Jump to content

live ftp output of tcpdump and urlsnarf to a remote computer


Recommended Posts

Posted (edited)

You could try to mount the ftp server so you can access it like any other directory.

You should be able to to that using something like http://curlftpfs.sourceforge.net/

I haven't tested this with the Pineapple Kernel so I have no idea whether it actually works, but it's worth a try

Maybe I'm overthinking it and your command might work just as well

For your error about curl missing, have you tried installing it? (apt-get install curl)

Regards,

Edited by Dazzle
Posted

I use the following which is at least more secure than the ftp solution:

tail -f file-on-pineapple.log | ssh username@remoteshell "cat >> file-on-ssh-server.log"

If you have setup your ssh connection right you will not be prompted for a password.

Other options to look at are rsync and nc (netcat). The latter has a nice tutorial in the Hak5 channel on Youtube.

Posted (edited)

Nope, urlsnarf doesn't provide that option. You can schedule the following script to run for instance every 15 minutes:

#!/bin/sh
logger "Clean-up Script Executed"

# q = threshold in bytes
q=52428800
w=`ls -la /sd/urlsnarf.log | awk '{print $5}'`
if [ $w -ge $q ]; then
	logger "Log over threshold, zip and truncate"
	DATE=$(date +"%Y%m%d%H%M")
	gzip -f /sd/urlsnarf.log
	mv /sd/urlsnarf.log.gz /sd/$DATE.urlsnarf.log.gz
	echo "Log truncated" > /sd/urlsnarf.log
else
	logger "Log looking good"
fi
Edited by Sailor

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...