Sniff-n-Spit v1.0 - intercepting communications
During Penetration testing it can be seen that thick-clients sometimes communicate with a server whose IP address is hardcoded in to it.The HTTP communication between such client and server is harder to intercept and test. Sniff-n-Snip is a very useful utility in such scenarios. It sniffs for HTTP packets from the client to server and forwards them to your favorite proxy (Burp, WebScarab, Paros etc).
The tool expects the following user input:
- Number of the listening interface. This number can be found using the "-l" switch.
- Source IP, Source Port (optional), Destination IP, and Destination Port of the tcp session that is to be sniffed
- Target IP and Target Port of the Interceptor Proxy. Typically values will be 127.0.0.1, 8080.
- The tool can be forced to listen on promiscuous mode with the "-p" switch. This is OFF by default.
- WinPcap should be installed on the system, the tool requires this library for sniffing packets.
Read the User Guide
More information: here
Thank you to Lavakumar Kuppan, from AnD Labs to sharing this tool with us.