You don't need Airtun-ng for that - you'd need to do MITM with ettercap w/possibly the remote_browser plugin.Originally Posted by john99
airtun-ng -> Ettercap: View traffic* in real time possible ?
Hi all,
I am (sucessfully) using airtun-ng to create a virtual interface(at0) in order to use it in Ettercap.
Question:
Is there a way to have Ettercap shown the traffic in real time (the same view as it looks when I do webbrowsing e.g. with Firefox) ?
Thank's a lot for your help!
John
PS.
Sorry for the case my problem would simply be a matter of switching/activating an program option :-)
You don't need Airtun-ng for that - you'd need to do MITM with ettercap w/possibly the remote_browser plugin.
dd if=/dev/swc666 of=/dev/wyze
The remote_browser_plugin in ettercap will achieve this just as wyze says, but is a bit buggy and will interpret most ads, banners and frames as additional webpages and therefore open each of them in an additional window/tab. Personally I find webspy to be a more solid, although not perfect, option for this task.
-Monkeys are like nature's humans.
Thank's wyze, I am going to try to find out more about MITM of Ettercap (even
Ettercap does quite often crash (if BT3 is booted from CD-ROM).
Are you referring to the 4 options Arppoisoning, Icmpredirect, Portstealing
and Dhcpspoofing?
Thank you!
John
Thank's =Tron= for suggesting an alternative :-) What's your experiences with the mentioned tools with faked MAC in a stealth mode(unassociated) ?
Thank's a lot!
John
Ettercap naturally will not work in unassociated mode, and to be able to view the target computers' internet activity using webspy in a live fashion you will have to implement a MITM attack using for example ettercap. You can however capture the traffic of the target AP in unassociated mode and at a later time pull out the required data using the tools of your choice. For example chaosreader is good for this, as are the dsniff suite tools, although they will require you to re-broadcast the cap file at the loopback interface using tcpreplay.
-Monkeys are like nature's humans.
Thanks =Tron= for mentioning Chaosreader, it's quite sophisticated for my requirements :-)
Are the following steps not considered a MITM?
# airodump-ng -w w -c 10 ath0
# modprobe tun
# airtun-ng -a 00:11:22:33:44:55 -W 75:67:98:45:65 ath0
# ifconfig ath0 up
# run ettercap in graphic mode
Thank you!
John
I have not really played around with airtun-ng, but as all traffic from the clients will go through you it should constitute as a MITM attack. Whether or not tools like msgsnarf, mailsnarf, webspy etc. will work under this setup is another question. However, I do know that they work if you implement a MITM attack using ettercap on its own, i.e. by ARP-poisoning the victims.
-Monkeys are like nature's humans.
airbase-ng have a mitm mode ...........but was not working in the reliz ive tried , maybe now it's working
to you all , HAVE A DEEP LOOK IN AIRBASE-NG ! IT'S A ****ING TOOL
and karmetasploit too !!
check this : http://www.metasploit.com/dev/trac/wiki/Karmetasploit
Watch your back, your packetz will belong to me soon... xD
BackTrack : Giving Machine Guns to Monkeys since 2006
Posting Permissions