Jump to content

Trouble analyzing a pcap


sirgregg
 Share

Recommended Posts

I was doing some arpspoofing/sniffing at a coffeeshop the other day, just to see if it really works outside my house. I got around 200mb of packets with wireshark, and then fed it to dsniff to try and extract something. It spat out something quite strange:

#garbagegarbage# ntp:AUTHINFO user someuser AUTHINFO pass somepass #garbagegarbage#

Does it ring any bells? Can anyone identify the protocol, authorization type or anything? How could I find the actual packet in wireshark?

Link to comment
Share on other sites

I was doing some arpspoofing/sniffing at a coffeeshop the other day, just to see if it really works outside my house. I got around 200mb of packets with wireshark, and then fed it to dsniff to try and extract something. It spat out something quite strange:

#garbagegarbage# ntp:AUTHINFO user someuser AUTHINFO pass somepass #garbagegarbage#

Does it ring any bells? Can anyone identify the protocol, authorization type or anything? How could I find the actual packet in wireshark?

was it ntp or nntp? NTP is network time protocol, not to ointerseting caus ethats all it is is time in GMT or whatever. nntp is network news transport protocol, and is for news readers, like Usenet stuff.
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...