Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: man in the middle with ettercap?

  1. #1
    Junior Member
    Join Date
    Dec 2008
    Posts
    72

    Default man in the middle with ettercap?

    I set up a man in the middle attack on my network with ettercap, and I notice when I go to sites like yahoo, myspace, and google my browser says that the certificate is not trusted, and that some body could be impersonating the server.(lol) Is their any way around this?
    Here's the command:ettercap -T -q -p -M ARP // //

  2. #2
    Moderator KMDave's Avatar
    Join Date
    Jan 2010
    Posts
    2,281

    Default

    Theoretically yeah it is possible.
    Tiocfaidh ár lá

  3. #3
    Member
    Join Date
    Jan 2010
    Posts
    140

    Default

    Quote Originally Posted by kid protocol View Post
    I notice when I go to sites like yahoo, myspace, and google my browser says that the certificate is not trusted, and that some body could be impersonating the server.(lol) Is their any way around this?
    There was a tool introduced back in August 2008 called "The Middler" that presented the user with a http page rather then the corresponding https page. This overrides the Certificate check that most browsers present to the user. It is open source and the original author said the code was going to be released, but as far as I know it was never released.
    http://www.geek.com/articles/news/op...ector-2008108/
    http://mirror.sweon.net/defcon16/Spe...16-beale-2.pdf

  4. #4
    Junior Member
    Join Date
    Dec 2008
    Posts
    72

    Default

    I've been reading through the forum and found that quite a few people has encountered this issue. Also that was stated that my user name and pass does not get logged from this site also. Has any one corrected this issue?

  5. #5
    Senior Member
    Join Date
    Apr 2008
    Posts
    2,008

    Default

    Quote Originally Posted by kid protocol View Post
    I've been reading through the forum and found that quite a few people has encountered this issue. Also that was stated that my user name and pass does not get logged from this site also. Has any one corrected this issue?
    Well this is not an Ettercap issue per se. Unless you use a properly signed and valid certificate for the target cite all newer browsers will catch the error and warn the user about the possible security breach.

    Even though this site does not use SSL encryption the password will be hashed before it is transmitted so it can not be intercepted in clear-text using a simple packet sniffer. On the other hand it is possible to replace the script that does the hashing with your own and this way obtain the password quite easily.
    -Monkeys are like nature's humans.

  6. #6
    Moderator KMDave's Avatar
    Join Date
    Jan 2010
    Posts
    2,281

    Default

    What you are looking for is called Certifcate Collision. But unless you got the computing power of around 200 PS3's you won't find a suitable one in apropriate time.

    If you want to I can post the link to the presentation of it.
    Tiocfaidh ár lá

  7. #7
    Junior Member
    Join Date
    Dec 2008
    Posts
    72

    Default

    Quote Originally Posted by KMDave View Post
    What you are looking for is called Certifcate Collision. But unless you got the computing power of around 200 PS3's you won't find a suitable one in apropriate time.

    If you want to I can post the link to the presentation of it.
    Yes I'll appreciate that. Any other alternatives?

  8. #8
    Moderator KMDave's Avatar
    Join Date
    Jan 2010
    Posts
    2,281

    Default

    Quote Originally Posted by kid protocol View Post
    Yes I'll appreciate that. Any other alternatives?
    Here is the link.
    Have fun with it
    Tiocfaidh ár lá

  9. #9
    Junior Member
    Join Date
    Jul 2008
    Posts
    88

    Default Bandwidth Limitation and NetCut!

    sorry this is a wrong Post
    Impossible is impossible

  10. #10
    Junior Member
    Join Date
    Apr 2009
    Posts
    43

    Default

    Quote Originally Posted by KMDave View Post
    What you are looking for is called Certifcate Collision. But unless you got the computing power of around 200 PS3's you won't find a suitable one in apropriate time.

    If you want to I can post the link to the presentation of it.
    hey KMDave, do you still have that link kicking around?

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •