Mutt
Professional
- Messages
- 1,457
- Reaction score
- 1,266
- Points
- 113
Good day, folks, in this article we'll talk about Net-Creds.
Net-Creds carefully sniffs passwords and hashes from the interface or from the pcap file. Consolidates fragmented packets and does not rely on ports to identify a service.
Sniffs:
Installing Net-Creds
Installation on Linux:
Installation on OSX:
Then replace line 74 '/ sbin / ip' with '/ usr / local / bin / ip'.
Net-Creds startup examples
Automatically detect interface for sniffing:
Select eth0 as interface:
Ignore packets to and from 192.168.0.2:
Read from pcap:
Net-Creds Help
Usage:
Optional arguments:
Screenshots of Net-Creds
Screenshots of Net-Creds
Net-Creds carefully sniffs passwords and hashes from the interface or from the pcap file. Consolidates fragmented packets and does not rely on ports to identify a service.
Sniffs:
- Visited URLs
- sent POST requests
- logins / passwords from HTTP forms
- logins / passwords for basic HTTP authentication
- HTTP searches
- FTP logins / passwords
- IRC logins / passwords
- POP logins / passwords
- IMAP logins / passwords
- Telnet logins / passwords
- SMTP logins / passwords
- SNMP community string
- all supported protocols NTLMv1 / v2 like HTTP, SMB, LDAP, etc.
- Kerberos
Installing Net-Creds
Installation on Linux:
Code:
git clone https://github.com/DanMcInerney/net-creds.git
cd net-creds/
./net-creds.pyInstallation on OSX:
Code:
sudo easy_install pip
sudo pip install scapy
sudo pip install pcapy
brew install libdnet --with-python
mkdir -p /Users/<username>/Library/Python/2.7/lib/python/site-packages
echo 'import site; site.addsitedir("/usr/local/lib/python2.7/site-packages")' >> /Users/<username>/Library/Python/2.7/lib/python/site-packages/homebrew.pth
sudo pip install pypcap
brew tap brona/iproute2mac
brew install iproute2macNet-Creds startup examples
Automatically detect interface for sniffing:
Code:
sudo python net-creds.pySelect eth0 as interface:
Code:
sudo python net-creds.py -i eth0Ignore packets to and from 192.168.0.2:
Code:
sudo python net-creds.py -f 192.168.0.2Read from pcap:
Code:
python net-creds.py -p pcapfileNet-Creds Help
Usage:
Code:
net-creds.py [-h] [-i INTERFACE] [-p PCAP] [-f FILTERIP] [-v]Optional arguments:
Code:
-h, --help show this help message and exit.
-i INTERFACE, --interface INTERFACE
Select interface
-p PCAP, --pcap PCAP Parse information from pcap file; -p <
pcap_file_name > -f FILTERIP, --filterip FILTERIP
Do not sniff packets from this IP address; -f
192.168.0.4
-v, --verbose Show full URLs and POST requests, rather than
truncate them at 100 charactersScreenshots of Net-Creds
Screenshots of Net-Creds
