Ettercap error

[Acester]

Hey guys, I've been messing around with backtrack for about a year now, and I'm taking Linux classes (first year). I'm enjoying it so far. Anyway, I decided I wanted to move onto wireless sniffing, as I've conquered wep and wpa(almost).

So, here's a command I've used, in attempt to just see how to get ettercap running..

Code:

ettercap -T -q -p -M ARP // //

And then I get:

Code:

ettercap NG-0.7.3 copyright 2001-2004 ALoR & NaGA

Listening on any... (Linux cooked)


ERROR : 19, No such device
[ec_send.c:send_init:118]

 libnet_init(LIBNET_LINK_ADV) failed: libnet_check_iface() ioctl: No such device

And then, the terminal screws up. If you type, the words don't show up, but if you press enter, whatever you type is entered.

Yes, I have searched all over the backtrack site, and yes, I have used my googlefu. There's a few great guides, I have tried different methods, but nothing works.. My friend tried the same commands on his laptop, and he says it works. What's going on?

[Mr. Flibble]

I don't know what is wrong with your ettercap, but if your terminal goes awry, try typing "clear" or "reset".

[cr1spyj0nes]

try using sudo and the -i option to

[Acester]

Ok, I'm trying it again.. It seems to get further now. Just so you know, I'm running BT4 beta, NOT VM ware, off a USB..

So, first thing's first, I connected my ALFA-H model dongle to the net, so I can get on google fine..
Then I execute this:

ettercap -T -q -p -M ARP // //

And it spews out a whole bunch off stuff, 28 plugins, 39 protocol dissectors, 53 ports monitored.....
Then says 0 hosts added to the hosts list...
FATAL: MITM attacks can't be used on unconfigured interfaces.

What's that mean? The alfa is up and running it can connect to google and stuff through firefox.. Have I missed something?

Btw, I did try sudo, and I also tried the -i switch, no luck.
(thanks for the help thusfar)

[cr1spyj0nes]

ettercap -C

[Acester]

ettercap -C

Yeah, I've screwed around with this graphical interface version as well..

Sniff > Unified Sniffing > ctrl + S
"Scanning the whole netmask for -1 hosts..."
"0 hosts added to the hosts list..."

Mitm > Arp poisoning
"Error: MITM attacks can't be used on unconfigured interfaces"

It's the same error as before... How do I "configure" an interface?

[cr1spyj0nes]

please print out your ifconfig

[Acester]

please print out your ifconfig

Sorry I took so long, here is my ifconfig.. (Also, the MITM error is included)

Code:

FATAL: MITM attacks can't be used on unconfigured interfaces

root@bt:~# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:1b:38:75:e3:23
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)
          Interrupt:22 Base address:0x8000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:9 errors:0 dropped:0 overruns:0 frame:0
          TX packets:9 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:760 (760.0 B)  TX bytes:760 (760.0 B)

wlan0     Link encap:Ethernet  HWaddr 00:c0:ca:1b:b2:39
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

wlan1     Link encap:Ethernet  HWaddr 00:1e:4c:b1:9b:87
          inet addr:192.168.0.103  Bcast:192.168.0.255  Mask:255.255.255.0
          inet6 addr: fe80::21e:4cff:feb1:9b87/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:74 errors:0 dropped:0 overruns:0 frame:0
          TX packets:59 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:31165 (31.1 KB)  TX bytes:9127 (9.1 KB)

wmaster0  Link encap:UNSPEC  HWaddr 00-C0-CA-1B-B2-39-62-38-00-00-00-00-00-00-00               -00
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

wmaster1  Link encap:UNSPEC  HWaddr 00-1E-4C-B1-9B-87-00-00-00-00-00-00-00-00-00               -00
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

[Oktain]

Btw, I did try sudo, and I also tried the -i switch, no luck.
(thanks for the help thusfar)

When you tried the -i switch did you specify the interface?

For me your command would look like this:

Code:

ettercap -T -i wlan0 -q -p -M ARP // //

Someone mentioned the -C switch, there is also -G. Same thing but I find it easier to navigate.

Click Sniff -> Unified Sniffing -> Select your interface (wlan1 according to your above post)
Click Hosts -> Scan for Hosts
Click Hosts -> Host List
This is typically where you add your GW to target 1 and your victims to target 2
Click Mitm -> ARP poisoning -> Check "Sniff remote connections"
Click Start -> Start Sniffing

If you continue to get the same message, please make sure you have the newest drivers installed for your card.

[Acester]

Yes, unfortunatly I tried the -i switch in that format, same deal..
When I use the -G switch, it tells me "GTK support not compiled in ettercap"?

Maybe I am out of date? Anyways, I'm willing to bet on out of date drivers..
How would I go about updating my drivers for my ALFA AWUS...H? I haven't looked yet, but I'll get on it.

Again, thankyou for all the help.