Results 1 to 7 of 7

Thread: Ettercap and certificates ?? Help ?

  1. #1
    Just burned his ISO
    Join Date
    Feb 2009
    Posts
    3

    Default Ettercap and certificates ?? Help ?

    ok so i was playing with different options in Backtrack 3 and i must say that i'm amazed...

    I'm cracking wep keys easy now. So i decided to play around with ettercap.
    I make it running and everything seems to be going allright, BUT.. there is always an BUT...

    when i try on victum computer to access my hotmail... a message pops up saying that "secure connection failed" and i need to accept that message and accept some kind of certificates. once i accept i get username and password in ettercap...

    Is there some way something i can do so that i dont get that message to popup ??

  2. #2
    Moderator KMDave's Avatar
    Join Date
    Jan 2010
    Posts
    2,281

    Default

    Just do some forum search on ettercap and certificates/ssl.

    It has been discussed quite some times already.
    Tiocfaidh ár lá

  3. #3
    Just burned his ISO
    Join Date
    Feb 2009
    Posts
    3

    Default

    well after searing forums... all i could find is that there is nothing to be done ... so i was hoping to ask for it once again.. meaby someone found some solution...

    All i can say is that ettercap is more or less useless when victum can detect you... It's good to use on some noob computer users but anyone today with some computer skills will not accept that kind of sertificate...

  4. #4
    Senior Member
    Join Date
    Apr 2008
    Posts
    2,008

    Default

    Quote Originally Posted by aliman View Post
    well after searing forums... all i could find is that there is nothing to be done ... so i was hoping to ask for it once again.. meaby someone found some solution...

    All i can say is that ettercap is more or less useless when victum can detect you... It's good to use on some noob computer users but anyone today with some computer skills will not accept that kind of sertificate...
    Well frankly that is the whole point of requiring valid certificates for a secure connection. However, I think you would be amazed by the number of people that have got so used to seeing warning messages in Windows that they simply click past these without any hesitation whatsoever. Newer browsers make the possible security breach much more obvious, especially the newest version of Firefox, and make it harder to ignore the warning but still the weakest link when it comes to security is often found between the keyboard and the chair.

    For a more direct answer to your question, the only way to avoid the warning pop-ups would be to use a certificate with a valid signature. A rouge certificate is possible to make with copious amounts of computing power and a lot of time on your hands. For MD5 exactly this was quite recently done utilizing 300 PS3s with a method called MD5 collision. For more information on the experiment take a look here.
    -Monkeys are like nature's humans.

  5. #5
    Junior Member
    Join Date
    Aug 2007
    Posts
    55

    Default ettercap

    This is the way that ssl works.
    Ettercap uses it's own certificate and the victim's browser detects that the site has an invalid certificate.
    Your only chance is that the user ignores the warning. Which is why firefox made it more cumbersome to ignore SSL certificate warnings.

  6. #6
    Junior Member digitalfriction's Avatar
    Join Date
    Mar 2010
    Posts
    84

    Default

    Take a look at this thread, there is a link to a DefCon presentation which is very interesting, its not ettercap exactly but does involve MITM with certificates

    http://forums.remote-exploit.org/showthread.php?t=20544

  7. #7
    Junior Member
    Join Date
    Jul 2008
    Posts
    46

    Default

    the user is always the weakest link. thats why social engineering still works. so, it's not completely useless, but is not fail proof by any means

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •