sniffing on a remote host: forwarding fail ?

[shiro]

Hello everyone, that's my first experience with backtrack and sniffing tools and i'm having troubles with ettercap :

I've two laptops and i'm trying to perform a mitm attack with ettercap (arp poisoning), it works like a charm, BUT when I try to access some "secured" website (https) like the gmail connection page, it doesn't work, i just can't access to it (time wait).

I've enabled tcp forwarding in etter.conf and set to 1 the ip_forward, same thing when i try to connect to msn. Do you know guys what's my problem ?

Thanks in advance and sorry for my poor english .

[Thorn]

Hello everyone, that's my first experience with backtrack and sniffing tools and i'm having troubles with ettercap :

I've two laptops and i'm trying to perform a mitm attack with ettercap (arp poisoning), it works like a charm, BUT when I try to access some "secured" website (https) like the gmail connection page, it doesn't work, i just can't access to it (time wait).

I've enabled tcp forwarding in etter.conf and set to 1 the ip_forward, same thing when i try to connect to msn. Do you know guys what's my problem ?

Thanks in advance and sorry for my poor english .

Do you understand how https/SSL works?

[shiro]

Do you understand how https/SSL works?

I do (the basics), like I said i'm just discovering the tools, i checked out some documents on internet looking for the possibilities of ettercap to catch id and pass and tried it...

PS: I know it's a BT forum, not a script kidding school but maybe someone could help me to understand my error.

edit: i may be wrong but aren't the arp mitm attack generate a fake ssl certificate ?
edit2: of course not, but i according to some informations it still _should_ work.

[Thorn]

http://forums.remote-exploit.org/arc...hp/t-8642.html

[Amlord1]

http://forums.remote-exploit.org/arc...hp/t-8642.html

Thanks for the link Thorn, I found the post quite interesting.