Issues with DNS spoofing through SET and ETTERCAP
So I am attempting to redirect all traffic on my wireless network to my SET java applet attack site.
I first went into my set_config (/pentest/exploits/set/config) and set ETTERCAP=ON and ETTERCAP_INTERFACE=wlan0
I booted up SET and chose
1) Social-engineering Attacks
2) Website Attack Vectors
1) Java Applet Attack Method
1) Web Templates
It asks me if I am NAT/Port forwarding, I say: no
I place my subnet ip 192.168.0.8
It tells me that ARP Cache Poisoning is set to ON and asks what site i want to redirect to me I say: http://www.google.com
2) windows meterpreter reverse_tcp
16) Backdoor Executable
Port 443 (also tried 4444, should not matter I do not think)
And so it goes through its process until it boots up metasploit and sets up the listener. At this point I can only get the java cert to pop up if i go to "192.168.0.8" directly. Otherwise google just takes me to the real google. Also if instead of specifying google I have also tried the "*" flag so that it redirects everything. When I do this no pages load except for if I specifically dial in 192.168.0.8. So not sure what is keeping this thing from redirecting.
My wireless card is Atheros AR2425, Driver ath5k
I have turned off Kaspersky and my firewall for this attack.
I am on Backtrack 5 r3 gnome. I did an apt-get update and apt-get dist-upgrade, plus msfupdate and svn updates for SET and ETTERCAP.
If anyone knows maybe a better way to do this? I simply want to use the set java applet attack and redirect everything on my subnet to my SET server ip at 192.168.0.8
Thank you very much for your help and I am hoping I am posting this correct!