john the ripperlike this:
ifconfig. Then we can just start tapping in on that and start to capture those packets.
tcpdump- this command will output all network traffic straight to the terminal. Might be hard to understand if there is a lot of traffic.
-A- stands for Ascii, and output it in ascii.
-w file.pcap- the w-flag will save the output into the filename of your choice. The traffic is stored in pcap-format, which is the standard packet-analysis-format.
-i any- will capture traffic for all interfaces.
-D- show list of all interfaces
-q- be less verbose. Be more
-s- The default size that tcpdump captures is only 96 bytes. If you want it to capture more you have to define it yourself
-s0gives you the whole packet.
-c- count. Set how many packets you want to intercept. And then stop. Is useful if you have a non-interactive shell, this way to can capture packets without having to leave with
port 22- only see traffic on a specific port.
-vvv- Verbose. Depending on how verbose you want the output.
psnuffleon it. It can sniff passwords and usernames from pop3, imap, ftp, and HTTP GET. This is a really easy way to find usernames and passwords from traffic that you have already dumped, or are in the process of dumping.