Tool zur unbemerkten Übernahme von SSL-Verbindungen des
Internet Explorers.
Funktioniert auch in geswitchten Netzen.
Anforderungen: Linux (Kernel 2.4.x), OpenSSL
Sammlung von Tools zum passiven Sniffen, ARP Poisening,
DNS Spoofing und Man-in-the-Middle-Attacken von HTTPS und SSH-Verbindungen.
Die Tools:
dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, webspy, arpspoof, dnsspoof,
macof, sshmitm, webmitm
Anforderungen: OpenBSD (i386), Redhat Linux (i386), and
Solaris (sparc), FreeBSD, Debian Linux, Slackware Linux, AIX, und HP-UX. Windows
und MacOS X Ports älterer
Versionen sind ebenfalls verfügbar.
Weiterhin werden folgende Pakete benötigt: Berkely DB, OpenSSL, libpcap, libnet,
linids
arp-sk - A swiss knife tool for ARP
Bewertung: ***
Tool zur Erstellung eigener ARP Pakete.
Anforderungen: BSD-Systeme, Windows
ettercap
Bewertung: *****
Vielseitiges Tool zum Sniffen, Abhören in geswitchten Netzen. Ermölicht u.a.
Packet Injection, Extrahieren von Passwörtern für zahlreiche Klartext-Protokolle.
Anforderungen: BSD-Systeme, Linux (ab Kernel 2.0.x), Solaris 2.x, Windows 9x,NT,2000,XP, MacOS X
Hunt is a program for intruding into a connection, watching it and resetting it. It has several features,
which I didn't find in any product like Juggernaut or T-sight that inspired me in my development. I found Juggernaut not
flexible enough for further development so I started from scratch (see FEATURES and DESIGN OVERVIEW). Note that hunt is
operating on Ethernet and is best used for connections which can be watched through it. However, it is possible to do
something even for hosts on another segments. The hunt doesn't distinguish between local network connections and connections
going to/from Internet. It can handle all connections it sees. Connection hijacking is aimed primarily at the telnet traffic
but it can be used for another traffic too. The reset, watching, arp, ... features are common to all connections. (from rpm
description)
Anforderungen: FreeBSD, Linux
