Strange Password Sniffing Problem
I am using a wireless network card and am able to successfully sniff passwords using ettercap when not associated to my wireless point using airtun-ng and connecting ettercap to the at0 interface.
However I want to try out the SSL stuff just to see why I shouldn't be using online banking on a wireless point with other people around, if i'm dumb enough to accept the certificates (i'm not but my wife is, and luckily she won't read this....)
Anyway, using the associated method, I connect my wireless network:
I start ettercap using:
ettercap -T -M ARP:remote /my gateway ip/ /my test victim ip/ -i ath0
I can see packets go by, I can see the connections my victim IP is making, yet ettercap won't print out the passwords to plain text website passes.
urlsnarf, PHoss etc all won't find anything just like ettercap, yet I can wireshark, tcpdump that I am getting all traffic.
driftnet works just fine on this method and the non associated method.
I swear I got this working just fine in BT2 but for some reason I can't get it working in BT3, the password sniffers just won't work for me with the default config and what i've done above if i'm associated to the access point, but will using the unassociated airtun-ng method using at0.
I'm also seeing traffic using ettercap as I would expect just with unified sniffing as wireless is a broadcast network by default, driftnet works just fine with this too, I really don't see the point in having to ARP to get passwords unless I need to be in the middle for SSL, however either way still no joy on it identifying passwords while i'm associated to the point.
Any ideas what might be up or what i've forgotten ?
Using default config, i'm intercepting traffic fine, just ettercap, dsniff, PHoss, urlsnarf won't decode usernames/urls etc yet the traffic is seen on ath0 through wireshark which I specify and is the interface i'm associated on.