Intercepter-NG снифер

Discussion in 'Soft - Windows' started by vasykas, 12 Jan 2013.

  1. Intercepter

    Intercepter Member

    Joined:
    10 Jul 2013
    Messages:
    61
    Likes Received:
    44
    Reputations:
    6
    ты не скрины делай, а .pcap прикладывай.
     
    binarymaster likes this.
  2. BabaDook

    BabaDook Level 8

    Joined:
    9 May 2015
    Messages:
    1,026
    Likes Received:
    1,420
    Reputations:
    53
    акулой заснифирить момент авторизации?
     
  3. Intercepter

    Intercepter Member

    Joined:
    10 Jul 2013
    Messages:
    61
    Likes Received:
    44
    Reputations:
    6
    угу
     
  4. BabaDook

    BabaDook Level 8

    Joined:
    9 May 2015
    Messages:
    1,026
    Likes Received:
    1,420
    Reputations:
    53
  5. Intercepter

    Intercepter Member

    Joined:
    10 Jul 2013
    Messages:
    61
    Likes Received:
    44
    Reputations:
    6
    там не бейсик, а MD5.
     
  6. BabaDook

    BabaDook Level 8

    Joined:
    9 May 2015
    Messages:
    1,026
    Likes Received:
    1,420
    Reputations:
    53
    Такое тоже наверное не должно быть, логин в открытом виде+ тут он указан не верный
     

    Attached Files:

  7. Intercepter

    Intercepter Member

    Joined:
    10 Jul 2013
    Messages:
    61
    Likes Received:
    44
    Reputations:
    6
    Ну ты слева то прочитай, что написано :)
     
  8. BabaDook

    BabaDook Level 8

    Joined:
    9 May 2015
    Messages:
    1,026
    Likes Received:
    1,420
    Reputations:
    53
    host 192.168.1.254. username 192.168.1.254> или что прочитать?
     
  9. Intercepter

    Intercepter Member

    Joined:
    10 Jul 2013
    Messages:
    61
    Likes Received:
    44
    Reputations:
    6
    web site visited, никакого отношения к авторизации эта запись не имеет.
     
  10. BabaDook

    BabaDook Level 8

    Joined:
    9 May 2015
    Messages:
    1,026
    Likes Received:
    1,420
    Reputations:
    53
    что-то я туплю, то есть данный вид авторизациисофт полностью не поддерживает
     
  11. binarymaster

    binarymaster Elder - Старейшина

    Joined:
    11 Dec 2010
    Messages:
    4,304
    Likes Received:
    8,630
    Reputations:
    114
    Digest MD5 авторизацию только брутить можно. Но не помню, поддерживает ли её тот же John.

    Кстати, помню я предлагал ввести так называемую атаку WWW-Auth Downgrade (подмена Digest, NTLM и других HTTP авторизаций на Basic).
     
  12. BabaDook

    BabaDook Level 8

    Joined:
    9 May 2015
    Messages:
    1,026
    Likes Received:
    1,420
    Reputations:
    53
    Z
    Я понял, я о другом, я о том что программа отображает не правильно , то есть можно просто в поле усернаме отображать имя, оно там в открытом виде, а в поля пасс или хеш, или тип авторизации, или просто чёрное поле, мне кажется так было бы круче.
     

    Attached Files:

  13. binarymaster

    binarymaster Elder - Старейшина

    Joined:
    11 Dec 2010
    Messages:
    4,304
    Likes Received:
    8,630
    Reputations:
    114
    А, с этим кстати согласен.
     
  14. Intercepter

    Intercepter Member

    Joined:
    10 Jul 2013
    Messages:
    61
    Likes Received:
    44
    Reputations:
    6
    Добавлю, если на примере высланного .pcap'а сгенеришь хеш для джона.
     
    BabaDook likes this.
  15. binarymaster

    binarymaster Elder - Старейшина

    Joined:
    11 Dec 2010
    Messages:
    4,304
    Likes Received:
    8,630
    Reputations:
    114
    Code:
    Authorization: Digest username="admin", realm="RV6688BCM", nonce="a40b553f67e0c2ca61f35b5dd68a43d4", uri="/index.htm", algorithm=MD5, response="486d652af91f0f5f1ecd0d1dc23e8dfe", qop=auth, nc=00000010, cnonce="cca1263ddd7c496a"
    
    temp_hash.txt >>
    admin:$DIGEST-MD5$$RV6688BCM$a40b553f67e0c2ca61f35b5dd68a43d4$/index.htm$cca1263ddd7c496a$00000010$auth$486d652af91f0f5f1ecd0d1dc23e8dfe
    На джумбе брутится успешно:
    Code:
    Loaded 1 password hash (dmd5, DIGEST-MD5 C/R [MD5 32/32])
    Will run 4 OpenMP threads
    Press 'q' or Ctrl-C to abort, almost any other key for status
    0g 0:00:00:00 DONE (2016-10-27 21:58) 0g/s 58.82p/s 58.82c/s 58.82C/s admin
    Session completed
     
  16. BabaDook

    BabaDook Level 8

    Joined:
    9 May 2015
    Messages:
    1,026
    Likes Received:
    1,420
    Reputations:
    53
    О, парни, вы боги.
     
  17. Intercepter

    Intercepter Member

    Joined:
    10 Jul 2013
    Messages:
    61
    Likes Received:
    44
    Reputations:
    6
    пароль какой?
     
  18. binarymaster

    binarymaster Elder - Старейшина

    Joined:
    11 Dec 2010
    Messages:
    4,304
    Likes Received:
    8,630
    Reputations:
    114
    "admin", судя по всему.

    Или я не совсем верно интерпретировал вывод John'а?
     
  19. Intercepter

    Intercepter Member

    Joined:
    10 Jul 2013
    Messages:
    61
    Likes Received:
    44
    Reputations:
    6
    не верно, он не сбрутил пароль.
     
  20. binarymaster

    binarymaster Elder - Старейшина

    Joined:
    11 Dec 2010
    Messages:
    4,304
    Likes Received:
    8,630
    Reputations:
    114
    Тогда вопрос к @BabaDook