Wednesday, January 9, 2008

E-Mail Password Discovery Trick

If you are having a hard time convincing your manager that you need to start using encrypted e-mail or to go away from POP3 e-mail access, here is a nifty little trick!

1. Install Wireshark on a computer that is off the network.
2. Install a managed switch that supports port mirroring or port spanning between your Internet connection and your firewall.
3. Mirror the port that your firewall is plugged into to another port andplug your computer with Wireshark into that port.
4. Capture the information with Wireshark for about an hour (or however long you want) using the following filter:

pop.request.command == "USER" || pop.request.command == "PASS"

5. Show your manager everyone’s username and password that you captured from outside the network on the Internet!

You can also find all of the FTP passwords using the same method and this filter:

ftp.request.command == "USER" || ftp.request.command == "PASS"

No comments: