This project was developed for CSE571S at Washington University St.Louis. The main goal was to demonstrate knowledge in network security, show the faults in commonly used protocols and the lack of knowledge in applying security policies.
This program is a network packet sniffer that sniffs out server IP addresses, usernames, and passwords. It is built in Windows 7 and the setup described in this manual is based around a Windows 7 machine but the ideas portrayed can be applied to other systems. The program currently only captures telnet, ftp, and http passwords. The program can capture clear text and it can also capture and decrypt md5 passwords in http packets. The basic idea is to use the program to implement a man-in-the-middle attack. The Windows 7 PC is used to create a fake WIFI hot spot that will act as bait for clients to connect to. When clients connect and send out network packets, the program will collect the passwords real time and print out to screen. Any password decryption also happens in real time. Decryption is done by using the John the Ripper programFrom the client point of view, he or she would not normally suspect a MITM attack is occurring. This program was created for academic purposes and is not to be used for real world exploitation.
Stressful Password Sniffer Source Code
Stressful Password Sniffer Manual
Unzip the file into the C drive. Open Visual Studio 2010 and create a new project and use Win32 Console Application as an empty project. Add main.c to the project. Right-click the project and select Properties. Under Configuration Properties -> C/C++ -> Additional Include Directories, add "C:\WpdPack\Include". Under Configuration Properties -> Linker -> Input -> Additional Dependencies, add "wpcap.lib" and "ws2_32.lib". Under Configuration Properties -> Linker -> General -> Additional Library Directories, add C:\WpdPack\Lib. Build the program.
Unzip the file and place it in Visual Studio 2010\Projects\
Open the command prompt in Administrative Mode. Check if the
Windows 7 machine has a network device that can create a WiFi
hotspot. Type in "netsh wlan show drivers". If output contains
"Hosted network supported : Yes", then the machine is suitable for
a MITM attack. Create a connection by typing in the command
"netsh wlan set hostednetwork mode=allow ssid=
At start-up, the program will list the network devices by number.
Choose the number that corresponds to the hosted network that is
to be connected to by the clients. The program will confirm the
selection and will start polling for passwords. When a packet
containing a user name and a password is captured, the program will
display the type of protocol, the server IP address that the client
is connecting to, the user's name, and the user's password. The
program will do this for all packets until the program is closed.
Telnet usernames and passwords are output to screen letter by
letter in real time. For the other protocols, the usernames and
passwords are output to screen after the user inputs the username
or password and presses the
The program behaves very much like a program in beta. The
program has been tested with some sites and situations but not all
sites and situations have not been tested for various reasons,
including development time constraints.
For telnet, it will output non-alphabetic characters like
WinPcap, "The industry-standard windows packet capture library,"
[Windows network packet capture library]
WinPcap, "WinPcap tutorial: a step by step guide to using WinPcap,"
[Tutorial for using WinPcap to capture network traffic]
Dan Lo, "How to: Program Development with Winpcap Using Microsoft VisualStudio,"
[Video describing how to setup WinPcap in Visual Studio]
iTech, "How to turn your Windows 7/8 Laptop into a WiFi Hotspot 2014,"
[Video describing how to create a WiFi hot spot in Windows 7]
Martin Casado, "The Sniffer's Guide to Raw Traffic,"
[Tutorial for using the open source library libcap]
John the Ripper, "John the Ripper password cracker,"
password cracker for various hashed passwords]