Most likely ppl here will run ettercap on BT
Maybe try a Ubuntu forum, the ettercap one or google for the use of ettercap on ubuntu.
Ettercap + Ubuntu = frustrated
Hey all. Been a longtime visitor of the site and user of backtrack. Anyhow, I have Ubuntu running on a permanent workstation and decided to install some of the tools that are on backtrack. Ettercap in particular has been giving me lots of issues. Network is just your basic home network with a WRT54GL (dd-wrt) as the gateway/switch. Etter.conf has been edited to set the UID to 0 and the comments removed from the iptables lines. Now, as for the basic mitm, it works just fine. Certificates are issued and it snags passwords without issue. The problem comes with the dns_spoof and remote_browser plugins. As for dns_spoof, I have my etter.dns file edited and just have one entry--
*.google.com A xxx.xxx.xxx.xxx
I am running the command as follows--
sudo ettercap -i eth0 -T -q -P dns_spoof -M arp:remote /192.168.1.1/ //
It starts up and propogates the host list and activates the plugin and appears as if everything is ok. But alas, no dice. Now using the backtrack live CD (well, USB jump drive) this works flawlessly and shows the proper output and such. On the ubuntu machine? It says [xxx.google.com] spoofed to [xxx.xxx.xxx.xxx] but the websites are all loaded correctly. I cleared the dns cache, tried reloading the page, everything. Just doesn't work! The remote_browser plugin gives the same result. I made sure to change the line in etter.conf to "firefox" as well. I did some searching on google and I got a quite a few searches that turned up solutions like "we don't support that kind of activity on this site". So I turn to you! Anyone have ettercap working successfully on Ubuntu?
Most likely ppl here will run ettercap on BT
Maybe try a Ubuntu forum, the ettercap one or google for the use of ettercap on ubuntu.
Tiocfaidh ár lá
No, I know that. I myself use BT. The ubuntu forums do not condone this type of activity it seems and I searched in the ettercap.sourceforge forums and found nothing. Also to note, the official ettercap forums are all but dead.
I'd use Wireshark to compare the frames being sent out by Backtrack with the frames being sent out by Ubuntu. There must be a difference... find that difference...
Ask questions on the open forums, that way everybody benefits from the solution, and everybody can be corrected when they make mistakes. Don't send me private messages asking questions that should be asked on the open forums, I won't respond. I decline all "Friend Requests".
Noted. I'll do that tonight.Originally Posted by Virchanza
Posting Permissions
