Hi I'm trying to capture a password from a Utax printer/scanner, The account on the printer/scanner has a username , password and path to where the file should be scanned to on a server. I've set up a session on wireshark and added host 192.168.16.89 (ip address of scanner) and then did a few scans, but i can't seem to pick up any info from the printer. Should wireshark be able to catch a username and password from it, i'm not sure if the password is encrypted or plain text asked 10 Feb '11, 02:25  okee |
One Answer:
I would assume, that user/pass are sent using LM or NTLM hashes You can try filtering for smb2.cmd == 1 which will show Session Setup packets fpr SMB2 or alternatively smb.cmd == 0x73 for Session Setup under SMB(1) For cracking those hashes, google for yourself on howto do that if neccessary. This is not part of this forum's question range in my opinion. Regards answered 10 Feb '11, 02:33  Landi |
