MCPcopy
hub / github.com/DanMcInerney/net-creds

github.com/DanMcInerney/net-creds @main sqlite

repository ↗ · DeepWiki ↗
32 symbols 99 edges 1 files 29 documented · 91%
README

Thoroughly sniff passwords and hashes from an interface or pcap file. Concatenates fragmented packets and does not rely on ports for service identification.

Screenshots
Screenie1
Screenie2

Sniffs

  • URLs visited
  • POST loads sent
  • HTTP form logins/passwords
  • HTTP basic auth logins/passwords
  • HTTP searches
  • FTP logins/passwords
  • IRC logins/passwords
  • POP logins/passwords
  • IMAP logins/passwords
  • Telnet logins/passwords
  • SMTP logins/passwords
  • SNMP community string
  • NTLMv1/v2 all supported protocols: HTTP, SMB, LDAP, etc.
  • Kerberos

Examples

Auto-detect the interface to sniff

sudo python net-creds.py

Choose eth0 as the interface

sudo python net-creds.py -i eth0

Ignore packets to and from 192.168.0.2

sudo python net-creds.py -f 192.168.0.2

Read from pcap

python net-creds.py -p pcapfile

OS X

Credit to epocs:

sudo easy_install pip
sudo pip install scapy
sudo pip install pcapy
brew install libdnet --with-python
mkdir -p /Users/<username>/Library/Python/2.7/lib/python/site-packages
echo 'import site; site.addsitedir("/usr/local/lib/python2.7/site-packages")' >> /Users/<username>/Library/Python/2.7/lib/python/site-packages/homebrew.pth
sudo pip install pypcap
brew tap brona/iproute2mac
brew install iproute2mac

Then replace line 74 '/sbin/ip' with '/usr/local/bin/ip'.

Thanks

  • Laurent Gaffie
  • psychomario

Core symbols most depended-on inside this repo

printer
called by 22
net-creds.py
parse_args
called by 2
net-creds.py
Decode_Ip_Packet
called by 2
net-creds.py
double_line_checker
called by 2
net-creds.py
mail_decode
called by 2
net-creds.py
parse_ntlm_chal
called by 2
net-creds.py
parse_ntlm_resp
called by 2
net-creds.py
iface_finder
called by 1
net-creds.py

Shape

Function 32

Languages

Python100%

Modules by API surface

net-creds.py32 symbols

For agents

$ claude mcp add net-creds \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact