ettercap sniffing

Printable View

06-07-2011, 06:44 AM
mrbacktrac

ettercap sniffing

ok i got a simple question. hope its in the rite place. when i connect to an unsecure wireless network via my network card i get directed to a site or a page where i have to type in my username and password? ok now i have tryd to capture my password with ettercap while logging in but it doesnt work. my question. please read carfully, must the "attacker" be loged into this network (as in type a username and password) or does the "attacker" just have to be connected to the wireless network without typing a username and password(basically just sit and wait at the login page) ?
oh and why is it called an unsecure network? i have read allot of posts that people say you can just sniff plain text outof an unsecure wireless network but you cant? i sniff while im doing things and i get nothing relavent. thanx for any help, i have tryd searching google and a number of forums but i cant get an answer anywhere. it seems so simple people dnt evan bother.
06-10-2011, 08:24 AM
iliyapolak

Re: ettercap sniffing

Attacker must be connected to the network he must also perform arp poisoning to reroute network traffic between victim and for example GW to flow through his machine interface then the ettercap uses taps or hooks into network stack in order to intercept protocol level 3,4,7 packets and modify their content based on precompiled filters/plugiuns.
Yes in so called open system you can sniff packets and use wireshark to dissect them.

Quote:

get nothing relavent. thanx for any help, i have tryd searching google and a number of forums but i cant get an answer anywhere. it seems so simple people dnt evan bother.

It is based on wireshark ability to dissect packet.For example if you want to intercept your neighbour traffic when he watch porno movies:o:o (online streaming) i think you need to develop your own wireshark dissector for video compressed content.:cool:
06-16-2011, 04:47 PM
byteme

Respuesta: Re: ettercap sniffing

Quote:

Originally Posted by iliyapolak

Attacker must be connected to the network he must also perform arp poisoning to reroute network traffic between victim and for example GW

Actually, for unsecured / WEP encrypted wireless networks that's not necessary. You just need to stick your card in monitor mode so it captures all packets. Since everything goes through the air, you don't need to be connected to receive the packets, as otherwise you wouldn't be able to crack networks.

Picture the following: you are standing between 2 people who are talking. Instead of radio waves, they use sound waves and you don't need to be a part of their group (connected) to hear what they say. If they speak Mandarin (or WEP) you need to know the key (Mandarin, or WEP key) to decrypt what they say.

You can even record (capture packets) what they say and then decrypt it later when you learned Mandarin (found the WEP key)

ARP poisoning is used on Ethernet (wired) networks, so you force the traffic to go through your connection.

For a better understanding of Wireless hacking, check out the book: Hacking Wireless Exposed. Might not include the latest tools, but once you know the basics, tools are easily understood.
06-19-2011, 06:45 AM
iliyapolak

Re: ettercap sniffing

Quote:

WEP encrypted wireless networks that's not necessary

You provided here an example of your lack of knowledge because whene you have WEP encrypted network with rc4 cipher your sniffing software won't decrypt any data packet without the key you can only see management and control unencrypted frames.

Quote:

For a better understanding of Wireless hacking,

Man read my posts and try to understand what i have said before you are trying to correct me or educate me

Quote:

check out the book: Hacking Wireless Exposed

And what about reading 802.11 official standard this is ultimate source of knowledge.

Quote:

Picture the following: you are standing between 2 people who are talking. Instead of radio waves, they use sound waves and you don't need to be a part of their group (connected) to hear what they say. If they speak Mandarin (or WEP) you need to know the key (Mandarin, or WEP key) to decrypt what they say

Sound waves blah blah and what about Fourier decomposition of wi-fi spectrum and maybe i should add DSSS spread xor keys (welsh function) needed to properly modulate signal in order to find it's maxima against the background noise and other dsss signal.

Quote:

ARP poisoning is used on Ethernet (wired) networks, so you force the traffic to go through your connection.

Home router is an example of ESS gear which interconnects three networks LAN,WAN and wi-fi access in order to reroute network flow between wired clients(interfaces) from the point of view of wired client protocols (level 3,4,7) wireless client is abstracted
by 802.11 level 2 protocols so you can use ettercap to arp poison between wireless and wired client thanks to the 802.11 abstraction mechanism.

Quote:

ARP poisoning is used on Ethernet (wired) networks, so you force the traffic to go through your connection.

You can also use packet injection and modification without the ettercap flow rerouting but you will have always race condition with the AP.

Quote:

For a better understanding of Wireless hacking, check out the book: Hacking Wireless Exposed.

You are trying to educate me but your minimal knowledge is based on the books for the noobs.