Quick and dirty tcpdump credential (username/password) sniffer
I’ve been playing the last months with mobile pentesting within the Android platform. As I’ve been able to setup tcpdump-arm
on my android phone, I began fooling around with it. I was trying to cross-compile Dug Song’s dsniff into armle
architechture but it was only giving me headaches within the libnet/libnids dependencies and stuff.
So I wrote a quick one-liner to dump potential credentials (username/password) flowing in plaintext over the line:
And it works quite sufficiently:
Its not BY FAR efficient as dsniff, but can help out sometimes!
[…] Source […]
[…] Source […]