Well I successfully sniffed HTTPS password (rapidshare / megaupload) but I was hoping I could sniff HTTP passwords too (msn, forums, etc.), is it possible?
Purely ethical, I mean no harm to my sisters accounts. xD
Printable View
Well I successfully sniffed HTTPS password (rapidshare / megaupload) but I was hoping I could sniff HTTP passwords too (msn, forums, etc.), is it possible?
Purely ethical, I mean no harm to my sisters accounts. xD
Yes, you sniff http traffic by, you know, sniffing it... its sent over the network in clear text. If you've managed to sniff https (which is encrypted when sent over the network) then you should be able to manage http...Quote:
Originally Posted by OldGregg
That's what I thought, but whenever I sniff I only get https results, I tested it with one computer sniffing and logged into some places on the other one, but nothing was captured, but when I try with https it works..Quote:
Originally Posted by lupin
Am i doing something wrong?
I open ettercap in GTK mode with the WEP key, I click Set Netmask and set it to "255.255.255.0", I then go to sniffing > unified sniffing and scan hosts, I add the router (192.168.2.1) to host 1 and the victim (192.168.2.101) to host 2, I then click mitm > arp poisoning and tick "sniff remote connections", I then start the sniffing, but as said, it is only sniffing https. :S
MSN doesnt run on port 80 plus its not HTTP traffic! So ettercap will not do it!Quote:
Originally Posted by OldGregg
Unless you mean a web based client?
Now for sites that ettercap doesn't pick up, you could try and make your own filter! An example (Yahoo Web Based Email)
Ettercap :: View topic - HowTo do filters (Yahoo example)
Any of that help?
I mean the MSN website, hotmail and whatnot, it's not just that though, I tested it with other things, vbulletin & phpbb forums, blogspot, twitter, etc. and none are working.. but when I try with rapidshare, megaupload, etc. it works.. :/Quote:
Originally Posted by g0tmi1k
Thanks for the help guys, it's appreciated. :)
You could also try using Wireshark or tcpdump instead of Ettercap.Quote:
Originally Posted by OldGregg
Its ssl thats why its not working, how are you planning on sniffing encrypted traffic ??
I probably shouldn't say it as i hate to be a spoonfeeder, but just google yourself sslstripm and yes it works nicely with ettercap.
I posted a link, on how to make a filter - apply a bit of known-age and you can apply it to other sites! :)Quote:
Originally Posted by OldGregg
and with SSLStrip - I posted a video on how to use it! :)
Thanks for all the help mate, I have heard of SSLStrip and was checking it out the other day.Quote:
Originally Posted by g0tmi1k
Anyway I'll take a look at making a filter, thanks again for the help.
~Old Gregg