Using dsniff did not reveal my password when logging into mail.yahoo.com. I want to see what all the passwords are caught and how vulnerable my network really is. Any ideas why dsniff did not catch my password? This is what it put in the logs. msgsnarf is also not catching any of the logins from gaim. I am not using ssl (https), but I do notice the packets caught by dsniff say slogin. This probably means secure login. Any ideas how dsniff could get my passwords for gaim, gmail and yahoo mail? I am using the newest version.
Code:
-----------------
08/12/06 19:31:51 tcp my_ip_address.35398 -> l2.login.vip.mud.yahoo.com.80 (http)
GET /config/login_verify2?.slogin=my_email_address&.intl=us&.src=ym&.bypass=&.partner=&.done=http%3a//edit.yahoo.com/config/eval_profile%3f.done=http%3a//mail.yahoo.com%26.src=ym%26.intl=us%26.scrumb=0&pkg=&owd= HTTP/1.1
Host: login.yahoo.com
-----------------
08/12/06 19:51:52 tcp my_ip_address.34657 -> l2.login.vip.mud.yahoo.com.80 (http)
GET /config/login_verify2?.slogin=my_email_address&.intl=us&.src=ytc&.bypass=&.partner=&.done=http%3a//edit.yahoo.com/config/eval_profile%3f.done=http%3a//members.yahoo.com%26.src=ytc%26.intl=us%26.scrumb=0&pkg=&owd= HTTP/1.1
Host: login.yahoo.com