• Search by Module
• Search by Words
• Search Projects

• Java
• Python
• JavaScript
• TypeScript
• C++
• Scala
• Blog

Project: net-creds (GitHub Link)

• net-creds-master
  • LICENSE
  • net-creds.py
  • README.md
  • requirements.txt
  • .gitignore

Thoroughly sniff passwords and hashes from an interface or pcap file. Concatenates fragmented packets and does not rely on ports for service identification.

Screenshots

Sniffs

• URLs visited
• POST loads sent
• HTTP form logins/passwords
• HTTP basic auth logins/passwords
• HTTP searches
• FTP logins/passwords
• IRC logins/passwords
• POP logins/passwords
• IMAP logins/passwords
• Telnet logins/passwords
• SMTP logins/passwords
• SNMP community string
• NTLMv1/v2 all supported protocols: HTTP, SMB, LDAP, etc.
• Kerberos

Examples

Auto-detect the interface to sniff

sudo python net-creds.py

Choose eth0 as the interface

sudo python net-creds.py -i eth0

Ignore packets to and from 192.168.0.2

sudo python net-creds.py -f 192.168.0.2

Read from pcap

python net-creds.py -p pcapfile

OS X

Credit to epocs:

sudo easy_install pip
sudo pip install scapy
sudo pip install pcapy
brew install libdnet --with-python
mkdir -p /Users/<username>/Library/Python/2.7/lib/python/site-packages
echo 'import site; site.addsitedir("/usr/local/lib/python2.7/site-packages")' >> /Users/<username>/Library/Python/2.7/lib/python/site-packages/homebrew.pth
sudo pip install pypcap
brew tap brona/iproute2mac
brew install iproute2mac

Then replace line 74 '/sbin/ip' with '/usr/local/bin/ip'.

Thanks

• Laurent Gaffie
• psychomario