Results 1 to 9 of 9

Thread: Some problems with ettercap and MITM

  1. #1
    Just burned his ISO h3d0x's Avatar
    Join Date
    Sep 2010
    Location
    char* home = {0x65, 0x61, 0x72, 0x74, 0x68};
    Posts
    8

    Default Some problems with ettercap and MITM

    Hi,

    fist I want to introduce myself a bit:
    My nickname is h3d0x (as you can see) and I'm from Germany. Actually I'm a software engineer (C++, Web [PHP + MySQL + JS + HTML etc.] and assembler) but I'm also interested in security related themes.

    So i try to do a MITM attack and so far all is working correctly, what means: The ARP-Tables are "patched" successfully (on the router and on the iPod Touch (<- my testing device))

    Network setup:
    00:25:fe:68:0f:aa = 192.168.178.1 = Router
    00:27:BB:C2:0C:00 = 192.168.178.26 = iPod
    00:232:41:46:A9 = 192.168.178.24 = BT4-Computer

    The ARP-Tables:

    Router [before]:
    # cat /proc/net/arp
    IP address HW type Flags HW address Mask Device
    192.168.178.26 0x1 0x2 00:27:BB:C2:0C:00 * lan
    192.168.178.24 0x1 0x2 00:232:41:46:A9 * lan

    Router [after]:
    # cat /proc/net/arp
    IP address HW type Flags HW address Mask Device
    192.168.178.26 0x1 0x2 00:232:41:46:A9 * lan
    192.168.178.24 0x1 0x2 00:232:41:46:A9 * lan

    iPod [bevore]
    # arp -n -a
    ? (192.168.178.1) at 0:25:fe:68:0f:aa on en0 [ethernet]
    ? (192.168.178.24) at 0:23:d2:41:46:a9 on en0 [ethernet]

    iPod [after]
    # arp -n -a
    ? (192.168.178.1) at 0:23:d2:41:46:a9 on en0 [ethernet]
    ? (192.168.178.24) at 0:23:d2:41:46:a9 on en0 [ethernet]

    So far all right, but:

    I can not either load any webpage on the iPod or ping the iPod from the router (ping 192.168.178.26)

    What's wrong?

    Hope anyone can help me

    btw: sorry for my (probably) bad english

  2. #2
    My life is this forum Snayler's Avatar
    Join Date
    Jan 2010
    Posts
    1,418

    Default Re: Some problems with ettercap and MITM

    Have you uncommented the iptables in the etter.conf file?

  3. #3
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Re: Some problems with ettercap and MITM

    If you have uncommented the rules in etter.conf also try to check if you have any firewall on or something that might block the traffic
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

  4. #4
    Good friend of the forums gunrunr's Avatar
    Join Date
    Jan 2010
    Location
    shining my spoon
    Posts
    265

    Default Re: Some problems with ettercap and MITM

    don't forget to set up packet forwarding otherwise MITM will work but packets will not be forwarded to their destinations
    Wielder of the spoon of doom
    Summercon, Toorcon, Defcon, Bsides, Derbycon, Shmoocon oh my
    Come hang out with hackers on twitter @gunrunr556

  5. #5
    Just burned his ISO h3d0x's Avatar
    Join Date
    Sep 2010
    Location
    char* home = {0x65, 0x61, 0x72, 0x74, 0x68};
    Posts
    8

    Default AW: Some problems with ettercap and MITM

    yes, i uncommented the iptable roules in the etter.conf file (located at /etc right? or is there any other conf file?) and i enabled packet forwarding ( echo 1 > /proc/sys/net/ipv4/ip_forward )

    The strange thing is, i can see in the "connections-window" some DNS request's (on port 53). These are forwarded correctly to the router but no other connections are shown there (like http on port 80 or any other)

  6. #6
    My life is this forum Snayler's Avatar
    Join Date
    Jan 2010
    Posts
    1,418

    Default Re: AW: Some problems with ettercap and MITM

    Quote Originally Posted by h3d0x View Post
    located at /etc right?
    Yes, that's the file. How are you running BackTrack? Did you ran the iptables command?

  7. #7
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Re: AW: Some problems with ettercap and MITM

    Are you following a specific tutorial ? What kind of MITM are you using from ettercap and what are you trying to achieve with this MITM ?
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

  8. #8
    Just burned his ISO h3d0x's Avatar
    Join Date
    Sep 2010
    Location
    char* home = {0x65, 0x61, 0x72, 0x74, 0x68};
    Posts
    8

    Default AW: Some problems with ettercap and MITM

    No, im not folowing a specific tutorial or how-to

    I simply want to redirect the traffic through ettercap

    next i want to edit packets etc .. but at the moment "sniffing" isnt working at all -.-

  9. #9
    My life is this forum Snayler's Avatar
    Join Date
    Jan 2010
    Posts
    1,418

    Default Re: Some problems with ettercap and MITM

    Could you describe what are you doing? Commands launched, options used, etc...

Similar Threads

  1. fake AP & ettercap MITM
    By roonie in forum Beginners Forum
    Replies: 6
    Last Post: 05-18-2010, 06:54 PM
  2. MITM on TCP with ettercap.
    By n010n in forum OLD Newbie Area
    Replies: 1
    Last Post: 11-10-2009, 01:17 PM
  3. Problem with ettercap forwrding mitm & iptables
    By BlownCPU in forum OLD Pentesting
    Replies: 1
    Last Post: 04-30-2009, 10:11 PM
  4. Ettercap MITM
    By antihaxer in forum OLD Newbie Area
    Replies: 13
    Last Post: 07-09-2007, 06:40 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •