Capture SMTP Email
tcpdump -nn -l port 25 | grep -i 'MAIL FROM\|RCPT TO'
Extract HTTP Passwords in POST Requests
tcpdump -s 0 -A -n -l | egrep -i "POST /|pwd=|passwd=|password=|Host:"
Capture FTP Credentials and Commands
tcpdump -nn -v port ftp or ftp-data
Capture all plaintext passwords
tcpdump port http or port ftp or port smtp or port imap or port pop3 or port telnet -l -A | egrep -i -B5 'pass=|pwd=|log=|login=|user=|username=|pw=|passw=|passwd=|password=|pass:|user:|username:|password:|login:|pass |user '
I'm doing a hack the box challenge. Theoretically will the final command (Capture all plaintext passwords) work to capture passwords if I am connected to htb via vpn?