projects techreports press lab location staff
citi top.2 top.3
citi mid.3
bot.1 bot.2 bot.3
star

Projects : dsniff

dsniff project

An experiment in social engineering to get rid of plaintext network authentication.

Passwords recently captured with dsniff from our local network, updated periodically. 

-----------------
03/13/00 12:38:42 X.X.X.X -> X.X.X.X (telnet)
XXX
Biscruggele%

-----------------
03/13/00 11:09:53 X.X.X.X -> X.X.X.X (ftp)
USER XXX
PASS tschedftp

-----------------
03/13/00 10:32:58 X.X.X.X -> X.X.X.X (imap)
LOGIN XXX nabilj

-----------------
03/13/00 10:30:10 X.X.X.X -> X.X.X.X (telnet)
XXX
car9^ter

-----------------
03/14/00 12:16:10 X.X.X.X -> X.X.X.X (icq)
XXX59140 swzhu123

-----------------
03/14/00 11:31:30 X.X.X.X -> X.X.X.X (telnet)
XXX
yanshime
sqlplus XXX/mai2mai

-----------------
03/14/00 15:48:15 X.X.X.X -> X.X.X.X (telnet)
XXX
yanshime
su
i2000net

-----------------
03/13/00 15:10:12 X.X.X.X -> X.X.X.X (telnet)
XXX
Ctpsuck#

-----------------
03/13/00 13:37:34 X.X.X.X -> X.X.X.X (telnet)
XXX
laichen88

-----------------
03/13/00 10:25:57 X.X.X.X -> X.X.X.X (telnet)
XXX
u8ts,i1ts

-----------------
03/14/00 03:34:50 X.X.X.X -> X.X.X.X (napster)
XXX ultimate 0 "v2.0a"

-----------------
03/14/00 18:31:42 X.X.X.X -> X.X.X.X (icq)
XXX tbone

-----------------
03/14/00 16:15:40 X.X.X.X -> X.X.X.X (aim)
toc_signon login.oscar.aol.com 5190 XXX 0x300c05443b1d0d [defkorn]

-----------------
03/14/00 19:47:15 X.X.X.X -> X.X.X.X (napster)
XXX tbone 6699 "Gnapster 1.3.4"

-----------------
03/14/00 15:51:19 X.X.X.X -> X.X.X.X (ftp)
USER XXX
PASS ^zex(otic

-----------------
03/14/00 07:31:29 X.X.X.X -> X.X.X.X (icq)
XXX yelmer

-----------------
02/28/00 16:59:18 X.X.X.X -> X.X.X.X (www)
GET /secure/vlispdf/stk1700/index1.cfm HTTP/1.1
Host: X.X.X
Authorization: Basic XXXtb3RoeWVtYWhvbmV5OmpvcmRhbg== [XXX:jordan]

-----------------
03/06/00 15:31:21 X.X.X.X -> X.X.X.X (imap)
LOGIN XXX Grote#bitch.

-----------------
03/03/00 10:26:48 X.X.X.X -> X.X.X.X (telnet)
XXX
rajkkarD9

-----------------
02/25/00 17:14:26 X.X.X.X -> X.X.X.X (ftp)
USER XXX
PASS Anklayeaucad-

-----------------
03/02/00 15:20:59 X.X.X.X -> X.X.X.X (telnet)
XXX
shiyan70090951

-----------------
03/02/00 20:32:41 X.X.X.X -> X.X.X.X (ftp)
USER XXX
PASS !hlrt@uofM

-----------------
02/29/00 16:29:42 X.X.X.X -> X.X.X.X (telnet)
XXX
i2000net

-----------------
02/29/00 17:17:11 X.X.X.X -> X.X.X.X (telnet)
XXX
manmarsh

-----------------
02/28/00 09:03:18 X.X.X.X -> X.X.X.X (telnet)
XXX
98XippKA

-----------------
02/29/00 17:34:52 X.X.X.X -> X.X.X.X (telnet)
XXX
PiKasso

-----------------
03/06/00 12:14:14 X.X.X.X -> X.X.X.X (ftp)
USER XXX
PASS sarah1024

-----------------
03/06/00 12:14:18 X.X.X.X -> X.X.X.X (telnet)
XXX
143Mtyn!

-----------------
03/03/00 07:03:38 X.X.X.X -> X.X.X.X (ftp)
USER XXX
PASS #@gruPPO:"

-----------------
03/06/00 13:30:03 X.X.X.X -> X.X.X.X (www)
GET /tbl_properties.php3?server=1&db=XXX&table=Customer HTTP/1.1
Host: X.X.X
Authorization: Basic XXXvbmduYW46emhvbmduYW4xMjM= [XXX:zhongnan123]

-----------------
03/01/00 16:10:44 X.X.X.X -> X.X.X.X (telnet)
XXX
derf.310

-----------------
03/03/00 12:43:42 X.X.X.X -> X.X.X.X (telnet)
XXX
paddington1

-----------------
03/06/00 13:07:34 X.X.X.X -> X.X.X.X (mountd)
/mnt/win/olympus/asb [00 00 00 00 ca ba eb fe 03 00 00 00 02 00 00 00 01 03 00 00 01 03 00 00 01 00 00 00 00 00 00 00]

-----------------
03/02/00 17:43:56 X.X.X.X -> X.X.X.X (www)
GET /format/bot.1.jpg HTTP/1.0
Proxy-authorization: Basic XXX0MDoxMjk5NA== [XXX:12994]
Host: X.X.X.X

-----------------
02/29/00 19:17:37 X.X.X.X -> X.X.X.X (www)
GET /photoshop/private/images/privatepage_005_f_r1_c1.gif HTTP/1.1
Host: X.X.X
Authorization: Basic XXXvdG9zaG9wOnJlc29sdXRpb24= [XXX:resolution]

-----------------
03/02/00 16:53:36 X.X.X.X -> X.X.X.X (telnet)
XXX
$yvette%

-----------------
03/01/00 17:38:16 X.X.X.X -> X.X.X.X (www)
GET /format/mid.1.jpg HTTP/1.0
Host: X.X.X.X
Proxy-Authorization: Basic XXXvbWVzOmFiYzEyM2FiYw== [XXX:abc123abc]

-----------------
02/25/00 10:56:12 X.X.X.X -> X.X.X.X (ftp)
USER XXX
PASS !nf(n@teDre@m$

-----------------
02/25/00 09:33:43 X.X.X.X -> X.X.X.X (pop3)
AUTH LOGIN
XXX1Z2dldHQ= [XXX]
ZG9tamFuNjI= [domjan62]

-----------------
02/25/00 09:32:18 X.X.X.X -> X.X.X.X (imap)
LOGIN XXX yaotun

-----------------
02/25/00 10:23:58 X.X.X.X -> X.X.X.X (telnet)
XXX
*BlinK182

-----------------
02/25/00 08:52:08 X.X.X.X -> X.X.X.X (imap)
LOGIN XXX jaime0618

-----------------
02/24/00 19:37:47 X.X.X.X -> X.X.X.X (ftp)
USER XXX
PASS shiyan70
ACCT XXX

-----------------
02/25/00 08:55:14 X.X.X.X -> X.X.X.X (imap)
LOGIN XXX Tastd1tmn5

-----------------
02/24/00 19:24:54 X.X.X.X -> X.X.X.X (pop3)
AUTH LOGIN
XXXodQ== [XXX]
c2hpeWFuNzA= [shiyan70]

-----------------
02/25/00 12:56:43 X.X.X.X -> X.X.X.X (telnet)
XXX
!nf(n@teDre@m$

-----------------
02/25/00 13:30:53 X.X.X.X -> X.X.X.X (ftp)
USER XXX
PASS yaotun

-----------------
02/25/00 10:10:22 X.X.X.X -> X.X.X.X (telnet)
XXX
ready001

-----------------
02/25/00 11:18:28 X.X.X.X -> X.X.X.X (ftp)
USER XXX
PASS Tastd1tmn5

-----------------
02/26/00 00:27:47 X.X.X.X -> X.X.X.X (www)
GET /netnomics/articles/2000/2-1/net9902.pdf HTTP/1.0
Host: X.X.X
Authorization: Basic XXXwaGVycHVuazpjeXBoZXJwdW5r [XXX:cypherpun]

-----------------
02/25/00 12:08:55 X.X.X.X -> X.X.X.X (mountd)
/mnt/win/mp3/asb [00 00 00 00 ca ba eb fe 67 00 00 00 02 00 00 00 01 03 00 00 01 03 00 00 01 00 00 00 00 00 00 00]

-----------------
02/24/00 17:09:41 X.X.X.X -> X.X.X.X (www)
GET /mobile.html HTTP/1.0
Host: X.X.X.X/mobile.html
Proxy-Authorization: Basic XXX1c2VyMTpibXVzZXI= [XXX:bmuser]

-----------------
02/24/00 16:42:00 X.X.X.X -> X.X.X.X (www)
GET /usage/usage_0200.html HTTP/1.1
Host: X.X.X
Authorization: Basic XXXibGljOnRvMjFjbg== [XXX:to21cn]

GET /usage/usage_0200.html HTTP/1.1
Host: X.X.X
Authorization: Basic XXXodTpzemh1MTIz [XXX:szhu12]

-----------------
02/24/00 16:54:00 X.X.X.X -> X.X.X.X (imap)
00001 LOGIN XXX Frisbee!

-----------------
02/24/00 17:24:43 X.X.X.X -> X.X.X.X (snmp)
[version 1]
internal

-----------------
02/24/00 17:13:41 X.X.X.X -> X.X.X.X (ftp)
USER XXX
PASS rakkarD9

-----------------
02/24/00 16:22:11 X.X.X.X -> X.X.X.X (pop3)
USER XXX
PASS Ichuta!

-----------------
02/24/00 17:28:27 X.X.X.X -> X.X.X.X (telnet)
XXX
yanshime

-----------------
02/24/00 15:36:39 X.X.X.X -> X.X.X.X (pop3)
USER XXX
PASS tywade

-----------------
02/24/00 15:44:50 X.X.X.X -> X.X.X.X (pop3)
USER XXX
PASS sckmdck

-----------------
02/24/00 17:01:27 X.X.X.X -> X.X.X.X (telnet)
XXX
shiyan70

-----------------
02/24/00 15:46:37 X.X.X.X -> X.X.X.X (pop3)
USER XXX
PASS shiyan70

-----------------
02/24/00 15:37:33 X.X.X.X -> X.X.X.X (pop3)
USER XXX
PASS 3873#*

-----------------
02/24/00 15:45:06 X.X.X.X -> X.X.X.X (imap)
002N LOGIN "XXX" "Anklayeaucad-"

-----------------
02/23/00 16:27:40 X.X.X.X -> X.X.X.X (telnet)
XXX
COOTER1

-----------------
02/24/00 10:52:30 X.X.X.X -> X.X.X.X (telnet)
XXX
sdrg.upm

-----------------
02/24/00 11:32:40 X.X.X.X -> X.X.X.X (ftp)
USER XXX
PASS wo45

-----------------
02/24/00 15:15:04 X.X.X.X -> X.X.X.X (www)
GET / HTTP/1.0
Proxy-Authorization: Basic XXXrazpiYWNrdXA= [XXX:backup]
Host: X.X.X.X

-----------------
02/17/00 15:27:05 X.X.X.X -> X.X.X.X (ftp)
USER XXX
PASS jeffab

-----------------
02/17/00 05:23:26 X.X.X.X -> X.X.X.X (www)
GET /projects/citi-netscape/ HTTP/1.0
Host: X.X.X.X
Proxy-Authorization: Basic XXXwcm94eTFcZWNwcm94eWxpbms6cHJveHltZQA= [XXX\XXX:proxyme]

-----------------
02/17/00 18:08:24 X.X.X.X -> X.X.X.X (ftp)
USER XXX
PASS nanofuck

-----------------
02/16/00 14:25:16 XXX -> XXX (www)
GET /us/mac/VISEData HTTP/1.1
Host: XXX
Authorization: Basic cXRtYWM6 [qtmac]

-----------------
02/16/00 17:36:25 X.X.X.X -> X.X.X.X (imap)
A001 LOGIN "XXX" "catteeth"

-----------------
02/16/00 17:39:41 X.X.X.X -> X.X.X.X (imap)
A001 LOGIN "XXX" "cat4snog"

-----------------
02/15/00 16:32:24 X.X.X.X -> X.X.X.X (telnet)
XXX
wyoumm

-----------------
02/16/00 12:43:55 X.X.X.X -> X.X.X.X (imap)
A001 LOGIN "XXX" "cat2tcl"

-----------------
02/16/00 15:33:02 X.X.X.X -> X.X.X.X (ftp)
USER XXX
PASS 11112222

-----------------
02/16/00 14:24:59 X.X.X.X -> X.X.X.X (www)
GET /projects/linux-scalability/ HTTP/1.0
Host: X.X.X.X
Proxy-Authorization: Basic XXX0Om5RczRmQG9Q [XXX:nQs4f@o]

-----------------
02/15/00 17:32:06 X.X.X.X -> X.X.X.X (www)
GET /format/mid.1.jpg HTTP/1.0
Host: X.X.X.X
Proxy-authorization: Basic XXXYXJpc0BicmV3LW1laXN0ZXIuY29tOnRoaXMgaXMgdGhlIHRpbWUh [XXX@X.X:this is the time]

-----------------
02/11/00 12:42:17 X.X.X.X -> X.X.X.X (www)
GET /isat HTTP/1.1
Host: X.X.X
Authorization: Basic XXXtYmVyOmluc3RpdHV0ZQ== [XXX:institute]

-----------------
02/14/00 12:59:27 X.X.X.X -> X.X.X.X (mountd)
/home/XXX [00 00 00 00 20 ed 82 c1 87 0d 00 00 41 3c 01 00 11 08 00 00 11 08 00 00 87 0d 00 00 00 00 00 00]

-----------------
02/10/00 17:20:51 X.X.X.X -> X.X.X.X (pop3)
USER XXX
PASS .twins,

-----------------
02/12/00 23:25:52 X.X.X.X -> X.X.X.X (ftp)
USER XXX
PASS hgg784k

-----------------
02/11/00 08:54:41 X.X.X.X -> X.X.X.X (ftp)
USER XXX
PASS sbk1bNkE

-----------------
02/11/00 17:38:21 X.X.X.X -> X.X.X.X (mountd)
/usr/local [00 00 00 00 d0 b4 3c c0 02 00 00 00 02 00 00 00 02 03 00 00 02 03 00 00 02 00 00 00 00 00 00 00]

-----------------
02/12/00 06:16:12 X.X.X.X -> X.X.X.X (ftp)
USER XXX
PASS LLgu8N

-----------------
02/10/00 23:49:49 X.X.X.X -> X.X.X.X (telnet)
XXX
(HOhoHO)

-----------------
02/11/00 11:39:23 X.X.X.X -> X.X.X.X (telnet)
XXX
Let'ski

-----------------
02/13/00 16:25:37 X.X.X.X -> X.X.X.X (www)
GET /controlPanel/default HTTP/1.1
Host: X.X.X.X
Authorization: Basic XXX2aW5AdW1pY2guZWR1OmNhdDRzbm9n [XXX:cat4sno]

-----------------
01/25/00 14:19:31 X.X.X.X -> X.X.X.X (pop3)
USER XXX
PASS Anderson.

-----------------
01/26/00 09:02:30 X.X.X.X -> X.X.X.X (www)
GET /_derived/home_cmp_artsy010_hbtn_a.gif HTTP/1.0
Host: X.X.X
Authorization: Basic XXXcGFydG5lcjpzYWZlbW9uZXk= [XXX:safemoney]

-----------------
01/24/00 12:52:03 X.X.X.X -> X.X.X.X (ftp)
USER XXX
PASS cat4snog

-----------------
01/22/00 11:26:25 X.X.X.X -> X.X.X.X (pop3)
USER XXX
PASS qwert hx1138

-----------------
01/26/00 17:03:00 X.X.X.X -> X.X.X.X (telnet)
XXX
arat'san

-----------------
01/23/00 22:16:55 X.X.X.X -> X.X.X.X (telnet)
XXX
cycle:381

-----------------
01/22/00 08:20:16 X.X.X.X -> X.X.X.X (ftp)
USER XXX
PASS Alpc2p3O

-----------------
01/26/00 17:51:03 X.X.X.X -> X.X.X.X (ftp)
USER XXX
PASS d73sbwv5

-----------------
01/21/00 14:56:56 X.X.X.X -> X.X.X.X (ftp)
USER XXX
PASS chorgy

-----------------
01/25/00 08:53:30 X.X.X.X -> X.X.X.X (ftp)
USER XXX
PASS cat2tcl

-----------------
01/22/00 18:02:33 X.X.X.X -> X.X.X.X (ftp)
USER XXX
PASS A.K.R.N!

-----------------
01/21/00 07:50:27 X.X.X.X -> X.X.X.X (pop3)
USER XXX
PASS bat2bite

-----------------
01/23/00 16:51:17 X.X.X.X -> X.X.X.X (telnet)
XXX
KaruVatta_0

-----------------
01/21/00 11:42:51 X.X.X.X -> X.X.X.X (ftp)
USER XXX
PASS HOWL ABE BOCK TROT ONTO LIST

-----------------
01/23/00 16:57:30 X.X.X.X -> X.X.X.X (telnet)
XXX
ma3baba

-----------------
01/26/00 16:39:03 X.X.X.X -> X.X.X.X (telnet)
XXX
$#bab,.

-----------------
01/26/00 14:24:19 X.X.X.X -> X.X.X.X (login)
[XXX:XXX]
XXX
i'm Engaged?

-----------------
01/23/00 16:46:26 X.X.X.X -> X.X.X.X (telnet)
XXX
@cheech@

-----------------
01/21/00 07:18:42 X.X.X.X -> X.X.X.X (pop3)
USER XXX
PASS thx1138

-----------------
02/10/00 14:45:55 X.X.X.X -> X.X.X.X (pop3)
AUTH LOGIN
XXXj [XXX]
XXXpbFBXRA== [mailPWD]

-----------------
02/10/00 14:28:26 X.X.X.X -> X.X.X.X (pop3)
USER XXX
PASS thy1138

-----------------
02/10/00 14:29:16 X.X.X.X -> X.X.X.X (pop3)
USER XXX
PASS me!!OW**

blank.space
b.star projects | techreports | press | lab | location | staff Email address
or call +1 734 763 2929
Copyright © 1996-2013
The Regents of the University of Michigan
bottom.line
 citi