ettercap & SSL
Been looking at this area for quite some time, watched all the video's and decided to try it. Tried it on a Windows XP Machine, MacBook Pro and finally my Nokia N800. I also tried BT4 on each.
Worked really well, frightening how POP3 passwords just pop up! However, what I haven't been able to do it SSL e.g. Gmail etc.
Before I go any further, I would like to state that this is on my own test network which has both wireless and wired connections. I am using a wireless connection. The end goal is a demostration to a community that are installing an open Wifi network which I have already demonstrated WireShark in action.
My sequence is:
Start ettercap -G
Check Promiscuous Mode is checked, then launch Unified Sniffing, specify wlan0
Scan for Hosts
Add the router to Target 2 and then the computer(s) I want to sniff to Target One.
Open MITM and select ARP, then enable Remote Connection sniffing
After a few moments I get the POP passwords etc but nothing SSL.
I note most of the tutorials involve Virtual Machines and they do get SSL info with the same steps above, does this have a bearing on the operation?
I amn't worried about warnings in browsers as I don't intend to implement this, I just want to demo it. Preferably I'd like to run the whole operation with ettercap -G (and on the N800) if possible with the need for SSLStrip etc
Thanks for any info!