Bt4 - ettercap - usb flash drive problem

**zeonn** · 04-08-2009, 05:33 AM

Heyz, I am new to bt and to linux

I successeded creating a usb flash drive with bt4 (however with nly one partition).
I boot into bt4 and start networkimanager and everything else I have to do and also install ettercap-GTK
I have the HWU8DD Rev. B usb wireless card which works great (I can monitor and connect to network)
Now I open ettercap and start undifined sniffing (pick wlan0 interface).
I scan for hosts and find one client, an access point and a router (not wireless). Thats my private network. I set the access point and the client as targets
Start arp-poisoning -> sniff remote connections then start sniffing
I browse through th internet with the victim client and nothing appears on ettercap.
I do the same actions and target router and client and I get the same results. Some times looking at "statistics" on ettercap I see the packets getting forwarded through my attack pc by I never see on the main scren the urls e.t.c.
Can anyone help me on this?
Is it possible that I expierience the problem due to working on usb flash drive? I mean due to lack of permissions on files? (Oh I also tried deactivating logging but I also get same results)

Thanks in advantage

**zeonn** · 04-09-2009, 08:45 AM

Ok. Here is the update of the situation.
I cant see any messages on the main screen of ettercap, but I succeded capturing the packets and with Whireshark see the traffic on the network
However I still cant see messages about where the victim navigates to on the main screen

Can anyone help on that?

Thanks in advantage

**s0sick** · 04-09-2009, 04:44 PM

Did you try View -> Connections -> double click a connection?

So Ettercap won't show ANYTHING? Not even that it's attempting to poison?

I don't understand fully what you are trying to view. Ettercap looks for "interesting" packets. It won't show all of them. If you are trying to capture a password, start unified sniffing then type username/password for different things on the victim computer. If you are simply trying to sniff the connections, then following the tcp stream in Wireshark would probably be better.

What exactly are you using Ettercap for?

**zeonn** · 04-10-2009, 04:46 AM

Originally Posted by s0sick

Did you try View -> Connections -> double click a connection?

So Ettercap won't show ANYTHING? Not even that it's attempting to poison?

I don't understand fully what you are trying to view. Ettercap looks for "interesting" packets. It won't show all of them. If you are trying to capture a password, start unified sniffing then type username/password for different things on the victim computer. If you are simply trying to sniff the connections, then following the tcp stream in Wireshark would probably be better.

What exactly are you using Ettercap for?

Firstly thank you for replying. What I didnt understand is the "type username/password for different things on the victim computer". Can you explained it please?

Ad to update things a bit I succeded seeing the user/pass for ssl connection (that was shown on etterca finally

), and for other wep pages I can see user/pass only on wireshark. So I guess I finally got it working

BackTrack Linux - Penetration Testing Distribution

Thread: Bt4 - ettercap - usb flash drive problem

Thread Tools

Search Thread

Display

Bt4 - ettercap - usb flash drive problem

Posting Permissions