From: Subject: dsniff Date: Mon, 3 Feb 2003 20:52:19 +0100 MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_NextPart_000_0009_01C2CBC6.24A0DB40"; type="text/html" X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 This is a multi-part message in MIME format. ------=_NextPart_000_0009_01C2CBC6.24A0DB40 Content-Type: text/html; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable Content-Location: http://monkey.org/~dugsong/dsniff/ dsniff
=20

dsniff

latest release: dsniff-2.3.t= ar.gz=20 (CHANGES)
beta = snapshots=20

Abstract

dsniff is a collection of tools for network auditing = and=20 penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, = and=20 webspy passively monitor a network for interesting data (passwords, = e-mail,=20 files, etc.). arpspoof, dnsspoof, and macof facilitate the = interception of=20 network traffic normally unavailable to an attacker (e.g, due to = layer-2=20 switching). sshmitm and webmitm implement active monkey-in-the-middle = attacks=20 against redirected SSH and HTTPS sessions by exploiting weak bindings = in=20 ad-hoc PKI.=20

I wrote these tools with honest intentions - to audit my own = network, and=20 to demonstrate the insecurity of most network application protocols. = Please do=20 not abuse this software.=20

Documentation

In addition to man pages included in the = distribution, a=20 dsniff = Frequently-Asked=20 Questions document is also available.=20

Pour les francophones, Denis Ducamp a traduit les = manuels de=20 dsniff-2.3 en fran=E7ais.=20

Support

A mailing list for dsniff announcements and moderated=20 discussion is open to the public. To subscribe, send e-mail with the = word=20 "subscribe" in the body of the message to <dsniff-request@monkey.org&g= t;.=20

Further Reading

Recent presentations:=20 Recent press:=20
  • "Network=20 Monitoring with Dsniff, LinuxSecurity.com, May 2001.=20
  • "On=20 the lookout for dsniff, part 2, IBM DeveloperWorks, February = 2001.=20
  • "=20 On the lookout for dsniff", IBM DeveloperWorks, January 2001.=20
  • "dsniff=20 and SSH", O'Reilly Sysadmin News, December 2000.=20
  • "Attacks=20 Against SSH 1 and SSL", Slashdot, December 2000.=20
  • "The=20 End of SSL and SSH?", SecurityPortal, December 2000.=20
  • "Catch=20 Hackers in the Act", CNET Web Builder, December 2000.=20
  • "Why=20 Your Switched Network Isn't Secure", SANS Institute, September = 2000.=20
  • "Switched=20 networks lose their security advantage due to packet-capturing = tool",=20 InfoWorld magazine, May 2000.=20
  • "Th= ink=20 you're safe from sniffing?", Windows 2000 magazine, June 2000. =

dsniff around the world:=20

  • Brazil= =20
  • Chile=20
  • Chi= na=20
  • France<= /A>=20
  • Hungary=20
  • I= taly=20
  • Japan=20
  • Korea=20
  • Lithuania=20
  • Net= herlands=20
  • Russia=20
  • Slovakia=20
  • Switzerlan= d=20
  • Ukraine=20
  • Venezuela<= /A>=20
  • Yugoslavia =

Recent books that cover dsniff in some detail:=20

  • B. Hatch, G. Kurtz, J. Lee. Hacking = Linux=20 Exposed, McGraw-Hill, 2001.=20
  • S. McClure, J. Scambray, G. Kurtz. Hacking=20 Exposed, McGraw-Hill, 1999.=20
  • R. Russell, ed. Hack = Proofing Your=20 Network, Syngress Media, Inc., 2000.

Dug Song = <dugsong@monkey.org>
( hits)=20
------=_NextPart_000_0009_01C2CBC6.24A0DB40 Content-Type: image/gif Content-Transfer-Encoding: base64 Content-Location: http://monkey.org/~dugsong/img/monkey6.gif R0lGODlhfwBrAIf/AAAAAAAAVQAAqgAA/wAkAAAkVQAkqgAk/wBJAABJVQBJqgBJ/wBtAABtVQBt qgBt/wCSAACSVQCSqgCS/wC2AAC2VQC2qgC2/wDbAADbVQDbqgDb/wD/AAD/VQD/qgD//yQAACQA VSQAqiQA/yQkACQkVSQkqiQk/yRJACRJVSRJqiRJ/yRtACRtVSRtqiRt/ySSACSSVSSSqiSS/yS2 ACS2VSS2qiS2/yTbACTbVSTbqiTb/yT/ACT/VST/qiT//0kAAEkAVUkAqkkA/0kkAEkkVUkkqkkk /0lJAElJVUlJqklJ/0ltAEltVUltqklt/0mSAEmSVUmSqkmS/0m2AEm2VUm2qkm2/0nbAEnbVUnb qknb/0n/AEn/VUn/qkn//20AAG0AVW0Aqm0A/20kAG0kVW0kqm0k/21JAG1JVW1Jqm1J/21tAG1t VW1tqm1t/22SAG2SVW2Sqm2S/222AG22VW22qm22/23bAG3bVW3bqm3b/23/AG3/VW3/qm3//5IA AJIAVZIAqpIA/5IkAJIkVZIkqpIk/5JJAJJJVZJJqpJJ/5JtAJJtVZJtqpJt/5KSAJKSVZKSqpKS /5K2AJK2VZK2qpK2/5LbAJLbVZLbqpLb/5L/AJL/VZL/qpL//7YAALYAVbYAqrYA/7YkALYkVbYk qrYk/7ZJALZJVbZJqrZJ/7ZtALZtVbZtqrZt/7aSALaSVbaSqraS/7a2ALa2Vba2qra2/7bbALbb Vbbbqrbb/7b/ALb/Vbb/qrb//9sAANsAVdsAqtsA/9skANskVdskqtsk/9tJANtJVdtJqttJ/9tt ANttVdttqttt/9uSANuSVduSqtuS/9u2ANu2Vdu2qtu2/9vbANvbVdvbqtvb/9v/ANv/Vdv/qtv/ //8AAP8AVf8Aqv8A//8kAP8kVf8kqv8k//9JAP9JVf9Jqv9J//9tAP9tVf9tqv9t//+SAP+SVf+S qv+S//+2AP+2Vf+2qv+2///bAP/bVf/bqv/b////AP//Vf//qv///yH/C05FVFNDQVBFMi4wAwHo AwAh+QQJCAD/ACwAAAAAfwBrAAcI/AD/CRxIsKDBgwgTKlzIsKHDhxAjSmwIIEkbSba2TdzIEaI2 WSBDihxJsqTJkpIAqFx5sqXLlyE7JpRFpKbNmzhz6ty5c+VKnkCDCrUpEyHNoUiTEgEAAsRPpVCD Fj14NKrVm06JOFV5tevNqQatRRpLtqzZs2jTok1CIlKSlWrjyp1LFqzdjm1s/bO18q7fv4AFShLI V2Xgw4iLblupLbHjxw9X6oVMuXLBtwAmW94MWTLnz449gx79t3Bm0qjtplSpObXrjW1Ev54dMTZr 2rgfYj6du7dCn619Cx8IfLhxwsWPDzfNW7lv27edP/c5WHrv3QDaWO9Nwqf27fu4fWYHT5v5ePKv zX9Hnxq6yvXsSbs/H580dvr1QXf3np+0ePz9WabNf/AFqFobeQU3kHkAGjjVaislIUljA0G4UoEO ymTLfCuVIIlGHGKY4UbbaMehd/9VNOJUSTS2WIowqpTEihquZ2GMPs1II0cSDjRgRZKcKJ6OO0pk CwkE2VYdg0MWCZEtQXqYUgkvAkDhPzc26SRDbZRQUY+YrYbkQFWmSOSWB22TREZdaoSlRfud+c99 PpHgJpoGrZmQadUNRCd/eBYUpEK7BbdfjH0GOuedBv1oGEFZpsgonjpuA+VFA0F3ZqRmSrRNkNiV IOGVwlnURhJsteFmmfskYCTJnzEquCes3snamySJcopjimMypGuKItJWoqG7FrtSomneR8JFtjR7 qnhUCqdqQUwaC+OkBJmnZ5ruRZubJN5maq21wZYJALLJRuibJMtO9uu44mGLZYekLgRdsKl9iqpF 8FqL7rwAhOuQlyrV61u1/daJEJTyLuQovriVmDCOtnIEncHCaQPuxAT69fB22xzKsUoN86hSr84J mfC/HUGI8boj/ydnUXw652jMPv11oXME45ycXXEqp/LIEE+E2cy5IRwz0h0dbVzIMG4Ys19ODwer XjcnXLLRMg7HqWZD71rxRDsfDGOiUE/M8kRVFk1az9QZ9G6Mbvs/ZNrY8qXIctgw1u0QdGb/t/Y/ cFvLNNld52auSoP/k/a4h0cEYeOg0Un5Xv1G/tDjW4OW5eXIQT7VvUkLLuiyDWtTeIyaN8Rc55xt Uzi6kyOkprGtL8Qc6JbNx/KRjCOUNYy57wkobTeubYvq0fnId+ITMSewa1krfzL0/zyv7kQWTu8a do2bh/XqxU77kDahws6Ze5czl9fIrcKuzXzm03Yz79pDjtGdlkZpem/Q4Z1ARKY2AhruZa7ZjwAF orIS5IVW2vmUAemGN9RAKHoym5BAFucTRkEpCeQDkvpQY5viGSRCHxIU3XTXrOVZp2wSwUhChIQy B9VOZ2VRo9FutLEhIzXrIJzyG3jKxJcFws1DSUpRCXaUJQQKL0iHKsFkJjhC9LBrJTX0CNwukqIK 9mc1QiyI9rwYoGFt5FW0ChgZFdUQ9Mmsimz8GxYXGMe/taqOeMyjHvfIxz760TkBAQAh+QQJCAD/ ACwAAAAAfwBrAAcI/AD/CRxIsKDBgwgTKlzIsKHDhxAjSmy4zZaki5ImatwIUZusjyBDihxJsiTJ SABSqjTJsqVLkBwTyiJCs6bNmzhz6tSpUuXOn0CD1oyJcKbQo0iJ9EwJIqlToEQPGn1K9SYIACR6 Vt06NGpBa5HCih1LtqzZs2eLAGiURGUjtHDjyo3ktW5MSUn+aWsLoI3dv4AD/7sosE1KEtsEK148 cVvGf9tUPmZMuXJDwwDyWt7MuaCtw9o6i+YsebRpyiVS+j3NOjBmEqFby/YqqfTs2xxrq8bNe+Ln lCUS9x7eUFtPW8STL8y6W7lzg5gBBH9OXaDulMirP/+tOrb25Pu2mGPN/p24ttS2yxNHnzKJd/W8 o4+HP/x6ysn0b3NvLzz/bG3izeffbLawd9+As23Dl0pJ9IfgaQsCR96Dptl3IIWnGbdUGw5iyFlk S5XwnoebKbhUXySKto18h3UYlUW2xLiNi/lpE5qNhZ0IAH53RYgVCSVIMqF22mDUFpDtleCjSqtx ZAuLOpLQxojPSWKgjlhOt5GVJzIXIFY8OrcflmQO+ZCJPbUhpC2hWZREgGEmd9GSZKapUYRJmDnQ kz3FOZxf27BHAp066rmQfZLQWBCiVWa34n0zFljnhQ7t5+dB4aVHHGHWYbfnpO05tI14lyJ0XQnO 5TkQX/sTWpglldAxOVF0pbZGQox5YobfqKBmVqtKiE10XnuGtmZlpiVg1qRAV5J5a0LD7rilrLw5 FmSgmVE7ULN1GupYEstOpJKWs1mZRIN6SQJgcwKNCSoJl84YE6234dXWexpmNhC2vS5VLFHchWva k3p1mK972+zV74kl/MsRv6jK5h5C+5375cL8CYZZw60pWJA2wrmKMZYC06aSw5Rxmm6TIo+sY60a cYcyY5Kshhe8A0HpcpQwS5TvzIsp2MbQKv9D6M4hAsZdzzRnlyhBOiN9ItMP5Ut1ykNyK/VSONcl M27h5rt1nZqZ7CmBQSZxURvgHj02pUQtWO3aavsKlHDNbGuNdNkxgajvd4lFLTXQh2paHa9v94Ru TOjBpp7YiQu4EXd8a9fy2CVDxB6sz12M1duEG3Rd5dW5u6Mtbvd6NUHcOa6ezomhvjXpFJFKX7NN Koy061Wzl/lzkKf03qNIXx3t3/BBSfvlk9J+kDbyTQwfmschBL3ndfKeEF6Kc06du84PVPPI6lrf xpe/V+cqygknofeJ52K0tuerD3dl+gZBH7l0Tw/orveYwl6XyJQsWyhKPRZaVs1iZD0Bcs0ibUgW 0ZBzwNv5a18LUhVBglencFVwQJALl0XEMyW7vW9qKdreUmClv1D9Q3BYql9+IlQydwlJR9HJwt4H MeQ34T1PEg5sj42ylEJT2UkhgguSQDgorSIaJEIAbJeONPiPTJ0odP7pIdPk07WBMNGJouvJDu32 mjBxUIb0WZDxuuiZi43xQX7TXkOKFTz8eeg6MqzI2oSUmOC98UGv+eOemiXBpaAxjXB7SAmU5D6y gfEgfEEjyIxGwCiSCE12VMiCkFS9Rz6RXRNZYOyA6ENPGgQ9ftEGFhOyolVSiC95oaIpBcMvAHzG lbOECApzqZgrHZKXDIHgkX4JzOIMxpLFTKYyl8nMZjIkIAAh+QQJCAD/ACwAAAAAfwBrAAcI/AD/ CRxIsKDBgwgTKlzIsKHDhxAjSmwIIEkbSba2TdzIEaI2WSBDihxJsqTJkpIAqFx5sqXLlyE7JpRF pKbNmzhz6ty5c+VKnkCDCrUpEyHNoUiTEgEAAsRPpVCDFj14NKrVm06JOFV5tevNqQatRRpLtqzZ s2jTok1CIlKSlWrjyp1LFqzdjm1s/bO18q7fv4AFShLIV2Xgw4iLblupLbHjxw9X6oVMuXLBtwAm W94MWTLnz449gx79t3Bm0qjtplSpObXrjW1Ev54dMTZr2rgfYj6du7dCn619Cx8IfLhxwsWPDzfN W7lv27edP/c5WHrv3QDaWO9Nwqf27fu4fWYHT5v5ePKvzX9Hnxq6yvXsSbs/H580dvr1QXf3np+0 ePz9WabNf/AFqFobeQU3kHkAGjjVaislIUljA0G4UoEOymTLfCuVIIlGHGKY4UbbaMehd/9VNOJU STS2WIowqpTEihquZ2GMPs1II0cSDjRgRZKcKJ6OO0pkCwkE2VYdg0MWCZEtQXqYUgkvAkDhPzc2 6SRDbZRQUY+YrYbkQFWmSOSWB22TREZdaoSlRfud+c99PpHgJpoGrZmQadUNRCd/eBYUpEK7Bbdf jH0GOuedBv1oGEFZpsgonjpuA+VFA0F3ZqRmSrRNkNiVIOGVwlnURhJsteFmmfskYCTJnzEquCes 3snamySJcopjimMypGuKItJWoqG7FrtSomneR8JFtjR7qnhUCqdqQUwaC+OkBJmnZ5ruRZubJN5m aq21wZYJALLJRuibJMtO9uu44mGLZYekLgRdsKl9iqpF8FqL7rwAhOuQlyrV61u1/daJEJTyLuQo vriVmDCOtnIEncHCaQPuxAT69fB22xzKsUoN86hSr84JmfC/HUGI8boj/ydnUXw652jMPv11oXME 45ycXXEqp/LIEE+E2cy5IRwz0h0dbVzIMG4Ys19ODwerXjcnXLLRMg7HqWZD71rxRDsfDGOiUE/M 8kRVFk1az9QZ9G6Mbvs/ZNrY8qXIctgw1u0QdGb/t/Y/cFvLNNld52auSoP/k/a4h0cEYeOg0Un5 Xv1G/tDjW4OW5eXIQT7VvUkLLuiyDWtTeIyaN8Rc55xtUzi6kyOkprGtL8Qc6JbNx/KRjCOUNYy5 7wkobTeubYvq0fnId+ITMSewa1krfzL0/zyv7kQWTu8ado2bh/XqxU77kDahws6Ze5czl9fIrcKu zXzm03Yz79pDjtGdlkZpem/Q4Z1ARKY2AhruZa7ZjwAForIS5IVW2vmUAemGN9RAKHoym5BAFucT RkEpCeQDkvpQY5viGSRCHxIU3XTXrOVZp2wSwUhChIQyB9VOZ2VRo9FutLEhIzXrIJzyG3jKxJcF ws1DSUpRCXaUJQQKL0iHKsFkJjhC9LBrJTX0CNwukqIK9mc1QiyI9rwYoGFt5FW0ChgZFdUQ9Mms imz8GxYXGMe/taqOeMyjHvfIxz760TkBAQAh+QQJCAD/ACwAAAAAfwBrAAcI/AD/CRxIsKDBgwgT KhxoS9vChxAjSpxIsWJCAADa2NpmsaPHidpkiRxJsqTJkyhRRsKIsUSblDBjyhT5MaEsIjhz6tzJ s6dPnyBYsvxJtKhRnDUR3jzKtCkRjEGHOp1KNOnBpVSz6iQBgARXqFrD5rRq0Fqks2jTql3Lti3b JEUipWHZxq3du3jPkt3rcVsbjrZY8h1MuLBAh/8kYSRhuLHjpG0wJnlMubLEJBjbWN7M2SBmAJI6 i968jaWt0agfK+7KMbXrwds+T35Nm6ytr6Fr6/4YGWPu3cAnbivBEnHw4w9XAyjRGrlzhJ8zPp9u sDTL39SpBzadPbtflvskjHd3fptlkubjkSsHcD79c+J00bvfrU0o6Pnq7WPHXzu20BKn8bfbeuyJ J+BrvdF1oG7bCbXfgoTZIokk8hVEIAkBQljYNoqR0MaDA8HHUgkGakiWNpJEl5mB1gnVnol8SUjh VyNSOBCB0sG4V2wBqmieQ/7pp+NeSfyG43WS0LhYhkNatI02KDI2UH32VWlfEiU2uZAttiThYRJg ThiaNr19aGWVJFSoZUKSfPhPZG6uNqFkDpV3pmRrRpQiYhy2tl0b8Bl5Z2Z5PkRmlgLNyVJz2yhZ JYiFEjThQsppRtCgADAZqUFtFMmlhEwqRyJBjd5ZwqYLodgpCfsl2PiPLSLu16CVs6GqEIeSMBld eKQmaKWlth60jYTyrYfhlD6iiSiq2hRp0KwtTeglpr4Fe1Cn4gVJ7aCnWluQX0kE+N221GrqbWJh HklulcCeS5CM61KbprsIqRsvd/QeZO+97UakJoySiHivUFIutA2HbXQKpkb/HtjswPYdq1Cbgxa5 LH5UQnwdm8me6ayG+64Lqa8tLbyqkAsmqbF93RYErUYZcsShii/iR/LKXR3U4F+3qoznfOPiTLC5 ibkJEawbp0em0FYS/U/DCNF4MXAPM/2obeZ1V7WVJTgab7+8LUmdNl7TheLKYHuUMaQMlu1ba2jz 1Vutx/v5XCWABHW8bdoeKQd1aup6WKzGdCfVoNOuqRvuQRnf27JVdrI9GodnunotxIXXRHa1ugXt 4tSNr8u3R0nTtjV4kuc9cOoVle6atnRp+iRCoW/L+kQN3v6YNgIvB6JimQt0M6a66+n6aEgL1Qai VDJ3kNuVy40vanb7vuXPLsdbPESfzYta4x5Onauc+pLLK1mlsueaiIs/FNlXwf+j95V8Kbf9YPb/ TZDAmko4v/J86R7iHpO80dFOKAGyxfAGdT+F7Ex/honOAIUVneUtEFMTnIiIptaYnVnEWBDzXlKU Ez/KbC2D5RNaCSkiKhQWhoSvciFDmLZCiditgc/oE1HC2ieRFlnJK3uryXp4hhpoNbBZXkpCwib0 qdPdyYAKWVrWXpM8AEDQIBeDFrtQx0FJCQyKm0EaDlP1Pwr56mMODJh9iNgfSXSxIEkoARotNChg 4UiJDdEGl6CUot5h6Ira0aF4aqe8bLXBbV07k0uaxCH4GeeCNXvXIc2XKy3pUTm80qJ5/kamaVUp TICcD44ApLfl+euSYtLjGx2WInJZLl/C2RcPYWmR4ZFgjLQcyHAI5sZcGo49k/LljoRJzGIa85jI TKYylzmfgAAAIf7vVGhpcyBHSUYgZmlsZSB3YXMgYXNzZW1ibGVkIHdpdGggR0lGIENvbnN0cnVj dGlvbiBTZXQgZnJvbToNCg0KQWxjaGVteSBNaW5kd29ya3MgSW5jLg0KUC5PLiBCb3ggNTAwDQpC ZWV0b24sIE9udGFyaW8NCkwwRyAxQTANCkNBTkFEQS4NCg0KVGhpcyBjb21tZW50IGJsb2NrIHdp bGwgbm90IGFwcGVhciBpbiBmaWxlcyBjcmVhdGVkIHdpdGggYSByZWdpc3RlcmVkIHZlcnNpb24g b2YgR0lGIENvbnN0cnVjdGlvbiBTZXQAIf8LR0lGQ09ObmIxLjACBAAODAACAAMAAAAAAAAAAAAM TU9OS0VZMS5CTVAADgwAAgAFAAAAAAAAAAAADE1PTktFWTIuQk1QAA4MAAIABwAAAAAAAAAAAAxN T05LRVkxLkJNUAAODAACAAkAAAAAAAAAAAAMTU9OS0VZMy5CTVAAADs= ------=_NextPart_000_0009_01C2CBC6.24A0DB40 Content-Type: application/octet-stream Content-Transfer-Encoding: base64 Content-Location: http://monkey.org/cgi-bin/counter?ft=0|dd=E|trgb=ffffff|df=dugsong-dsniff.dat R0lGODlhJAAJAPEAAAAAAP///wAAAAAAACH+aUNvdW50LmNnaSAyLjUsKEFwci0wOC0yMDAxLTEp CkJ5IE11aGFtbWFkIEEgTXVxdWl0Cmh0dHA6Ly93d3cubXVxdWl0LmNvbS9tdXF1aXQvc29mdHdh cmUvQ291bnQvQ291bnQuaHRtbAAh+QQBAAACACwAAAAAJAAJAAAC/pQkIiIiIoQQQgghhBBCCCEI giAIgiAIAgAIggAAgiAIAAAAggAAACAQAAAAgEAAAAAAAoFAABAIBACBQCAQAAQCgEAAEAgAAgFA IAAIBACBACAQCAQAgUAAEAgEAgFAICAgICAgIAAgIAAgIAAgIAAgICAgICAgACAgIAAAAAAgIAAA AAAgICAgAAAgIAAAAAAgIAAAAAAgICAgACAgIAAgIAAgICAgIAAgICAgACAgICAgIAAgICAgIAAg ICAgACAgIAAgIAAgIAAgIAAgICAgACAgICAgIAAgIAAgIAAgQAAAAAAACBAAAAAAAAIEAAAAAIAA AQIEABAgQIAANQECAAgQAAAAAAACBAgQIECAAAECBAgQIECAAAECBAgQIECAAAECBAgQIECAAAEC BAgQIKAAADs= ------=_NextPart_000_0009_01C2CBC6.24A0DB40--