Thoroughly sniff passwords and hashes from an interface or pcap file. Concatenates fragmented packets and does not rely on ports for service identification.
Sniffs
Examples
- URLs visited
- HTTP site logins/passwords
- HTTP Basic Auth
- FTP logins/passwords
- IRC logins/passwords
- POP logins/passwords
- IMAP logins/passwords
- SMTP logins/passwords
- SNMP community string
- NTLM challenge and response hashes
- Kerberos (untested, I have no pcaps)
Auto-detect the interface to sniff
Choose eth0 as the interfaceCode:Select Allsudo python net-creds.py
Read from pcapCode:Select Allsudo python net-creds.py -i eth0
ThanksCode:Select Allsudo python net-creds.py -p pcapfile
- Laurent Gaffie writer of PCredz
- psychomario writer of ntlmsspparser
net-creds 1.0
Sniffs sensitive data from interface or pcap
- Watchers:
- This resource is being watched by 59 members.