GitHub - nozberkaryaindonesia/PCredz: This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.

#Features:

Extract from a pcap file or from a live interface:
- Credit card numbers
- POP
- SMTP
- IMAP
- SNMP community string
- FTP
- HTTP Basic
- NTLMv1/v2 (DCE-RPC,SMBv1/2,LDAP, MSSQL, HTTP, etc)
- Kerberos (AS-REQ Pre-Auth etype 23) hashes.
All hashes are displayed in a hashcat format (use -m 7500 for kerberos, -m 5500 for NTLMv1, -m 5600 for NTLMv2).
Log all credentials to a file (CredentialDump-Session.log).

#Install:

On a debian based OS: apt-get install python-libpcap

On Kali, you will need to: apt-get remove python-pypcap && apt-get install python-libpcap

tar xvf pylibpcap-0.6.4.tar.gz

cd pylibpcap-0.6.4

python setup.py install

#Usage:

./Pcredz -f file-to-parse.pcap

./Pcredz -d /tmp/pcap-directory-to-parse/

./Pcredz -i eth0

Options:

-h, --help show this help message and exit

-f capture.pcap Pcap file to parse

-d /home/pnt/pcap/ Pcap directory to parse recursivly

-i eth0 interface for live capture

-v More verbose.

Name		Name	Last commit message	Last commit date
Latest commit History 13 Commits
Pcredz		Pcredz
Readme.md		Readme.md

Provide feedback