Results 1 to 6 of 6

Thread: ettercap arp poisoning with wireless card

  1. #1
    Just burned his ISO
    Join Date
    Nov 2008
    Posts
    12

    Question ettercap arp poisoning with wireless card

    First off I want to say Hello to everyone on the R.E forums,
    Second I have a question that I didn't find with the search button so I'm making my first post after about a week of reading articles here and there and watching a few tutorials. (newbie)

    I started playing around with Ettercap on my WIRED network. I tried out with a simple arp poisoning attack using the GUI and everything went fine I also did a Quick DNS spoofing on my WIRED Network using the GUI worked fine also.

    Then I wanted to try using my wireless interface ath0 instead of my wired interface eth0. The GUI mode would not scan my host with my wireless card when I try nothing would happen.
    So I switched to command line. and use the following:

    ettercap -T -q -i ath0 -P -M arp // //

    In console mode it would scan the host fine but wouldn't catch any packets.

    Also When I use the -P chk_poison plug-in to see its its taking or not I get an output of the following:
    RE-ARPing Vicitms
    Unified sniffing was stopped.

    Any help will be appreciated very much, thank you
    In the mean time I'll keep searching...

  2. #2
    Member imported_pynstrom's Avatar
    Join Date
    May 2008
    Posts
    143

    Default

    Try specifying your targets. I have had better success when both or at least one target is defined rather that using all targets ( // // )

    Code:
    ettercap -Tq -i <interface> -M arp:remote /target1ip/ /target2ip/
    When hungry, eat your rice; when tired, close your eyes. Fools may laugh at me, but wise men will know what I mean. -- Lin-Chi
    - - - - - - - -
    I slept once, it was a Tuesday.

  3. #3
    Just burned his ISO
    Join Date
    Nov 2008
    Posts
    12

    Question

    Quote Originally Posted by pynstrom View Post
    Try specifying your targets. I have had better success when both or at least one target is defined rather that using all targets ( // // )

    Code:
    ettercap -Tq -i <interface> -M arp:remote /target1ip/ /target2ip/
    Thanks for the reply pynstrom. Ahh I was just trying that out!!!
    It Didn't quite work but I got another result when I left out the -P chk_poison plug-in.
    My output: starting unified sniffing on the attacker machine and on the VIC machine when I load my browser for an attempted e-mail login the page slows to a crawl not letting me sign in at all its stays static on the login page.

    I'm not sure what this means but adds another clue to this problem.

  4. #4
    Member
    Join Date
    Oct 2008
    Posts
    58

    Default

    you could also use the ettercap GUI,
    $ ettercap -G &
    Works great for me.

  5. #5
    Just burned his ISO
    Join Date
    Nov 2008
    Posts
    12

    Default

    Quote Originally Posted by alm0stadm1n View Post
    you could also use the ettercap GUI,
    $ ettercap -G &
    Works great for me.
    I started out using the GUI and Got even less progress as I mentioned in the earlier post. I'm thinking I might need to update the madwifi drivers.

    I'll update the post after I give it a go. Honestly I still have to find a guide on that part still.

  6. #6
    Member
    Join Date
    Oct 2008
    Posts
    58

    Default

    I made a howto video for a buddy of mine, Ill post it on rapidshare if you want me to, PM me and ill send you a link.
    I don't think much of a man who is not wiser today than he was yesterday. ~Abraham Lincoln

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •