Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: Sniffer?

  1. #1
    Junior Member
    Join Date
    Jul 2008
    Posts
    57

    Default Sniffer?

    Hey,

    I'm a Backtrack noob and I was just wondering if there is a way to view what my other laptop is doing (like what webpage). I have 2 laptops, a windows and a Backtrack OS. So, is this possible? Already searched the tutorials.

    Thanks!

  2. #2
    Senior Member
    Join Date
    Apr 2008
    Posts
    2,008

    Default

    Quote Originally Posted by Slimmay View Post
    Hey,

    I'm a Backtrack noob and I was just wondering if there is a way to view what my other laptop is doing (like what webpage). I have 2 laptops, a windows and a Backtrack OS. So, is this possible? Already searched the tutorials.

    Thanks!
    There are several applications included in BT3 that will allow you to view another computers online activities using different methods. What exactly is it that you want to achieve?

    One approach would be to implement a MITM attack using ettercap and alongside this run urlsniffer, msgsnarf and mailsnarf. This would allow you to intercept the URLs viewed by the other computer, sent/received e-mails and instant messenger conversations.
    -Monkeys are like nature's humans.

  3. #3
    Junior Member
    Join Date
    Jul 2008
    Posts
    57

    Default

    I'm not really trying to achieve anything, just trying to learn more about Backtrack.

  4. #4
    Senior Member
    Join Date
    Apr 2008
    Posts
    2,008

    Default

    Quote Originally Posted by Slimmay View Post
    I'm not really trying to achieve anything, just trying to learn more about Backtrack.
    What I'm asking is what kind of information it is that you wish to intercept/sniff?
    -Monkeys are like nature's humans.

  5. #5
    Junior Member
    Join Date
    Jul 2008
    Posts
    57

    Default

    Oh, well mainly just to see that my other laptop is on google. so urlsnarf then?

    Ok I've tried ettercap and its having small problems, as in it wont show host list or scan for hosts etc...

    Can someone please give me a nice tutorial on how to see my other laptop's url searches?

    thank you all very much!!

  6. #6
    Senior Member Thorn's Avatar
    Join Date
    Jan 2010
    Location
    The Green Dome
    Posts
    1,509

    Default

    You might want to start by learning packet capture first, since most other tools are built on that. Wireshark is the preferred tool for basic packet capture and analysis.
    Thorn
    Stop the TSA now! Boycott the airlines.

  7. #7
    Senior Member
    Join Date
    Apr 2008
    Posts
    2,008

    Default

    Quote Originally Posted by Slimmay View Post
    Can someone please give me a nice tutorial on how to see my other laptop's url searches?

    thank you all very much!!
    Using the following commands should successfully implement a MITM attack using ettercap and start urlsnarf on the same interface. However you should seriously consider Thorn's advice as you will not learn anything by simply executing commands without understanding them or the principles of how the program works. Wireshark is a rather user friendly packet sniffer that will help you understand the basics of wired/wireless sniffing.
    Code:
    ettercap –Tq –M ARP /192.168.1.100/ /192.168.1.1/ -i eth1
    urlsnarf –i eth1
    You need to replace 192.168.1.100 with the IP of the victim and 192.168.1.1 with your gateway IP. Furthermore replace eth1 in case it does not match the network interface that you are using.
    -Monkeys are like nature's humans.

  8. #8
    Junior Member
    Join Date
    Jul 2008
    Posts
    57

    Smile

    Thank you all very much, I've used wireshark to gain a better basic understanding, and boy is this such a complex and awesome topic!

    Ok, just one question. How do i find out my IP/victim's IP. I've read before that most APs accept 255.255.255.255 or something like that for an IP address. Is this true?

    Thanks again!

  9. #9
    Member
    Join Date
    Nov 2007
    Posts
    220

    Default

    If the other computer has a similar IP address (first few bits are the same) you could use Nmap to scan for it

    Edit - bits as in 'lumps' not bits as in 10101
    wtf?

  10. #10
    Member
    Join Date
    Mar 2008
    Posts
    111

    Default

    i dont think youll find many ip addresses like 255.255.255.255, this is most probably your subnet mask.

    your routers ip is most probably 192.168.2.1 or 192.168.1.1

    you can log into your router and find all connected clients with their respective ips.

    you can use nmap to find ips on your network

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •