I'm having trouble with ettercap, when it scans for hosts it detects the router but not me (connected via wifi) so I can't arp poison, does anyone know what to do here?
Ettercap not detecting hosts
I'm having trouble with ettercap, when it scans for hosts it detects the router but not me (connected via wifi) so I can't arp poison, does anyone know what to do here?
Is your wi-fi connected machine actually on the same subnet?
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.
I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.
Yes
Yes they are on the same subnet, if I run via terminal with:
sudo ettercap -T --iface ra0 -q -M arp:remote /192.168.0.1/ // ***(192.168.0.1 is router)
then it will scan and add the router to the hosts list, and not detect my IP (192.168.0.3) but I have noticed if I use links (terminal browser) and log in to the router I get this:
HTTP : 192.168.0.1:80 -> USER: <MYUSER> PASS: <MYPASS> INFO: (null)
I don't get any output if I try SSl logins and I don't get any output whatsoever from firefox
Ettercap doesnt show your ip but if you arp poisning all hosts on subnet you can also see your surfing.
And if you new to ettercap why dont you try ettercap with graphic this will be much easier if you new to this program.
I prefer ettercap options from terminal if i must combine program with other tools so i dont need to have many open windows.
Also for ssl you must uncomment lines in etter.conf and combine attack with sslstrip (nice little tool).
Look here nice video from g0tmi1k's about attack to sniff ssl connections: http://forums.remote-exploit.org/bac...slstrip-3.html .
I thought this may have been the case thats why I poisoned allOriginally Posted by Handsome-geek
Same here...
I have already set up etter.conf and am combining with sslstrip, the parts I have changed in etter.conf are:
ec_uid = 0
ec_gid = 0
# if you use iptables:
redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
arpspoof redirects traffic to my MAC but only if I do not specify myself as the target. If I do I get "arpspoof: couldn't arp for host 192.168.0.3"
This is the iptables command I am running;
iiptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
I run sslstrip
I get NOTHING. Totally stumped
Insert this before prerouting iptables and tell me results echo 1 > /proc/sys/net/ipv4/ip_forward.
And when you arp spoof, then 1 target is ip you are attacking and second target your gateaway try this attack with specified targets.
Arp spoofing all hosts on gateaway is good if you have 4 or more hosts on network try first with specefied target.
Tell results after you try. After you set ip forwading and prerouting then start sslstrip.
If page you are visiting on vicitim machine has http and is login page who normally has https then your attack is doing fine.
Posting Permissions
