Jump to content

Dsniff- All But One Command Is Working Correctly

pjsjr627

By pjsjr627
in Security

 Share

Recommended Posts

pjsjr627 Newbie

pjsjr627

Posted
Posted

Hello,

So recently, i decided to experiment with dsniff and driftnet after Darren's episode covering them. I am using the following system to experiment:

-Virtual Box 4.0.10

-VM of Ubuntu 11.04

-bridged network connection between VM and physical hardware

-Virtual Box installed on a physical Windows 7 64bit machine.

I begin by enabling packet forwarding, then my two arpspoof commands in separate tabs.

With this done, I can run urlsnarf, mailsnarf, msgsnarf, and driftnet without issue. The traffic from the "attacked" machine is correctly displayed in all scenarios. I run into an issue when i try to issue a "dsniff -i eth0" command. I get the following:

root@jacob-Ubuntu:/home/jacob# dsniff -i eth0

dsniff: listening on eth0

-----------------

07/14/11 21:33:20 udp laptop01.local.63902 -> 10.10.0.30.161 (snmp)

[version 1]

public

-----------------

07/14/11 21:33:25 udp laptop01.local.63902 -> 10.10.0.30.161 (snmp)

[version 1]

public

Leptop01 is the machine I am sniffing.

Unlike in the episode, it will never show the url/un/pw that is flowing over the connection. I used Darren's example and tried logging into one of my ftp sites (so I know it is clear text) and I don't see the data listed. without doing anything, it will just keep populating those same

07/14/11 21:33:25 udp laptop01.local.63902 -> 10.10.0.30.161 (snmp)

[version 1]

public

over and over again until i stop it.

I have tried to research this extensively by watching videos and reading everything I can find on the topic and have not been able to solve it. The only suspicion I have is I found someone with a similar problem and it was caused by vmware he was running, or so he says. When he switched to running ubuntu on a physical machine as the base OS, the problems went away, but correlation does not equal causation! Any pointers of areas I can research or try to solve this?

Thanks so much in advance!

Link to comment
Share on other sites
Infiltrator Newbie

Infiltrator

Posted
Posted (edited)

Don't know if this will make a difference, but have you tried using the latest version of Vmware.

Edit: Also make sure you set your VM interface to bridged mode as well.

Edited by Infiltrator
Link to comment
Share on other sites
pjsjr627 Newbie

pjsjr627

Posted
  • Author
Posted

Don't know if this will make a difference, but have you tried using the latest version of Vmware.

Edit: Also make sure you set your VM interface to bridged mode as well.

Thanks, I am using the latest version of virtual box. Should I try VMware instead? I have an ubuntu install on my ESX box I can try it on.

Link to comment
Share on other sites
Infiltrator Newbie

Infiltrator

Posted
Posted

Thanks, I am using the latest version of virtual box. Should I try VMware instead? I have an ubuntu install on my ESX box I can try it on.

I've never used Virtualbox before, but you could try out VMware and see if that works, make sure you set your VM interface to bridged mode.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...