Packet sniffing
Sniff the target machine's traffic by grasping the packet and find the account password.
Windows system
1, Wirehshark
2, Omnipeek
3, Commview
4, Sniffpass
Only the plaintext protocol that identifies the transmission password is crawled and the password is extracted
Linux Systems
1, Tcpdump
2, Wirehshark
3, Dsniff
Similar to Sniffpass, only the password (plaintext protocol) is captured, and is integrated by default under Kali.
Test
Open the FTP service #service pure-ftpd start
Start: Dsniff-i eth0
Connect the FTP service on another host
Will try the default password login first
Password stealing using a keylogger or Trojan
1. Dark Comet
Local cache password
1. Browser cache password
Firefox browser
Exdit->prefence
IE browser
2. Network Password
3. Wireless Password
Graphical interface: View connection properties
http://www.nirsoft.net can restore most account passwords
Dump SAM
Command-line tools: Pwdump (Applications under Windows)
kali:/usr/share/windows-binaries/fgdump/
Usage Tutorial: http://www.2cto.com/Article/201008/55565.html
Little white Diary, not to be continued ...
Small white Diary the right to 22:kali penetration test (II.)--grasping packet sniffing