Aimsnarf is a small (~250 lines) Ruby script that I’ve written to sniff and dump AOL IM messages to STDOUT. I wrote this an as alternative to aimsniff, because I really dislike having to install aimsniff and all of it’s dependancies when all I want is a simple text transcript. I really felt like the dsniff toolkit should have had something like this (they already have urlsnarf, filesnarf, etc) to be used for penetration testing.
Aimsnarf can either dump messages during a live capture, or it can read packets from a pcap file (most likely generated from wireshark or tcpdump) and print the messages.
The latest version can be downloaded from here:
It requires the ruby-pcap library in order to run.
You can read more about aimsnarf’s usage in this post, if you’re interested.
Latest Revision includes:
Version 0.11 – Update/Bugfix
This update fixed a few parsing bugs in variable-length TLVs in the packet. It also now prints out the IP address of the originating message sender/receiver.
Version 0.1 – Initial release
Initial release of the Aimsnarf program.