what program to uses to sniff
every one can tell me
Full Version: How To Sniff Vpn ?
How to Sniff VPN ? when i'm uses VPN i want to Sniff.
what program to uses to sniff
every one can tell me
what program to uses to sniff
every one can tell me
Need a bit more info here...
Are you ON a vpn yourself, and want to sniff the traffic, or are you wanting to sniff someone else's VPN? If you want to sniff someone else's VPN, are you on the same subnet as them...or what?
Ethereal is what most people use for heavy duty sniffing, although there are others.
Are you ON a vpn yourself, and want to sniff the traffic, or are you wanting to sniff someone else's VPN? If you want to sniff someone else's VPN, are you on the same subnet as them...or what?
Ethereal is what most people use for heavy duty sniffing, although there are others.
In theory you could sniff the VPN traffic but it would just be encypted data.
use tcpdump with the -v option
Umm
When i'm uses VPN in same subnet
i want to test Sniff data All user ?
thank
When i'm uses VPN in same subnet
i want to test Sniff data All user ?
thank
usually due to the nature of a vpn you have 3 options
1) decrypt traffic off the line - have fun will take a lot of time
to even decode one single packet (break ipsec encryption ??)
2) catch the traffic before/after it passes the tunnel
usually possible on your workstation or at the remote end
regards,
u.
1) decrypt traffic off the line - have fun will take a lot of time
to even decode one single packet (break ipsec encryption ??)
2) catch the traffic before/after it passes the tunnel
usually possible on your workstation or at the remote end
regards,
u.
Sniffing traffic before or after encryption wouldnt really be sniffit it imho.
If you have acces to either the start or the end point your not in between
traffic anymore like as if you where sniffing regular unencrypted connections.
Furthermore, VPN isnt just VPN, there are many types and flavours and configurations, things that come to mind are; Certificate Authorities (Root, Subordinate, offline, online, standalone, enterprise and 3 tier configs), Hardware or Software based VPN, IPSEC, SmartCard, EAP, PKI, L2TP, PPTP, and multiple other factors which will either make it possible or not for you to sniff/decrypt
packets that are exchanged over the VPN.
If you have acces to either the start or the end point your not in between
traffic anymore like as if you where sniffing regular unencrypted connections.
Furthermore, VPN isnt just VPN, there are many types and flavours and configurations, things that come to mind are; Certificate Authorities (Root, Subordinate, offline, online, standalone, enterprise and 3 tier configs), Hardware or Software based VPN, IPSEC, SmartCard, EAP, PKI, L2TP, PPTP, and multiple other factors which will either make it possible or not for you to sniff/decrypt
packets that are exchanged over the VPN.
got a question. Is there are way to connect to 2 vpns. I mean. You have 1 vpn connect to another vpn that connects to the web?
and also.. i use firefox as my browser and i was wondering what is the best way to do
PC > VPN > proxy chain > web ?? getanonymous isnt capatible with firefox yet, so what can i do ?
thanks!
- T
and also.. i use firefox as my browser and i was wondering what is the best way to do
PC > VPN > proxy chain > web ?? getanonymous isnt capatible with firefox yet, so what can i do ?
thanks!
- T
Ettercap will allow you to use a man-in-the-middle attack for sniffing VPN traffic. As far as I understand it, the source computer will send it's certificate to the destination. Ettercap will intercept that certificate and generate a fake one to send to the destination. The same happens from destination to source. When the source computer sends data to the destination, it will decrypt it with the certificate it received from the source, read the data, encrypt it with the fake certiificate it sent to the destination, and then send it out. I think that's how it does it for VPNs (or maybe it was SSH?). Anyone care to confirm this?
ettercap can sniff (ARP based) SSH and SSL traffic MITM style.
I don't know that ettercap can sniff VPN. But procedure should just like SSH.
I don't know that ettercap can sniff VPN. But procedure should just like SSH.
Sniffing the data is not the problem ,
it`s not even littele hard to niff IPSec !
how ?
the only thing you need is the key ,
after that , a simple buf powerfull sniffer like tcpdump can capture data back to it`s
decrypted format .
so try to capture/steal the key first , then you`ve done 90% of the mission .
it was for IPsec ,
in case of tricking VPN clients/servers there is also some ways to break the channle
some public and documented and some still a big " ? "
here is one of those documented methods for special VPN solution :
PPTP insecurityes , by Mudge from L0pht group ,
it`s not even littele hard to niff IPSec !
how ?
the only thing you need is the key ,
after that , a simple buf powerfull sniffer like tcpdump can capture data back to it`s
decrypted format .
so try to capture/steal the key first , then you`ve done 90% of the mission .
it was for IPsec ,
in case of tricking VPN clients/servers there is also some ways to break the channle
some public and documented and some still a big " ? "
here is one of those documented methods for special VPN solution :
PPTP insecurityes , by Mudge from L0pht group ,
how about vpn proxying ,
I mean steal the keys of the source and destination and proxy it thro' ur machine
I mean steal the keys of the source and destination and proxy it thro' ur machine
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
