Sniffing POP3 passwords

If you have forgotten what are the passwords for user accounts at your mail server, run the specialized dsniff utility while they are checking their mail:

  • dsniff -i any 'tcp port pop3'

It is better than other sniffers because it does not show you all the usual garbage, it cares only about user names and passwords.

Of course it will not work if the user uses STARTTLS or SSL/TLS connection security. After all, that’s what it is for…



One Comment on “Sniffing POP3 passwords”

  1. Appreϲiate this post. Will try it out.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s