Analysing packets
Results 1 to 10 of 10

Thread: Analysing packets

  1. #1
    Banned
    Join Date
    Sep 2001
    Posts
    43

    Analysing packets

    I am looking for the password for my Gmail account I typed in but I'm not sure what the password looks like. If it is encrypted, how would I know what to look for and unencrypt it?

    Also, I've been reading about packet sniffers but I've seen much on actaully reading packets.

    p.s. I'm running Windows XP and using SmartSniff.

  2. #2
    Senior Member Deeboe's Avatar
    Join Date
    Nov 2005
    Posts
    185
    This might be a silly question, but if you already know your Gmail password, why do you want to sniff it?

    Also, I would be willing to bet that it is encrypted. Most "good" internet mail providers will encrypt their passwords. I would also imagine that it is done using SSL, you may have a hard time trying to locate it and (even if you do find it) you might not be able to do anything with it.

    -Deeboe
    If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.
    - Sun Tzu, The Art of War

    http://tazforum.**********.com/

  3. #3
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,403
    Also, I've been reading about packet sniffers but I've seen much on actaully reading packets
    Buy, loan or steal "TCP/IP Illustrated Vol. 1"
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  4. #4
    Senior Member
    Join Date
    Apr 2004
    Posts
    1,130

    Re: Analysing packets

    Originally posted here by Livlee
    [B]I am looking for the password for my Gmail account I typed in but I'm not sure what the password looks like. ]
    gmail uses SSL for login encription.
    If it is encrypted, how would I know what to look for and unencrypt it?

    Also, I've been reading about packet sniffers but I've seen much on actaully reading packets.
    you need to know how the application send the password from client to server. Maybe it uses a local script, i dont know.
    You can use a basic approach:
    - log on with several combinations of userid / password
    - compare sent strings to see what changes from session to session.

    BUT

    its tough to break ssl security
    Meu sítio

    FORMAT C: Yes ...Yes??? ...Nooooo!!! ^C ^C ^C ^C ^C
    If I die before I sleep, I pray the Lord my soul to encrypt.
    If I die before I wake, I pray the Lord my soul to brake.

  5. #5
    Banned
    Join Date
    Sep 2001
    Posts
    43
    Thanks for the info. The reason why I am wanting to get my own pass is just to see if I can do it.

    I have just started to read "Teach Yourself TCPIP in 14 Days". I will get "TCP/IP Illustrated Vol. 1" after I'm done with this book. I have to read small sections at a time because I tend to drift to different places which makes reading not very informative.

  6. #6
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,403
    Sounds good.. The "Teach yourself.." book will give you a good idea how it works.. The "TCP/IP Illustrated" book is just invaluable as reference material and to really get into the bits 'n bytes.. Best money I ever spend (I own all three volumes)...
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  7. #7
    Banned
    Join Date
    Sep 2001
    Posts
    43
    The more I get into this book the more it becomes confussing. I think his explantaions for things could go a bit deeper.

    In one part he says:

    "Each layer performs N-functions. The functions are the different things the layer does. Therefore, the functions of the transport layer are the different tasks that the layer provides. For most purposes in this guide, functions and entities mean the same thing."

    But what does the "N" stand for? Why is it called "N-Functions", why not "Z-Functions"?

  8. #8
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    N is the generally accepted notation for a numeric variable just like x is.... it's actually n but whatever....

    Thus each layer performs a number of functions specific to it's layer......

    As far as sniffing encrypted packets off the network and making sense of them.... Hint: you will waste a lot of time and the only experience you will gain is that if you sniff encrypted packets off a network you will waste a lot of time....
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  9. #9
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,883
    The condensed answer that good ol' Tiger is giving is that if you have any chance of grabbing that password, it must be done at a layer before the SSL encryption takes place. Information on the OSI is available everywhere.

    Have fun.

    --Th13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  10. #10
    Senior Member genXer's Avatar
    Join Date
    Jun 2005
    Posts
    252

    Off & On Topic...

    Hello all-

    Off-&-On topic, off, being off of the encryption question and on, in dealing with Gmail. Gmail has introduced a virus scanner:

    Source: The Register

    Link: http://www.theregister.co.uk/2005/12...virus_scanner/

    Story:
    Anti-virus scanner added to Google Gmail

    Google has introduced an anti-virus scanning service to Gmail. Each time users send and receive attachments, Gmail will automatically scan them for viruses. It's unclear whether Google developed the technology in-house (highly unlikely) or licensed it from a security firm, much less who that firm might be.

    Gmail previously blocked the transmission of executable attachments but adding anti-virus scanning allows the service to keep up with its competitors on user security. Yahoo! Mail uses Symantec software to scan for viruses. Hotmail, which has offered anti-virus scanning for some time, licenses its technology from Trend Micro.

    The use of anti-virus scanning software by email providers is good for internet hygiene, especially since the fast-spreading Sober worm is currently accounting for a sizeable slice of net traffic, but shouldn't be regarded as a substitute for desktop security software. These days malware is almost as likely to be offered up as a download from maliciously constructed websites or across network shares as appearing in user's email in-boxes. ®
    From here, I wonder if Gmail will also add a spyware scanner service. Also, like The Register asks, and I cannot find the answer yet, I wonder if Google developed the a/v scanner or it purchased from somewhere?!? And where/how often would the definitions/signatures come from?
    \"We\'re the middle children of history.... no purpose or place. We have no Great War, no Great Depression. Our great war is a spiritual war. Our great depression is our lives. We\'ve all been raised by television to believe that one day we\'ll all be millionaires and movie gods and rock stars -- but we won\'t. And we\'re learning slowly that fact. And we\'re very, very pissed off.\" - Tyler (Brad Pitt) Fight Club.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •