Dimanche 20 août 2006
Data theft via sniffing:
f. with a command line sniffer (currently detected by none antivirus on Virus Total):
We run (locally) the sniffer and connect to the web mail.
g. with Sniffer (Renamed, not detected by antivirus on Virus Total):
We run (locally) the sniffer and connect to the web mail.
Here the message hooks of the sniffer (with IceSword):
and some captured data while connecting to the web mail:
Here we can get more information about the cookies (and then the password):
h. with ngSniff:
With this known sniffer (scan on Virus Total), we capture packets from the host H1 with the IP 192.168.a.b of the computer A and the host H2 with the IP 192.168.b.c of the machine B.
The product is installed on A and the sniffer is launched from B.
i. Instant Messaging sniffing:
Here we use a free tool unknown from AVs database and which has the ability to sniff instant messenging conversations (MSN, Yahoo, IRC etc).
NB. For more information about security and instant messenging in general:
- "Securing Instant Messanging" by Symantec,
- For a deep study, it can be suited to take a look at M. Mannan papers and research, especially the diploma thesis.
f. with a command line sniffer (currently detected by none antivirus on Virus Total):
We run (locally) the sniffer and connect to the web mail.
g. with Sniffer (Renamed, not detected by antivirus on Virus Total):
We run (locally) the sniffer and connect to the web mail.
Here the message hooks of the sniffer (with IceSword):
and some captured data while connecting to the web mail:
Here we can get more information about the cookies (and then the password):
h. with ngSniff:
With this known sniffer (scan on Virus Total), we capture packets from the host H1 with the IP 192.168.a.b of the computer A and the host H2 with the IP 192.168.b.c of the machine B.
The product is installed on A and the sniffer is launched from B.
i. Instant Messaging sniffing:
Here we use a free tool unknown from AVs database and which has the ability to sniff instant messenging conversations (MSN, Yahoo, IRC etc).
NB. For more information about security and instant messenging in general:
- "Securing Instant Messanging" by Symantec,
- For a deep study, it can be suited to take a look at M. Mannan papers and research, especially the diploma thesis.