Saturday, May 29, 2010

Wireshark Export-Object-SMB plugin


Capturing SMB Files with Wireshark

The plugin adds to Wireshark the ability to extract and save separately, from any network capture, either live or previously saved, the contents of any files transferred between a server and a client using the SMB protocol. We have succesfully used this plug-in in some real pentests, demonstrating the potential impact of this vulnerability.

Download: http://www.taddong.com/tools/eo_smb.patch

WHITE PAPER: A tool for capturing SMB files with Wireshark
This white paper describes a plugin that we have created and made publicly available for the popular network analyzer Wireshark. The plugin adds to Wireshark the ability to extract and save separately, from any network capture, either live or previously saved, the contents of any files transferred between a server and a client using the SMB protocol.

Download PDF

No comments: