Download Shareware and Freeware Software for Windows, Linux, Macintosh, PDA

line Home  |  About Us  |  Link To Us  |  FAQ  |  Contact

Serving Software Downloads in 976 Categories, Downloaded 29.876.284 Times

THC-Snooze 0.0.7

  Date Added: November 11, 2010  |  Visits: 671

THC-Snooze

Report Broken Link
Printer Friendly Version


Product Homepage
Download (74 downloads)



THC-Snooze is a framework for network traffic analysis. THC-Snooze project can be used as a sniffer or a network based intrusion detection system. It will watch the network traffic and invoke small programs ("modules" or "protocol dissectors"), which are easily written in a script language, to gather information from the data. The possible applications for THCsnooze range from simple and advanced sniffing to passive network auditing. It is possible to write modules that will track a connection until a successful login occured. Or you can check if a client application establishes with a ssl enabled server (insecure) SSLv2 connections. Getting Started: So, let us imagine you want to write a module for snooze and you dont know the protocol. (I will illustrate these steps on a well known protocol so its maybe easier to understand why we are doing these steps). First we need some sample data to analyze. We make a copy of the dump_tcp.lua file and change the first line to match our needs: "-- :xxx_no_proto:1:tcp:" to "-- :xxx_no_proto:21:tcp:" We start snoozed: # snoozed -i en0 -M modules/ -b -c t0 -D 10 THCsnoozed-0.0.6 by THC DEBUG: loading modules ... ... After we got one or two connections sniffed and stored we quit snooze. Now, we can use hxdmp to view the logs (well, you can use your favourite text editor to do that): $ ./hxdmp -c t0/127.0.0.1_31231_127.0.0.1_21_0001.complete hxdmp - THCsnooze hexdump by THC 00000000 32 32 30 20 6c 6f 63 61 6c 68 6f 73 74 20 46 54 | 220 loca lhost FT 00000010 50 20 73 65 72 76 65 72 20 28 74 6e 66 74 70 64 | P server (tnftpd 00000020 20 32 30 30 35 30 31 30 31 29 20 72 65 61 64 79 | 2005010 1) ready 00000030 2e 0d 0a 55 53 45 52 20 67 75 65 73 74 31 0d 0a | ...USER guest1.. 00000040 33 33 31 20 50 61 73 73 77 6f 72 64 20 72 65 71 | 331 Pass word req 00000050 75 69 72 65 64 20 66 6f 72 20 67 75 65 73 74 31 | uired fo r guest1 00000060 2e 0d 0a 50 41 53 53 20 41 41 41 41 0d 0a 32 33 | ...PASS AAAA..23 00000070 30 2d 0d 0a 53 59 53 54 0d 0a 46 45 41 54 0d 0a | 0-..SYST ..FEAT.. 00000080 50 57 44 0d 0a 20 20 20 20 57 65 6c 63 6f 6d 65 | PWD.. Welcome 00000090 20 74 6f 20 42 6f 78 30 30 31 21 0d 0a 32 33 30 | to Box0 01!..230 000000a0 20 55 73 65 72 20 67 75 65 73 74 31 20 6c 6f 67 | User gu est1 log 000000b0 67 65 64 20 69 6e 2e 0d 0a 32 31 35 20 55 4e 49 | ged in.. .215 UNI 000000c0 58 20 54 79 70 65 3a 20 4c 38 20 56 65 72 73 69 | X Type: L8 Versi 000000d0 6f 6e 3a 20 74 6e 66 74 70 64 20 32 30 30 35 30 | on: tnft pd 20050 000000e0 31 30 31 0d 0a 32 31 31 2d 46 65 61 74 75 72 65 | 101..211 -Feature 000000f0 73 20 73 75 70 70 6f 72 74 65 64 0d 0a 20 4d 44 | s suppor ted.. MD 00000100 54 4d 0d 0a 20 4d 4c 53 54 20 54 79 70 65 2a 3b | TM.. MLS T Type*; 00000110 53 69 7a 65 2a 3b 4d 6f 64 69 66 79 2a 3b 50 65 | Size*;Mo dify*;Pe 00000120 72 6d 2a 3b 55 6e 69 71 75 65 2a 3b 0d 0a 20 52 | rm*;Uniq ue*;.. R 00000130 45 53 54 20 53 54 52 45 41 4d 0d 0a 20 53 49 5a | EST STRE AM.. SIZ 00000140 45 0d 0a 20 54 56 46 53 0d 0a 32 31 31 20 45 6e | E.. TVFS ..211 En 00000150 64 0d 0a 32 35 37 20 22 2f 68 6f 6d 65 2f 67 75 | d..257 " /home/gu 00000160 65 73 74 31 22 20 69 73 20 74 68 65 20 63 75 72 | est1" is the cur 00000170 72 65 6e 74 20 64 69 72 65 63 74 6f 72 79 2e 0d | rent dir ectory.. 00000180 0a | . The red data is send from server to client; the green from client to server. We can see here that user guest1 is logging in with password AAAA. It is time to write a module that can extract this information from the logfile..

Requirements: No special requirements
Platforms: Linux
Keyword: Network Traffic Thc Thcsnooze
Users rating: 0/10

License: Freeware Size: 95.23 KB
USER REVIEWS
More Reviews or Write Review


THC-SNOOZE RELATED
Utilities  -  Network Traffic Analyser 0.2.2
Network Traffic Analyser provides a script-driven network traffic monitor. Network Traffic Analyser (formerly known as sniffer) is designed to be an extremely powerful, configurable, and versatile tool for monitoring network traffic. It can be...
112.64 KB  
Remote Computing Tools  -  Network Traffic Monitor Experts 2.2
Real-time display your computer's network traffic tools.Display all the network adapter on your computer. Selected to monitor the network adapter,Program will display real-time traffic information on the current network adapter, Include:...
1013.76 KB  
Development Editors  -  Network Traffic Analyser 0.2.2
Network Traffic Analyzer is designed to be extremely powerful, configurable and versatile tool for monitoring and analysing network traffic. It can be used as a plain sniffer, as a tool for accounting, dynamic firewall updates, etc.
61.44 KB  
Utilities  -  Network Traffic Monitor for Linux 0.7
Network Traffic Monitor (NTM) is an application to monitor your network usage. NTM allows you to have a detailed view on your network. You can have graphs about the bandwidth consumption as well as a numeric representation of your bytes used.
266.24 KB  
Network Monitors  -  Active Wall Traffic Monitor 2.0
Active Wall Traffic Monitor is a free real time network traffic monitor software for LAN. It has great performance, can monitor more than 1,000 computers at the same time. And it is stable and secure for 24X7 running. It displays IP address, MAC...
2.52 MB  
Networking Tools  -  Network-Accounting Daemon for Netfilter 0.4.3
ulog-acctd is a userspace network accounting daemon which generates log files of network traffic for accounting purposes. I had tried to implement support for the newer packet interface at device level (supported since Linux kernel versions 2.2,...
32.77 KB  
Networking Tools  -  Traffic Control - Next Generation 10b
Traffic Control - Next Generation (tcng) is a revision of the Linux network traffic control infrastructure that aims to make the configuration language less cryptic, and provide better interfaces for software and hardware accelerators. The goal...
512 KB  
Remote Computing Tools  -  Show Traffic 1.7.0
Show Traffic - monitors network traffic on the chosen network interface and displays it continuously. It could be used for locating suspicious network traffic or to evaluate current utilization of the network interface. When I discovered...
 
Networking Tools  -  SFSU Penaltybox 1.2.0
The SFSU Penaltybox is a solution for high network traffic in residence halls. It implements a bandwidth quota, penalizing the users who cause most of the network congestion. When users go over their bandwidth quota in a time period their...
256 KB  
Utilities  -  tcpreplay 3.4.4
tcpreplay is a suite of tools to edit and replay captured network traffic.
921.6 KB  
NEW DOWNLOADS IN LINUX SOFTWARE, SECURITY TOOLS
Linux Software  -  Polling Autodialer Software 3.4
ICTBroadcast Auto Dialer software has a survey campaign for telephone surveys and polls. This auto dialer software automatically dials a list of numbers and asks them a set of questions that they can respond to, by using their telephone keypad....
488 B  
Linux Software  -  Total Video Converter Mac Free 3.5.5
Total Video Converter Mac Free developed by EffectMatrix Ltd is the official legal version of Total Video Converter which was a globally recognized brand since 2006. Total Video Converter Mac Free is a free but powerful all-in-one video...
17.7 MB  
Linux Software  -  Skeith mod_log_sql Analyzer 2.10beta2
Skeith is a php based front end for analyzing logs for Apache using mod_log_sql.
47.5 KB  
Linux Software  -  SLAX 6.0+
Slax is a modern, portable, small and fast Linux operating system with a modular approach and outstanding design. Despite its small size, Slax provides a wide collection of pre-installed software for daily use, including a well organized graphical...
190 KB  
Linux Software  -  GTK+ 2.5
GTK+, which stands for the GIMP Toolkit, is a library for creating graphical user interfaces for the X Window System. It is designed to be small, efficient, and flexible. GTK+ is written in C with a very object-oriented approach. Language bindings...
60 MB  
Security Tools  -  Free AntiSpyware 7.2.5
As powerful and professional anti-spyware software, Free AntiSpyware has ability to detect & stop the latest and most malicious programs that are doing harm to your computer and breaking your privacy. This free spyware remover software helps...
128.08 MB  
Security Tools  -  paraproxy 1.1
paraproxy is a supplement library for paramiko which adds support for SSH2 proxy commands. #md5=0c7041e8d2d7e49b09df526bba3efb28 #md5=1fbb4f888f40a01439ff27458c6210eb #md5=493c0f426e376427c30f3f39ebc8dac1
20.48 KB  
Security Tools  -  pam_smxs 1.6
pam_smxs is a PAM module that authenticates a user using challenge-response. All tokens that support ANSI X9.9 are currently supported and it provides full support for CryptoCard RB1 tokens.
522.24 KB  
Security Tools  -  DoudouLinux 2011-11
DoudouLinux [1] is a system specially designed for children to make computer use as easy and pleasant as possible for them (and for their parents too! [2]). DoudouLinux provides tens of applications that suit children from 2 to 12 years and tries...
964.17 MB  
Security Tools  -  django-auth-ldap 1.0.19
This authentication backend enables a Django project to authenticate against any LDAP server. To use it, add django_auth_ldap.backend.LDAPBackend to AUTHENTICATION_BACKENDS. It is not necessary to add django_auth_ldap to INSTALLED_APPLICATIONS...
30.72 KB