Sniffing Telnet Sessions

Printable View

April 22nd, 2004, 04:09 AM
blablablabla

Sniffing Telnet Sessions

Hello...

I am interested in sniffing un encrypted telnet sessions. My only purpose in doing such a thing is I enjoy this stuff, I find it fun.

My friend and I both have networks in our rooms. We are using each other's "small" networks as honeypots. Are networks consist of....

1. Cable modem to...
2. Linux box acting as firewall/router/server to...
3. Switch to Windows box's...

I have given his linux box complete access to the services running on my linux box and he has done the same for me.

The telnet sessions aren't using ssh etc.. "no encryption at all" Any incoming packets from any other computers but his to mine and mine to his are dropped so we don't mind running the telnet.

Goal is...

To sniff log-ins/ongoing connections like....

My network's windows box will be used to start the connection to his linux box's telnet server. My linux box will be used to sniff the connection from his linux box to my windows box.

Question is...

1. What sniffer would you recommend for doing such a thing?

Also...

Any recommendations for a good brute force program for cracking telnet log in username/passwords???... Again, this is for un encrypted sessions.

Thanks.
April 22nd, 2004, 04:33 AM
UpperCell

Well you can't go wrong with ethereal, provided you get the latest version.

http://www.ethereal.com

no need to brute force if you use the sniffer right. You've got linux, script something to brute force.

I doo hope this really is all in fun. Otherwise forget it, it's not worth it :D

- Good day,

Jon.
April 22nd, 2004, 07:08 AM
HTRegz

Quote:

Any recommendations for a good brute force program for cracking telnet log in username/passwords???... Again, this is for un encrypted sessions.

That there leads me to think this is all a bunch of bull. I'm just not sure what you are trying to social engineer. The name of good sniffing software? That's out there to find without a problem. Why on earth would it matter if the session isn't encrypted for brute forcing? Sniff insecure communications and you'll see the password... end of story. If this is an attempt at social engineering, it's a very sad attempt. If you are for real.... go read a damn book. Learn something instead of saying, "I have linux... i wanna be l33t and play wargames like the big boys do." For ****s sake, grow up and learn the basics before asking about **** that you really don't understand.
April 22nd, 2004, 07:11 AM
THEJRC

a few issues here.... if the telnet session is between both linux boxes, the sniffer will have to reside on the same network (between the linux machines). Also, it's a switched network... providing the switches arent cheap and do what they're supposed to do, unless you configure port mirroring or a monitor port you've got nothing anyways. If your sniffing after the routing chains on the linux box, you may have some reassembly issues. The real question here is... why bother? if your telnetting over with access well.... you've pretty much got the information your sniffing for.

good luck looking at boring telnet traffic on this rig in this way, but for a generally good windows sniffer/ protocol analyzer look into linkferret

~~~and of course an afterthought in edit, but why would you need to brute force something that sends passwords unencrypted?? do you want to brute force or do you want to sniff... two different worlds here~~~
April 22nd, 2004, 02:06 PM
groovicus

Thanks THEJRC, I was thinking telnet sent passwords unencrypted.... actually, I thought everything telnet did was unencrypted, I have hardly ever used it though.
April 22nd, 2004, 02:38 PM
the_JinX

telnet == unencrypted

a simple tcpdump is enough to get you the username and passwords

anyone dumb enough to do imporant stuff over unencryted lines deserves a little tcpdump