocol
MD5 | a97ce1d9f2c192172497a42203fd475d
icadecrypt.c.txt
Posted Apr 1, 2000
Authored by Dug Song | Site monkey.org

icadecrypt cracks the weak hash encryption on stored Citrix ICA passwords (in appsrv.ini).

tags | exploit
MD5 | de9aa7ad940c82d0edd4703d36cd2948
dsniff-1.7.tar.gz
Posted Mar 30, 2000
Authored by Dug Song | Site monkey.org

dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time.

Changes: Dsniff can now parse Microsoft SMB, Citrix ICA, Oracle SQL*Net (v2/Net8), and LDAP. Other small bugfixes and improvements were made.
tags | tool, local, sniffer, tcp, protocol
MD5 | 9bb979704b84bc8cc1eb028f24fb080f
dsniff-1.6.tar.gz
Posted Mar 13, 2000
Authored by Dug Song | Site monkey.org

dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time.

Changes: Added parsing for Napster, AIM, ICQ (v2, v5), and CVS pserver. Now supports more non-glibc Linux systems missing ether_ntoa(). Unique HTTP authentication information by directory is now supported. dsniff now skips IMAP command tag, and doesn't rely on /etc/services.
tags | tool, local, sniffer, tcp, protocol
MD5 | c710c0ce1cc28dce0de6784076d33d11
dsniff-1.5.tar.gz
Posted Feb 22, 2000
Authored by Dug Song | Site monkey.org

dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time.

Changes: HTTP proxy fixes, manpages, telnet fix.
tags | tool, local, sniffer, tcp, protocol
MD5 | 7df8aa33816cabf1f3e3dce8c21d818c
ftp-ozone.c.txt
Posted Feb 22, 2000
Authored by Dug Song | Site monkey.org

Exploit for recent FW-1 FTP problems - Demonstrate a basic layer violation in "stateful" firewall inspection of application data (ftp within IP packets). Checkpoint alert about this vulnerability here.

tags | exploit
MD5 | 835a52a28c324e1d897fde567b0680d0
dsniff-1.4.tar.gz
Posted Feb 2, 2000
Authored by Dug Song | Site monkey.org

dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. tcpnice slows down specified in-progress TCP connections via "active" traffic shaping (useful for sniffing fast networks). forges tiny TCP window advertisements, and optionally ICMP source quench replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time.

Changes: New tcpnice program (Slows down traffic in a network via "active" tcp shaping. Added HTTP proxy support in dsniff, urlsnarf, webspy. Fixed mailsniff mbox formatting of ^From in message body, added NNTP processing to dsniff, and added the -v (verbose) flag to tcpkill and tcpnice.
tags | tool, local, sniffer, tcp, protocol
MD5 | d68209812190b953591b6288597e44ba
dsniff-1.3.tar.gz
Posted Jan 24, 2000
Authored by Dug Song | Site monkey.org

dsniff is a suite of utilities that are useful for penetration testing. It consists of the following programs: arpredirect intercepts packets from a target host on the LAN intended for another host on the LAN by forging ARP replies. findgw determines the local gateway of an unknown network via passive sniffing. macof floods the local network with random MAC addresses. tcpkill kills specified in-progress TCP connections. dsniff is a simple password sniffer which handles many protocols. mailsnarf outputs all messages sniffed from SMTP traffic in Berkeley mbox format. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time.

Changes: Addition of Berkeley db output file format to dsniff, as well as restricting logging to unique auth info, new tcpkill program, new dsniff manpage, DNS lookups in dsniff and urlsnarf, addition of HTTP Basic Authentication, Referer, and User-Agent logging to urlsnarf, improved RPC message parsing in dsniff, improved SMTP parsing in mailsnarf, improved HTTP 1.x parsing in dsniff, urlsnarf, and webspy. fixes for IMAP, Rlogin, Telnet option parsing in dsniff, and addition of X11 MIT-MAGIC-COOKIE parsing to dsniff.
tags | tool, local, sniffer, tcp, protocol
MD5 | 8a0c20553f6d7a2896dbc3d8d022e7d0
dsniff-1.2.tar.gz
Posted Jan 11, 2000
Authored by Dug Song | Site monkey.org

Dsniff contains several powerful new network tools, written for use in penetration testing. Arpredirect is a very effective way of sniffing traffic on a switch by forging arp replies. Findgw determines the local gateway of an unknown network via passive sniffing, which can be used in conjunction with arpredirect to intercept all outgoing traffic on a switch. Macof floods the network with random MAC addresses, causing some switches to fail in open repeating mode, facilitating sniffing. Dsniff is a simple password sniffer which parses passwords from many protocols, only saving the "interesting" bits. Mailsnarf is a fast and easy way to violate the Electronic Communications Privacy Act of 1986. Urlsnarf outputs all requested URL's from HTTP traffic. Webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time (as the target surfs, your browser surfs along with them, automagically).

Changes: Ported to FreeBSD, Add NFS mount parsing / RPC framework to dsniff, Add -i flag to specify interface to use.
tags | tool, web, local, sniffer, protocol
MD5 | c4a054c04386d779f58177b7087a2e14
dsniff-1.1.tar.gz
Posted Dec 21, 1999
Authored by Dug Song | Site monkey.org

Dsniff contains several powerful new network tools, written for use in penetration testing. Arpredirect is a very effective way of sniffing traffic on a switch by forging arp replies. Findgw determines the local gateway of an unknown network via passive sniffing, which can be used in conjunction with arpredirect to intercept all outgoing traffic on a switch. Macof floods the network with random MAC addresses, causing some switches to fail in open repeating mode, facilitating sniffing. Dsniff is a simple password sniffer which parses passwords from many protocols, only saving the "interesting" bits. Mailsnarf is a fast and easy way to violate the Electronic Communications Privacy Act of 1986. urlsnarf outputs all requested URL's from HTTP traffic. webspy sends URLs sniffed from a client to your local Netscape browser for display, updated in real-time (as the target surfs, your browser surfs along with them, automagically).

tags | tool, web, local, sniffer, protocol
MD5 | 198ec4a93db825aa178c9d15f17d2230
Page 1 of 1
Back1Next

File Archive:

July 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    34 Files
  • 2
    Jul 2nd
    15 Files
  • 3
    Jul 3rd
    9 Files
  • 4
    Jul 4th
    8 Files
  • 5
    Jul 5th
    2 Files
  • 6
    Jul 6th
    3 Files
  • 7
    Jul 7th
    1 Files
  • 8
    Jul 8th
    15 Files
  • 9
    Jul 9th
    15 Files
  • 10
    Jul 10th
    20 Files
  • 11
    Jul 11th
    17 Files
  • 12
    Jul 12th
    16 Files
  • 13
    Jul 13th
    2 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    20 Files
  • 16
    Jul 16th
    27 Files
  • 17
    Jul 17th
    7 Files
  • 18
    Jul 18th
    5 Files
  • 19
    Jul 19th
    12 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close