i been missing around with ettercap i got it to work i was able to get it to show when someone login to yahoo and it showed the user and pswd. but for some reason it is not able to sniff other websites such gmail or facebook. any idea what im doing wrong. your help will be greatly appreciated
relax its my network that im using it on
let me just make this clear to all im doing this on my network and my accounts nothing illegal
One possible reason you wouldn't be able to see GMail passwords is because they are sent over an SSL (https) session.
i was looking through the forums i saw few people talking about sslstrip, would that work for ssl(http)
So it can work depending on how the user visits the https site (if the user gets to the https page via a redirect from a http site), but it essentially requires you to perform a man in the middle attack on the web traffic.
*Direct quote from site.
i found this post by dskippy about ssl sniffing i did what he said in the post to edit kate /etc/etter.conf and when i ran the following command:
root@bt:~# ettercap --text --quiet --iface wlan0 --plugin autoadd --log-infoog --mitm arp:remote /192.168.1.2/ //
ettercap NG-0.7.3 copyright 2001-2004 ALoR & NaGA
FATAL: Inteface "wlan0" not supported (802.11 plus BSD radio information hea
i got the inteface wlan0 not supported does that mean i cant use this wireless card to sniff. the card i have is ALFA networkn model AWUS036H
I need to figure out how to tell ettercap to always use wlan0 by default, so I'm looking for code to put in etter.conf for this, but haven't found it yet...