lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Tue, 27 Jan 2004 19:03:49 +1100 (EST)
From: Brendan Gregg <brendan.gregg@....com.au>
To: <bugtraq@...urityfocus.com>
Subject: Chaosreader: Trace TCP/UDP from snoop/tcpdump logs


Vunerability Analysis Tool

Chaosreader is a freeware tool that can trace HTTP sessions from a packet
log, displaying which bytes are plaintext. It could be used to help verify
that some websites really do use encryption, which may interest readers of
Bugtraq. It has been written in perl and tested on RedHat, Solaris
and Windows.

The above description is one use of Chaosreader, it has many features:

        Reads snoop and tcpdump logs
        Processes TCP, UDP, ICMP, IPv4 and IPv6
        Processes HTTP transfers (HTML, JPG, GIF, zip, ...)
        HTTP GET/POST content reports
        HTTP traffic log reports
        SMTP emails
        FTP files (active transfers)
        IRC sessions
        telnet sessions (also generates realtime playback scripts)
        X11 sessions (experimental X11 playback feature)
        Hex dumps
        ...

In some ways it's like an "any-snarf" program as it fetches the
application data from the network traffic logs to capture HTTP and FTP
files, and generate playback programs for telnet, IRC, etc.

So far it's helped to convince people to use encryption - ssh or IPSec.

Quick Usage:
                snoop -o /tmp/out1
                chaosreader /tmp/out1
                netscape index.html

Main Website:
        http://www.brendangregg.com/chaosreader.html

Or just web search for "chaosreader".

There are many existing (and more developed) tools that provide
similar features, such as Ethereal and dsniff; and some of the ideas
are similar to tools like lazarus and ttywatcher.

More features (and bug fixes) will be added in future versions.


Enjoy!

Brendan Gregg

[Sydney, Australia]

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ