Page 12 of 25 FirstFirst ... 2101112131422 ... LastLast
Results 111 to 120 of 248

Thread: Sniffing Tutorial:

  1. #111
    Senior Member imported_spankdidly's Avatar
    Join Date
    Feb 2006
    Posts
    1,031

    Default

    Quote Originally Posted by ninja senses View Post
    I still haven't figured this out yet, can anyone help?
    Read this http://www.mobileread.com/forums/arc...hp/t-7091.html and don't be a noobcake. Have you set the config file properly with iptables? are you running iptables with nat? are you using command line or Gui version?
    I felt like bending the bars back, and ripping out the window frames and eating them. yes, eating them! Leaping, leaping, leaping! Colonics for everyone! All right! You dumb*sses. I'm a mental patient. I'm *supposed* to act out!

  2. #112
    Junior Member
    Join Date
    Dec 2007
    Posts
    30

    Default

    Quote Originally Posted by spankdidly View Post
    Read this http://www.mobileread.com/forums/arc...hp/t-7091.html and don't be a noobcake. Have you set the config file properly with iptables? are you running iptables with nat? are you using command line or Gui version?
    I figured it out, I was putting my default gateway and computer I was attacking as separate targets. Once I put them under the same targets, it was fine. BUT im only catching some passwords I enter. I was able to get a password off google and facebook, but site like aol, digg and myspace I couldnt. Is it because they don't use SSL certificates? That doesnt make sense though because sniffing should be able to collect all the info being sent through the network including password hashes right?

  3. #113
    Junior Member
    Join Date
    Dec 2007
    Posts
    30

    Default

    Quote Originally Posted by merlin051 View Post
    You need to be connected to the network to perform this sort of attack, so using a device thats in monitor/promisc mode will not work. Please read post 46 again, then stop, think about what you've read, try to visualise it in your head, then realise why you need to be connected to the network
    heh I realized this. My laptop was connected and internet was running, but when I would visit webpages while I was arp poisoning it, they would just time out. It stopped doing that and started working when I put the ip of the laptop and default gateway under the same victims list instead of separate

  4. #114
    Posting Privileges Removed
    Join Date
    Jan 2008
    Posts
    3

    Default Completed Capture?

    I did it, and I was able to see my user+pass when logging
    into my yahoo mail account, however I tried with myspace
    and no luck it didnt even show that any packets were being
    transmitted, I'd like to know a way to intercept packets even
    if they are hashed, I've no problem putting my RTables to use

    Also, I read previously on this board that there was a way to
    auto answer the certificates, because I had to accept it like
    4-5 times, at which point if I was the victim my suspicion would
    grow with every un familiar step in reading my emails

  5. #115
    fenec
    Guest

    Default

    Quote Originally Posted by vprong View Post
    I found that if you have the IP target in group 1 and group 2, it does not work. Just try it with group 1 only.
    i had the same problem ,
    ARP poisoning victims:

    GROUP 1 : 192.168.1.129 00:18:4D:E1:8C:79

    GROUP 2 : ANY (all the hosts in the list)
    Starting Unified sniffing...
    then nothing


    can you tell me if we have to add the victim target in the fisrt group?
    can you precise the part just before sniffing?


    thanks.

  6. #116
    Junior Member
    Join Date
    Dec 2007
    Posts
    30

    Default

    Quote Originally Posted by fenec View Post
    i had the same problem ,
    ARP poisoning victims:

    GROUP 1 : 192.168.1.129 00:18:4D:E1:8C:79

    GROUP 2 : ANY (all the hosts in the list)
    Starting Unified sniffing...
    then nothing


    can you tell me if we have to add the victim target in the fisrt group?
    can you precise the part just before sniffing?


    thanks.
    Add the victim target to group one also, did you edit the .conf file at all?

  7. #117
    Junior Member
    Join Date
    Dec 2007
    Posts
    30

    Default

    Quote Originally Posted by God beta View Post
    I did it, and I was able to see my user+pass when logging
    into my yahoo mail account, however I tried with myspace
    and no luck it didnt even show that any packets were being
    transmitted, I'd like to know a way to intercept packets even
    if they are hashed, I've no problem putting my RTables to use

    Also, I read previously on this board that there was a way to
    auto answer the certificates, because I had to accept it like
    4-5 times, at which point if I was the victim my suspicion would
    grow with every un familiar step in reading my emails
    I would like to know this also

  8. #118
    fenec
    Guest

    Default

    hi everybody,
    i follow the steps of the tuto and it doesnt work.

    i have this error
    Perhaps iptables or your kernel needs to be upgraded.
    iptables v1.3.8: can't initialize iptables table `nat': Permission denied (you m ust be root)
    Perhaps iptables or your kernel needs to be upgraded.
    iptables v1.3.8: can't initialize iptables table `nat': Permission denied (you m ust be root)
    Perhaps iptables or your kernel needs to be upgraded.
    i am using BT3 and i am sure that i am ROOT .I have also modified the ".conf file", can you help me please?
    thanks

  9. #119
    Member The_Denv's Avatar
    Join Date
    Nov 2006
    Posts
    364

    Default

    Hey all,

    I read every post and I have found that not one post really went into detail about hashes and passwords. I'm no professional when it comes to algorithms, but I do know a few things.

    Below is an example of an Ettercap session with hashed passwords within the result window:

    Code:
    rausb0 ->       00:11:22:33:44:55       192.168.0.5     255.255.255.0
    
    Privileges dropped to UID 65534 GID 65534...
    
      28 plugins
      39 protocol dissectors
      53 ports monitored
    7587 mac vendor fingerprint
    1698 tcp OS fingerprint
    2183 known services
    Randomizing 255 hosts for scanning...
    Scanning the whole netmask for 255 hosts...
    4 hosts added to the hosts list...
    
    ARP poisoning victims:
    
     GROUP 1 : ANY (all the hosts in the list)
    
     GROUP 2 : ANY (all the hosts in the list)
    
    HTTP : 192.168.0.1:80 -> USER: admin  PASS:   INFO: 192.168.0.1/
    HTTP : 192.168.0.1:80 -> USER: admin  PASS: pasword123  INFO:192.168.0.1/
    DHCP: [00:55:44:33:22:11] DISCOVER
    DHCP: [00:55:44:33:22:11] DISCOVER
    DHCP: [00:55:44:33:22:11] REQUEST 192.168.0.122
    DHCP: [00:55:44:33:22:11] DISCOVER
    DHCP: [00:55:44:33:22:11] REQUEST 192.168.0.122
    HTTP : 70.42.62.151:443 -> USER:
    130162765U38301f160187cf5be454820e8ee28321  PASS:
    2D211F9S846C4BC18EF5E31  INFO: www.somedomain.com/signin.php
    SMB : 192.168.0.4:139 -> USER: SomeGameTitle  HASH:
    SomeGame:"":"":6DCEF12ABB80C8C600000000000000000000000000000000:1BC99DD8D536475CC66259DDD1EDE3486EA32816B0D7D326:BB34S11411DD7983
    DOMAIN: SOME_Domain
    DHCP: [00:12:R5:71:16:80] DISCOVER
    DHCP: [00:11:22:33:44:55] REQUEST 192.168.0.4
    DHCP: [00:11:22:33:44:55] REQUEST 192.168.0.4
    HTTP : 66.135.209.253:80 -> USER: ebayuser123  PASS:
    VPmg4tiC4X8GuXpd/qrgW.  INFO:
    http://offer.ebay.co.uk/ws/eBayISAPI.dll?MfcISAPICommand=MakeBid&uiid=152123184.........[snipped]
    IRC : 83.XXX.XXX.XXX:6667 -> USER: IrcUser123 (Iu mycomputer irc.someserver.org
    :Iu)
    IRC : 83.XXX.XXX.XXX:6667 -> USER: IrcUser123  PASS: password123  INFO:
    /msg nickserv identify password
    SMB : 192.168.0.55:139 -> USER: SomeGameTitle  HASH:
    SomeGame:"":"":D2756E74C96E8C8C00000000000000000000000000000000:A4728DB9886987DC8D244BE15FCC7AD4633B5F98DA78A349:A3CC356CF43A0BCE
    DOMAIN: SOME_Domain
    Passwords/Hashes within this session are:
    1) password123 [plain-text]
    1) 2D211F9S846C4BC18EF5E31
    3) 6DCEF12ABB80C8C600000000000000000000000000000000:1 BC99DD8D536475CC66259DDD1EDE3486EA32816B0D7D326:BB 34S11411DD7983
    4) VPmg4tiC4X8GuXpd/qrgW.
    5) D2756E74C96E8C8C00000000000000000000000000000000:A 4728DB9886987DC8D244BE15FCC7AD4633B5F98DA78A349:A3 CC356CF43A0BCE

    Edit: I have came to a conclusion, I think these hashes are just salted with the SSID of the AP and can be cracked with aircrack-ng.

    NOTE: All Information within this example are false. They are 'just' examples, the hashes are still valid but 'made-up'. Anyway, No need for me to crack these hashes anymore as I am ditching this project and moving onto another project.

  10. #120
    Member imported_anubis2k7's Avatar
    Join Date
    Jun 2006
    Posts
    115

    Default

    Quote Originally Posted by God beta View Post
    Also, I read previously on this board that there was a way to
    auto answer the certificates, because I had to accept it like
    4-5 times, at which point if I was the victim my suspicion would
    grow with every un familiar step in reading my emails
    The only way I know how to do this is to physically go to the computer you want to poison/victimize, boot up into some kind of recovery CD like ERD Commander that allows you to edit the registry and change the keys associated with "warn on false certificate"

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\
    CurrentVersion\Internet Settings]
    "WarnonBadCertRecving"=dword:00000000

    For linux and mac machines, GL & HF cuz i got no clue

Page 12 of 25 FirstFirst ... 2101112131422 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •