pcredz
Extracts authentication credentials from network captures
Install
- All systems
-
curl cmd.cat/pcredz.sh
- Debian
-
apt-get install pcredz - Ubuntu
-
apt-get install pcredz - Kali Linux
-
apt-get install pcredz - Windows (WSL2)
-
sudo apt-get updatesudo apt-get install pcredz - Raspbian
-
apt-get install pcredz - Dockerfile
- dockerfile.run/pcredz
pcredz
Extracts authentication credentials from network captures
Pcredz extracts and dumps authentication information from either a live network capture or a pcap dump file. It works on the following (unencrypted) protocols: - POP - SMTP - IMAP - SNMP community string - FTP - HTTP Basic - NTLMv1/v2 (DCE-RPC,SMBv1/2,LDAP, MSSQL, HTTP, etc) - Kerberos (AS-REQ Pre-Auth etype 23) hashes. It can also optionally, although with far lesser certainty, print sniffed strings that appear to be credit card numbers.