Results 1 to 2 of 2

Thread: RT73 and dnsspoof

Hybrid View

  1. #1
    Just burned his ISO
    Join Date
    Mar 2010
    Posts
    5

    Default RT73 and dnsspoof

    First of all, hello and thanks a lot to the Backtrack 4 staff for their awesome work.


    I've been playing a lot with Backtrack lately. But if someone helps me with some of questions I have, I'll be thankful.

    I have a Conceptronic C54RU wifi usb stick (with a realtek rt73 chipset), and I was doing some wifi cracking when I noticed that I could not sniff data on channels 12, 13 and 14. Why is this? Other security distros let me sniff on those channels without a problem. I believe it has something to do with the drivers, but I really don't know. Also, how may I check the private ioctls of the usb stick? When I run iwpriv it tells me that neither wlan0 or mon0 has private ioctls.


    Another question I have is about MITM attacks. I performed SSL and SSH MITM attacks cleanly, but when it comes to SSH it seems that I have to use dnsspoof. Well, it works, but for some unknow reason it does not redirect subdomains. Let's say that I have done the following:

    1) Installed MITM-SSH for SSHv2 man in the middle attacks.
    2) echoed 1 to /proc/sys/net/ipv4/ip_forward
    3) Arp poisoned the victim.
    4) Run mitm-ssh redirecting to some ssh server.
    5) dnsspoof -i eth0

    After doing that, if the victim starts a ssh connection to, for example, backtrack-linux.org, it would go through my machine first and it would be routed to the server that mitm-ssh points to. But if he connects to subdomain.backtrack-linux.org it would not. How do I solve this?




    Thank you in advance.

  2. #2
    Just burned his ISO
    Join Date
    Mar 2010
    Posts
    5

    Default Re: RT73 and dnsspoof

    Nevermind about my problems with SSH mitm, I figured out by myself that adding the following rule to iptables does the trick without the need of dnsspoof:

    iptables -t nat -A PREROUTING -p tcp --destination-port 22 -j REDIRECT --to-ports 4444 [this is the port running mitm-ssh on localhost]

Similar Threads

  1. modprobe: WARNING: Not loading blacklisted module rt73
    By Dude55 in forum Beginners Forum
    Replies: 2
    Last Post: 02-02-2010, 02:46 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •