dsniff Download – Tools for Network

Auditing & Password Sniffing

Last updated: February 14, 2020 | 16,131 views

Dsniff download is a collection of tools for network auditing & penetration testing.
Dsniff, filesnarf, mailsnarf, msgsnarf, URLsnarf, and WebSpy passively monitor a
network for interesting data (passwords, e-mail, files, etc.).
ARPspoof, DNSspoof, and macof facilitate the interception of network traffic
normally unavailable to an attacker (e.g, due to layer-2 switching). sshmitm and
webmitm implement active monkey-in-the-middle attacks against redirected SSH
and HTTPS sessions by exploiting weak bindings in ad-hoc PKI.

These tools were written with honest intentions – for the author to audit his own
network, and to demonstrate the insecurity of cleartext/weakly-encrypted network
protocols and ad-hoc PKI. please do not abuse this software.

Features/Contents for Dsniff Network Auditing &

Password Sniffing
The name Dsniff refers both to the package of all the below tools and the one
eponymous tool “Dsniff” included within.

 arpspoof – redirect packets from a target host (or all hosts) on the LAN intended
for another local host by forging ARP replies. this is an extremely effective way of
sniffing traffic on a switch. kernel IP forwarding (or a userland program which
accomplishes the same, e.g. fragrouter :-) must be turned on ahead of time.
 dnsspoof – forge replies to arbitrary DNS address / pointer queries on the LAN. this
is useful in bypassing hostname-based access controls, or in implementing a variety
of man-in-the-middle attacks (HTTP, HTTPS, SSH, Kerberos, etc).
 dsniff – password sniffer. handles FTP, Telnet, SMTP, HTTP, POP, poppass,
NNTP, IMAP, SNMP, LDAP, Rlogin, RIP, OSPF, PPTP, MS-CHAP, NFS, VRRP,
YP/NIS, SOCKS, X11, CVS, IRC, AIM, ICQ, Napster, PostgreSQL, Meeting
Maker, Citrix ICA, Symantec pcAnywhere, NAI Sniffer, Microsoft SMB, Oracle
SQL*Net, Sybase and Microsoft SQL auth info.
 filesnarf – saves selected files sniffed from NFS traffic in the current working
directory.
  macof – flood the local network with random MAC addresses (causing some
switches to fail open in repeating mode, facilitating sniffing). a straight C port of the
original Perl Net::RawIP macof program.
 mailsnarf – a fast and easy way to violate the Electronic Communications Privacy
Act of 1986 (18 USC 2701-2711), be careful. outputs selected messages sniffed
from SMTP and POP traffic in Berkeley mbox format, suitable for offline browsing
with your favorite mail reader (mail -f, pine, etc.).
 msgsnarf – record selected messages from sniffed AOL Instant Messenger, ICQ
2000, IRC, and Yahoo! Messenger chat sessions.
 sshmitm – SSH monkey-in-the-middle. proxies and sniffs SSH traffic redirected by
dnsspoof(8), capturing SSH password logins, and optionally hijacking interactive
sessions. only SSH protocol version 1 is (or ever will be) supported – this program
is far too evil already.
 sshow – SSH traffic analysis tool. analyzes encrypted SSH-1 and SSH-2 traffic,
identifying authentication attempts, the lengths of passwords entered in interactive
sessions, and command line lengths.
 tcpkill – kills specified in-progress TCP connections (useful for libnids-based
applications which require a full TCP 3-whs for TCB creation).
 tcpnice – slow down specified TCP connections via “active” traffic shaping. forges
tiny TCP window advertisements, and optionally ICMP source quench replies.
 urlsnarf – output selected URLs sniffed from HTTP traffic in CLF (Common Log
Format, used by almost all web servers), suitable for offline post-processing with
your favourite web log analysis tool (analog, wwwstat, etc.).
 webmitm – HTTP / HTTPS monkey-in-the-middle. transparently proxies and sniffs
web traffic redirected by dnsspoof(8), capturing most “secure” SSL-encrypted
webmail logins and form submissions.
 webspy – sends URLs sniffed from a client to your local Netscape browser for
display, updated in real-time (as the target surfs, your browser surfs along with
them, automagically). a fun party trick. :-)
You can download Dsniff here:

dsniff-2.3.tar.gz