[Owasp-o2-platform] Packet Sniffer in O2

dinis cruz dinis.cruz at owasp.org
Thu Feb 17 13:56:03 EST 2011


Have you guys tried the packet sniffer that is in the latest version of O2?

It works quite well (I just used it to debug a script that I'm writing that
is able to send emails without using an SMTP server (I will post about that
later today))

To run this script (which wraps http://www.mentalis.org/soft/projects/pmon/) ,
you can use the main O2 GUI( via the Security Analysis tab)

[image: tmpA0DD.tmp.jpeg]

or you can run it directly by executing the *.h2
script: C:\O2\O2Scripts_Database\_Scripts\APIs\_MiscAPIs\Mentalis_PacketMonitor.h2
(from command line or windows explorer)

[image: tmp5A1E.tmp.jpeg]

This script (which needs admin rights to run) will look like this:

[image: tmp442F.tmp.jpeg]

and like this once we start capturing

[image: tmp18EC.tmp.jpeg]

Two features I would like to add are:

* DNS resolution for IPs
* View conversation (first just the text on each packet, and then in
a sequential view like the one that we get in Ethercap)

Anybody wants to help with this?

Dinis Cruz

Blog: http://diniscruz.blogspot.com
Twitter: http://twitter.com/DinisCruz
Web: http://www.owasp.org/index.php/O2
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-o2-platform/attachments/20110217/4967c461/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 17299 bytes
Desc: not available
Url : https://lists.owasp.org/pipermail/owasp-o2-platform/attachments/20110217/4967c461/attachment-0004.jpe 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 69014 bytes
Desc: not available
Url : https://lists.owasp.org/pipermail/owasp-o2-platform/attachments/20110217/4967c461/attachment-0005.jpe 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 22717 bytes
Desc: not available
Url : https://lists.owasp.org/pipermail/owasp-o2-platform/attachments/20110217/4967c461/attachment-0006.jpe 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 11685 bytes
Desc: not available
Url : https://lists.owasp.org/pipermail/owasp-o2-platform/attachments/20110217/4967c461/attachment-0007.jpe 


More information about the Owasp-o2-platform mailing list