FTP Password Sniffer is the universal
FTP password recovery tool for any of your favorite FTP application
such as FileZilla, SmartFtp etc.
It can not only recover the lost FTP account password but also can
sniff and catch any of the FTP account passwords passing through
your network, thus making it a great tool for penetration
testers.
Each FTP application uses its own storage and encryption
mechanism for keeping the FTP server password information. Often it
happens that you configure the FTP accounts in the beginning and
then forget the passwords as it is taken care by your FTP
application. At later times when you need these FTP account
passwords you realize that you cannot just get it because either the
password is stored at some secret location or it is encrypted.
In
such a situation FTPPasswordSniffer comes to your rescue by helping
you to easily and instantly recover those lost FTP
account passwords.
It comes with
Installer and works on most of the Windows
platforms starting from Windows XP to latest
operating system, Windows 7.
Features
Here are the top features of FTPPasswordSniffer
Universal FTP password recovery tool supporting most of
the prominent FTP applications.
Recover password of any length and
complexity.
Instantly decode the username & password for any FTP
server account and present it in clear text.
Sort feature to arrange the recovered
passwords in various order to make it easier to search
through 100's of entries.
Save the recovered password list to HTML/XML/Text file for transferring to other system or for
future use.
Easier and faster to use with its enhanced user
friendly GUI interface.
Support for local Installation and uninstallation of the
software.
Here are the some of the main FTP applications
that are supported,
3D-FTP
AbsoluteTelnet
ALFTP
BitKinex
BulletProof FTP
Classic FTP
CoffeeCup Direct FTP
CoffeeCup Free FTP
CoreFTP
CrossFTP
CuteFTP
ExpanDrive
FileZilla
FireFTP
FlashFXP
Fling FTP
FTP Voyager
Global Downloader
Glub Tech Secure FTP
LeechFTP
Mosaic
NcFTP
net2ftp
PSFTP
SFTPPlus
ScripFTP
SmartFTP
Sysax FTP Automation
WebDrive
WinSCP
WISE-FTP
WS_FTP
and many more
Requirements
FTPPasswordSniffer requires Winpcap (http://www.winpcap.org)
- industry standard packet capture library for Windows. By default
latest version of Winpcap (as of this writing v4.1.2) is installed
automatically during the installation of FTPPasswordSniffer.
However if you don't want it, you can uncheck it during installation and
later install the latest version manually.
Video Demonstration
This video demonstrates how to recover lost/forgotten FTP passwords using FTPPasswordSniffer. In addition to this, FTPPasswordSniffer can also be used to sniff FTP passwords flowing through the wire like any other sniffing tool
Installation & Uninstallation
FTPPasswordSniffer comes with
Installer which install all the required softwares along with main
software so you do not have to worry about separately installing any of
the dependent softwares. It has intuitive setup wizard (as shown in the screenshot below) which
guides you through series of steps in completion of installation.
At any point of time, you can uninstall the product using the
Uninstaller located at following location (by default)
Here is the detailed information on how to effectively use
FTPPasswordSniffer to recover the lost passwords or use it as
pen test tool to catch the FTP passwords flowing through the
wire
Using
FTPPasswordSniffer to Recover Lost FTP Passwords
Launch the FTPPasswordSniffer from its installed location.
Select the right network interface for
sniffing the FTP packets. If you don't know then you can experiment
with each of them and see which one works !
Then click on 'Start FTP Sniffer' button
and it will start sniffing operation as shown in the screenshot
below.
Now run your favorite FTP application and connect
to pre-configured FTP server whose password you
want to recover.
As you are being connected to FTP server,
FTPPasswordSniffer will transparently catch these FTP login packets
and decode the username/password in clear text.
You can now stop the recovery operation and save the
recovered password list to HTML/XML/Text file by clicking on 'Export' button and then select the type
of file from the drop down box of 'Save File Dialog'.
Using
FTPPasswordSniffer for Penetration Testing
For penetration testing you have to make sure that you
are running FTPPasswordSniffer on the right system such as
Gateway so that you can catch most of the FTP packets flowing
from local network to Internet. Rest of the steps for catching and
decoding FTP account passwords are same as explained earlier.
Screenshots
Here are the screenshots of
FTPPasswordSniffer
Screenshot 1:FTPPasswordSniffer is showing the
recovered FTP account passwords.
Screenshot 2: List of of recovered FTP account passwords by
FTPPasswordSniffer in HTML format.
Troubleshooting
FTPPasswordSniffer depends upon Winpcap packet capturing library. So
if you have not installed it earlier or unchecked it during the
Installation of FTPPasswordSniffer then you will see the error message
like below,
"This application has failed to start because
wpcap.dll was not found. Re-installing the application may fix the
problem"
In such case you can run the installation of
FTPPasswordSniffer again (without de-selecting Winpcap) which will
install the Winpcap library on your system. After that you should be
able to run FTPPasswordSniffer without above mentioned problem.
Release History
Version 1.5 : 27th Mar 2012
Support to save recovered password list to XML/Text file along with existing HTML support. New enhanced interface with cool banner.
Version 1.1 : 16th Apr 2011
Added links for PasswordForensics.com in about section & few bug fixes.
Version 1.0 : 20th Dec 2010
First public release of FTPPasswordSniffer
Disclaimer
FTPPasswordSniffer is designed to recover the lost FTP account
passwords and to help penetration testers.
Like any tool its use either good or
bad, depends upon the user who uses it. However Author or
SecurityXploded is not
responsible for any damage caused due to misuse of this tool.
