Make sure you install WinPcap driver before running this application.
This video demonstrates how to recover lost/forgotten FTP passwords using FTPPasswordSniffer. In addition to this, FTPPasswordSniffer can also be used to sniff FTP passwords flowing through the wire like any other sniffing tool
Installation & Uninstallation
FTP Password Sniffer comes with
Installer which install all the required softwares along with main
software so you do not have to worry about separately installing any of
the dependent softwares.
It has intuitive setup wizard which
guides you through series of steps in completion of installation.
At any point of time, you can uninstall the product using the
Uninstaller located at following location (by default)
This software requires WinPcap driver for capturing network packets. So make sure you install it from here before running this appication.
Here is the detailed information on how to effectively use
FTPPasswordSniffer to recover the lost passwords or use it as
pen test tool to catch the FTP passwords flowing through the
Recovering Lost FTP Passwords
Launch the FTPPasswordSniffer from its installed location.
Select the right 'network interface' for
sniffing the FTP packets. If you don't know then you can experiment
with each of them and see which one works !
Then click on 'Start FTP Sniffer' button
and it will start sniffing operation as shown in the screenshot
Now run your favorite FTP application and connect<
to pre-configured FTP server whose password you
want to recover.
As you are being connected to FTP server,
FTPPasswordSniffer will transparently catch these FTP login packets
and decode the username/password in clear text.
You can now stop the recovery operation and save the
recovered password list to HTML/XML/Text/CSV file by clicking on 'Export' button and then select the type
of file from the drop down box of 'Save File Dialog'.
for Penetration Testing
For penetration testing you have to make sure that you
are running FTP Password Sniffer on the right system such as
Gateway so that you can catch most of the FTP packets flowing
from local network to Internet. Rest of the steps for catching and
decoding FTP account passwords are same as explained earlier.
Screenshot 1: FTP Password Sniffer is showing the
recovered FTP account passwords.
Screenshot 2: List of of recovered FTP account passwords by
FTP Password Sniffer in HTML format.
FTP Password Sniffer depends upon WinPcap for capturing network packets. So
if you have not installed it earlier then you will see the error message like below
"This application has failed to start because
wpcap.dll was not found. Re-installing the application may fix the
In such case you can just install WinPcap driver from here.
Version 5.0 : 28th Dec 2016
New feature added to Installer to dynamically download latest version
Version 4.5 : 3rd Aug 2015
Major release to support FTP Password Sniffing on Windows 10 version
Version 4.0 : 12th Jan 2015
Integrated latest version of windows packet sniffer engine. Also integrated Uninstaller into Windows Add/Remove Programs.
Version 3.0 : 6th May 2014
New feature to save the password report in CSV (Comma-Seperated Values) File Format. Improved GUI interface with magnifying icon effects.
Version 2.5 : 22nd Mar 2013
Support for Windows 8. Added right click context menu option to quickly copy the password. Fixed the missing winpcap setup file in the Installer.
Version 2.0 : 16th Jan 2013
Fixed the problem with screen refresh and other UI improvements.
Version 1.5 : 27th Mar 2012
Support to save recovered password list to XML/Text file along with existing HTML support. New enhanced interface with cool banner.
Version 1.1 : 16th Apr 2011
Added links for PasswordForensics.com in about section & few bug fixes.
Version 1.0 : 20th Dec 2010
First public release of FTPPasswordSniffer
FTP Password Sniffer is designed to recover the lost FTP account
passwords and to help penetration testers.
Like any tool its use either good or
bad, depends upon the user who uses it. However Author or
SecurityXploded is not
responsible for any damage caused due to misuse of this tool.