Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
get plain passwords with tcpdump

Capture SMTP Email

tcpdump -nn -l port 25 | grep -i 'MAIL FROM\|RCPT TO'

Extract HTTP Passwords in POST Requests

tcpdump -s 0 -A -n -l | egrep -i "POST /|pwd=|passwd=|password=|Host:"

Capture FTP Credentials and Commands

tcpdump -nn -v port ftp or ftp-data

Capture all plaintext passwords

tcpdump port http or port ftp or port smtp or port imap or port pop3 or port telnet -l -A | egrep -i -B5 'pass=|pwd=|log=|login=|user=|username=|pw=|passw=|passwd=|password=|pass:|user:|username:|password:|login:|pass |user '
@Michael-A-I

This comment has been minimized.

Copy link

@Michael-A-I Michael-A-I commented Aug 28, 2020

I'm doing a hack the box challenge. Theoretically will the final command (Capture all plaintext passwords) work to capture passwords if I am connected to htb via vpn?

@AysadKozanoglu

This comment has been minimized.

Copy link
Owner Author

@AysadKozanoglu AysadKozanoglu commented Dec 4, 2020

I'm doing a hack the box challenge. Theoretically will the final command (Capture all plaintext passwords) work to capture passwords if I am connected to htb via vpn?

If you want to catch on htb or any other platform you have play the role as middleware to catch the passwords.

In other words:
The traffic must be routed from the (your) machine where you run the last command to get/catch the plain passwords.

source your machine destination

Only in this case you can catch the plain text

You have to play the middleware route role for traffic between source and destination

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment