Sniffing Tutorial:

**m3thical** · 12-18-2007, 07:37 AM

Originally Posted by latianer

hi i want to scan my whole network for Password, how can i set an IP-range in ettercap like 192.168.100.0 - 192.168.130.255??

please help

If your using the UI, then ctrl+s to scan for hosts and hit p to make sure all is entered in for the protocol. It will tell you which hosts are available.

**shamanvirtuel** · 12-18-2007, 08:46 AM

192.168.100-130.0/24

that could work no ? but im not specialist of ettercap

**level** · 12-18-2007, 11:06 AM

This should work:

192.168.100-130.0-255

**RoboticTao** · 12-23-2007, 01:01 AM

Or you could just use wireshark to sniff all the traffic coming across the wire and then use a filter based on a ip range.

**ninja senses** · 12-28-2007, 05:50 AM

I was trying to getarp poisoning to work on my home network. For target 1 I use my defualt gateway and traget#2 i pick my laptop(I am using another computer hooked up through ethernet). Now when I begin the arp poison, I am not able to visit any websites on the laptop, therefore not capture any passwords. I tried putting my wirless card in monitor mode and trying that instead of the ethernet but i got this error "Inteface "ath1" not supported (802.11 plus BSD radio information header)"

**s1lang** · 12-28-2007, 10:08 AM

Is the arp poisoning program fowarding the traffic correctly back to the laptop?

**ninja senses** · 12-29-2007, 03:55 AM

Originally Posted by s1lang

Is the arp poisoning program fowarding the traffic correctly back to the laptop?

how would i be able to check that? im running vista on my laptop, cmd.exe and ipconfig /all and check the default gateway?

**ninja senses** · 12-29-2007, 04:41 AM

Originally Posted by ninja senses

how would i be able to check that? im running vista on my laptop, cmd.exe and ipconfig /all and check the default gateway?

im still confused, but if it helps out any i ran ipconfig on the laptop while i was arp poisoning and nothing was different in the ip config

EDIT: also on the poisoning computer i ran chk_poison and heres the results:

chk_poison: Checking poisoning status...
chk_poison: No poisoning at all

I tried this with the laptop and default gateway in different target positions with the same result

**ninja senses** · 01-02-2008, 04:42 AM

Originally Posted by ninja senses

im still confused, but if it helps out any i ran ipconfig on the laptop while i was arp poisoning and nothing was different in the ip config

EDIT: also on the poisoning computer i ran chk_poison and heres the results:

chk_poison: Checking poisoning status...
chk_poison: No poisoning at all

I tried this with the laptop and default gateway in different target positions with the same result

I still haven't figured this out yet, can anyone help?

**merlin051** · 01-03-2008, 10:49 PM

You need to be connected to the network to perform this sort of attack, so using a device thats in monitor/promisc mode will not work. Please read post 46 again, then stop, think about what you've read, try to visualise it in your head, then realise why you need to be connected to the network

BackTrack Linux - Penetration Testing Distribution

Thread: Sniffing Tutorial:

Thread Tools

Search Thread

Display

Posting Permissions