new dsniff port - various sniffing tools for penetration testing

This commit is contained in:
dugsong 1999-12-20 23:00:58 +00:00
parent 0baf31d381
commit c24e6c66b2
6 changed files with 110 additions and 0 deletions

21
security/dsniff/Makefile Normal file
View File

@ -0,0 +1,21 @@
# Makefile for: dsniff
# Version required: 1.0
# Date created: 17 Dec 1999
# Whom: dugsong@monkey.org
#
# $OpenBSD: Makefile,v 1.1.1.1 1999/12/20 23:00:58 dugsong Exp $
DISTNAME= dsniff-1.1
CATEGORIES= security
MAINTAINER= dugsong@monkey.org
MASTER_SITES= http://www.monkey.org/~dugsong/dsniff/
BUILD_DEPENDS= ${PREFIX}/lib/libnet.a:${PORTSDIR}/net/libnet \
${PREFIX}/lib/libnids.a:${PORTSDIR}/net/libnids
NO_CONFIGURE= yes
.include <bsd.port.mk>

View File

@ -0,0 +1,3 @@
MD5 (dsniff-1.1.tar.gz) = db47bea482c47cda96cb3451fb4dfd01
RMD160 (dsniff-1.1.tar.gz) = 41bd27e5d4f7601c6611205c02b415b7aa31d58c
SHA1 (dsniff-1.1.tar.gz) = 5e0e53c413bffed82d5645f8bf470b5115a4f650

View File

@ -0,0 +1,18 @@
--- Makefile.orig Sat Dec 18 00:11:59 1999
+++ Makefile Sat Dec 18 00:12:23 1999
@@ -5,11 +5,11 @@
#
# $Id: patch-aa,v 1.1.1.1 1999/12/20 23:00:58 dugsong Exp $
-CC = gcc
-CFLAGS = -g -O2 -Wall
-LDFLAGS = -s
+CC ?= gcc
+CFLAGS ?= -g -O2 -Wall
+LDFLAGS ?= -s
-PREFIX = /usr/local
+PREFIX ?= /usr/local
PCAPDIR = /usr
PCAPINC = -I$(PCAPDIR)/include

View File

@ -0,0 +1 @@
various sniffing utilities for penetration testing

60
security/dsniff/pkg/DESCR Normal file
View File

@ -0,0 +1,60 @@
dsniff
------
i wrote these tools with honest intentions - to audit my own network,
and to demonstrate the insecurity of plaintext network protocols.
please do not abuse this software.
what's here:
arpredirect
redirect packets from a target host (or all hosts) on the LAN
intended for another host on the LAN by forging ARP replies.
this is an extremely effective way of sniffing traffic on a
switch. kernel IP forwarding (or a userland program which
accomplishes the same, e.g. fragrouter :-) must be turned on
ahead of time.
findgw
determine the local gateway of an unknown network via passive
sniffing. the results of this program may be used in
conjunction with arpredirect to intercept all outgoing traffic
on a switch.
macof
flood the local network with random MAC addresses (causing
some switches to fail open in repeating mode, facilitating
sniffing). a straight C port of the original Perl Net::RawIP
macof program.
dsniff
simple password sniffer. handles FTP, Telnet, HTTP, POP, IMAP,
SNMP. goes beyond most sniffers in that it minimally parses
each application protocol, only saving the "interesting" bits.
also supports full TCP/IP reassembly, courtesy of libnids (all
of the following tools do, as well).
mailsnarf
a fast and easy way to violate the Electronic Communications
Privacy Act of 1986 (18 USC 2701-2711), be careful. outputs
all messages sniffed from SMTP traffic in Berkeley mbox
format, suitable for offline browsing with your favorite mail
reader (mail -f, pine, etc.).
urlsnarf
output all requested URLs sniffed from HTTP traffic in CLF
(Common Log Format, used by almost all web servers), suitable
for offline post-processing with your favorite web log
analysis tool (analog, wwwstat, etc.).
webspy
sends URLs sniffed from a client to your local Netscape
browser for display, updated in real-time (as the target
surfs, your browser surfs along with them, automagically).
a fun party trick. :-)
-d.
---
http://www.monkey.org/~dugsong/

View File

@ -0,0 +1,7 @@
sbin/arpredirect
sbin/findgw
sbin/macof
sbin/dsniff
sbin/mailsnarf
sbin/urlsnarf
sbin/webspy