Sniff-n-Spit v1.0 - intercepting communications

In: Connectivity , Data Sniffer , Sniff-n-Spit

13 March 2010

During Penetration testing it can be seen that thick-clients sometimes communicate with a server whose IP address is hardcoded in to it.The HTTP communication between such client and server is harder to intercept and test. Sniff-n-Snip is a very useful utility in such scenarios. It sniffs for HTTP packets from the client to server and forwards them to your favorite proxy (Burp, WebScarab, Paros etc).

User Input:

The tool expects the following user input:

Number of the listening interface. This number can be found using the "-l" switch.
Source IP, Source Port (optional), Destination IP, and Destination Port of the tcp session that is to be sniffed
Target IP and Target Port of the Interceptor Proxy. Typically values will be 127.0.0.1, 8080.
The tool can be forced to listen on promiscuous mode with the "-p" switch. This is OFF by default.

Requirements:

WinPcap should be installed on the system, the tool requires this library for sniffing packets.

Read the User Guide

More information: here

Thank you to Lavakumar Kuppan, from AnD Labs to sharing this tool with us.

Post scriptum

Download Sniff-n-Spit 1.0

Connectivity	25 April 2010 : Testing the systems highload with StressLinux v0.5.111 30 March 2010 : pwnat tool v0.2-beta released 27 March 2010 : pwnat tool v0.1-beta bypassing NAT 13 March 2010 : Sniff-n-Spit v1.0 - intercepting communications 11 March 2010 : Vordel SOAPbox for analyzing Webservices Security
Data Sniffer	7 May 2010 : WireShark 1.2.8 released 12 April 2010 : Suricata v0.8.1 released 9 April 2010 : CSniffer Command Line Network Sniffer v1.0.0.3 released 7 April 2010 : TCPDump v4.1.1 and LIBPCap v1.1.1 released 1 April 2010 : WireShark 1.2.7 released
Sniff-n-Spit

Sniff-n-Spit v1.0 - intercepting communications

Post scriptum

Related Articles

Follow us

Like us !

Most Read

Advertising

License

Categories

COMPANY

STANDARDS

RECENT POSTS

MENU