data theft tests 2

Publié le par Kareldjag

Data theft via sniffing:


f. with a command line sniffer (currently detected by none antivirus on Virus Total):

We run (locally) the sniffer and connect to the web mail.



g. with Sniffer (Renamed, not detected by antivirus on Virus Total):

We run (locally) the sniffer and connect to the web mail.

Here the message hooks of the sniffer (with IceSword):



and some captured data while connecting to the web mail:



Here we can get more information about the cookies (and then the password):




h. with ngSniff:


With this known sniffer (scan on Virus Total), we capture packets from the host H1 with the IP 192.168.a.b of the computer A and the host H2 with the IP 192.168.b.c of the machine B.
The product is installed on A and the sniffer is launched from B.

i. Instant Messaging sniffing:

Here we use a free tool unknown from AVs database and which has the ability to sniff instant messenging conversations (MSN, Yahoo, IRC etc).




NB. For more information about security and instant messenging in general:

- "Securing Instant Messanging" by Symantec,

- For a deep study, it can be suited to take a look at M. Mannan papers and research, especially the diploma thesis.






Publié dans METHODOLOGY

Pour être informé des derniers articles, inscrivez vous :

Commenter cet article

xav 08/10/2006 12:33

Bonjour,

Félicitations pour votre site qui est vraiment bien conçu! J'ai créé un annuaire de blogs et si vous souhaitez vous y inscrire voici l'adresse: http://netblog.site.cx !

Bonne continuation