I am trying to perform a Mitm attack on my wireless network, but it seems that im only able to sniff plain text passwords. When i enter SSL encrypted pages on the victim computer, there is no false certificate injected, and of course ettercap doesn't capture the login. I have changed the priveledges to "0", and also uncommented the iptables option in etter.conf.
I have tried using both the GUI-version and console with the same result. When i use the chk_poison plugin, i get this:
Activating chk_poison plugin...
chk_poison: Checking poisoning status...
chk_poison: No poisoning between 192.168.1.181 -> 192.168.1.1
Where 192.168,1,181 is the victims ip, and the other one is the router. Im guessing this is the reason why ettercap doesn't inject the certificate into the victims browser. (I have NOT checked the "posion only one way" option). I am still able to DNS spoof successfully, but i am not sure if this requires poisoning both ways.
I have read somewhere that the chk_poison plugin doesn't work properly. So i've tried to look at the traffic using Wireshark on the attacking system:
I can see that when the victim asks for 192.168.1.1, the attacking system broadcasts "*victims ip* is at *attackers MAC*" to the router, and afterwards it answers the victim and tells it that "*routers ip* is at *attackers MAC*". Im not sure if this is everything that is supposed to happen, and maybe i will need to use wireshark on the victims computer to see the full image?
I've tried using the repoison_arp plugin with same result. And also even using a different router. It may be worth mentioning that in the start, i had no poisoning at all between the router and client. However i fixed this by using "ifconfig wlan0 mtu 1500". It seems that sometimes the NIC sets itself to 576 on its own. This is of course annoying, so if anyboy has a solution to this as well, i would be very grateful. I dont think it has anything to do with the other problem though.
I hope somebody has a solution to my problem, and im grateful for all input.