Results 1 to 10 of 10

Thread: ettercap only sniffing yahoo website not other why?

  1. #1
    Just burned his ISO
    Join Date
    Dec 2009
    Posts
    5

    Default ettercap only sniffing yahoo website not other why?

    i been missing around with ettercap i got it to work i was able to get it to show when someone login to yahoo and it showed the user and pswd. but for some reason it is not able to sniff other websites such gmail or facebook. any idea what im doing wrong. your help will be greatly appreciated


    thank you

  2. #2
    prowl3r
    Guest

    Default

    Quote Originally Posted by stevenj15 View Post
    i been missing around with ettercap i got it to work i was able to get it to show when someone login to yahoo and it showed the user and pswd. but for some reason it is not able to sniff other websites such gmail or facebook. any idea what im doing wrong. your help will be greatly appreciated


    thank you
    Yep. What you're doing wrong is sniffing someone's traffic.

  3. #3
    Just burned his ISO
    Join Date
    Dec 2009
    Posts
    5

    Default

    relax its my network that im using it on

  4. #4
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Quote Originally Posted by stevenj15 View Post
    relax its my network that im using it on
    Fine, but who do the passwords belong to?
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  5. #5
    Just burned his ISO
    Join Date
    Dec 2009
    Posts
    5

    Default

    let me just make this clear to all im doing this on my network and my accounts nothing illegal

  6. #6
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    One possible reason you wouldn't be able to see GMail passwords is because they are sent over an SSL (https) session.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  7. #7
    Just burned his ISO
    Join Date
    Dec 2009
    Posts
    5

    Default

    i was looking through the forums i saw few people talking about sslstrip, would that work for ssl(http)

  8. #8
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Quote Originally Posted by stevenj15 View Post
    i was looking through the forums i saw few people talking about sslstrip, would that work for ssl(http)
    It works by finding links to https sites in http traffic and rewriting it to go via "look-alike HTTP links or homograph-similar HTTPS links"*

    So it can work depending on how the user visits the https site (if the user gets to the https page via a redirect from a http site), but it essentially requires you to perform a man in the middle attack on the web traffic.

    *Direct quote from site.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  9. #9
    Just burned his ISO
    Join Date
    Dec 2009
    Posts
    5

    Default

    i found this post by dskippy about ssl sniffing i did what he said in the post to edit kate /etc/etter.conf and when i ran the following command:

    root@bt:~# ettercap --text --quiet --iface wlan0 --plugin autoadd --log-infoog --mitm arp:remote /192.168.1.2/ //

    ettercap NG-0.7.3 copyright 2001-2004 ALoR & NaGA


    FATAL: Inteface "wlan0" not supported (802.11 plus BSD radio information hea

    root@bt:~#

    i got the inteface wlan0 not supported does that mean i cant use this wireless card to sniff. the card i have is ALFA networkn model AWUS036H

  10. #10
    mcurran
    Guest

    Default

    Quote Originally Posted by stevenj15 View Post
    i found this post by dskippy about ssl sniffing i did what he said in the post to edit kate /etc/etter.conf and when i ran the following command:

    root@bt:~# ettercap --text --quiet --iface wlan0 --plugin autoadd --log-infoog --mitm arp:remote /192.168.1.2/ //

    ettercap NG-0.7.3 copyright 2001-2004 ALoR & NaGA


    FATAL: Inteface "wlan0" not supported (802.11 plus BSD radio information hea

    root@bt:~#

    i got the inteface wlan0 not supported does that mean i cant use this wireless card to sniff. the card i have is ALFA networkn model AWUS036H
    Do you have your wlan0 in monitor mode? That's the error I got when I tried to use mon0 after putting my wlan0 in monitor mode (Because some idiot said the NIC had to be in monitor mode, which is false): If it is, just take it off monitor mode and just use wlan0 as your interface.

    I need to figure out how to tell ettercap to always use wlan0 by default, so I'm looking for code to put in etter.conf for this, but haven't found it yet...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •