Page 13 of 25 FirstFirst ... 3111213141523 ... LastLast
Results 121 to 130 of 248

Thread: Sniffing Tutorial:

  1. #121
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by anubis2k7 View Post
    The only way I know how to do this is to physically go to the computer you want to poison/victimize, boot up into some kind of recovery CD like ERD Commander that allows you to edit the registry and change the keys associated with "warn on false certificate"

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\
    CurrentVersion\Internet Settings]
    "WarnonBadCertRecving"=dword:00000000

    For linux and mac machines, GL & HF cuz i got no clue
    regedit -s evilfile.reg

    Use social engineering to get them to run it. I push Registry updates out through logon scripts, but there's other ways to do it.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  2. #122
    Member The_Denv's Avatar
    Join Date
    Nov 2006
    Posts
    364

    Default

    I was figuring out what type of hashes Ettercap captured with my example within Post: 119.

    I don't think anyone noticed it either as it seems for some reason it the post was overlooked. I think its important about what types of hashes to look out for within Ettercap.

    I would love to hear Xploitz response as he is the only one Ive noticed who has been on more than 'anyone of us' LOL, and he knows that too! I kind of feel in the dark here people. I would hate to think after 2 years being here that I am still classified as an outsider ...anyway its done and dusted, although I would still love to hear the replies of experienced pentesters.

    ...It can't be as simple as a standard WEP hash and using aircrack-ng to extract them? If it is then I will laugh my head off and slap it and shout the word "Doh" VERY loud! lol

    EDIT: I modified this post because I was not myself last night and I kinda revealed my identity within this last post. Please understand why I modified this post

  3. #123
    Just burned his ISO
    Join Date
    Dec 2007
    Posts
    8

    Default

    Thanks! Worked great. This is pretty scary stuff... sure as hell makes a point that NOONE should be using WEP!!!

    FYI, I found something interesting. When I was logging into ebay with my account, ebay actually prompted me stating that "there is a slight chance" somebody is using a fake certificate. Pretty interesting. I wonder what they do to anticipate the fake certificate.

    I was pleasantly surprised to also find that my bank didn't give up my info. The SSL fake cert. came up, but nothing was reported. I'm wondering if it had to do with the three-step login process. It requests more then just a password on the first page.

    Anyone else have any interesting stories they found?

    Are there are other tuts on how to use ettercap for other functions? Is it possible to just watch general web traffic? To list the address that you visit?

    I'm off to try testing how this works when I log in using my company VPN on my work laptop. I'm assuming it would only return an encrypted hash correct? At least I hope so.

  4. #124
    Junior Member
    Join Date
    Dec 2007
    Posts
    30

    Default

    Quote Originally Posted by skindeep View Post
    Thanks! Worked great. This is pretty scary stuff... sure as hell makes a point that NOONE should be using WEP!!!

    FYI, I found something interesting. When I was logging into ebay with my account, ebay actually prompted me stating that "there is a slight chance" somebody is using a fake certificate. Pretty interesting. I wonder what they do to anticipate the fake certificate.

    I was pleasantly surprised to also find that my bank didn't give up my info. The SSL fake cert. came up, but nothing was reported. I'm wondering if it had to do with the three-step login process. It requests more then just a password on the first page.

    Anyone else have any interesting stories they found?

    Are there are other tuts on how to use ettercap for other functions? Is it possible to just watch general web traffic? To list the address that you visit?

    I'm off to try testing how this works when I log in using my company VPN on my work laptop. I'm assuming it would only return an encrypted hash correct? At least I hope so.
    yea there is, i think its under plugins or extensions, i forget.

  5. #125
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    7

    Default

    Sorry for bad english!

    I have a little problem... my ettercap works fine with my gmail or hotmail account, but when i try to log in on any forum (local forum in my network) i get only

    "HTTP:xxx.xxx.xxx.xxx ->USER: usernema PASS: INFO: link of forum"
    Pass field is empty, but i get my username and that is on every forum i try to log in.

    Can someone plz help!

    THX!

  6. #126

    Default

    Hey guys, I tried this out on BT3 Beta, and noticed that this doesn't work. I followed this to the very step, and looked up a number of different tutorials on the net (all the same though). Is there anything I have to do differently in BT3 Beta? Or is it just due to the new version of ettercap, and in which case, do I have to use the old one? Thanks guys, if there is any newer tuts, could you point me to them? Thanks.

    -Stephen

  7. #127
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    Quote Originally Posted by phoenix910 View Post
    Hey guys, I tried this out on BT3 Beta, and noticed that this doesn't work. I followed this to the very step, and looked up a number of different tutorials on the net (all the same though). Is there anything I have to do differently in BT3 Beta? Or is it just due to the new version of ettercap, and in which case, do I have to use the old one? Thanks guys, if there is any newer tuts, could you point me to them? Thanks.

    -Stephen
    what part is not working for you? I havent used it yet in beta but I can take a look.

  8. #128

    Default

    Well, command-wise, there is no issues there, nor in the uncommenting of the files involved or anything, and all of the instructions in ettercap appear to function fine, however when I surf with other PC's (linux or windows), no certificate is issued, and no passwords are passed through ettercap, no matter what sort of protocol or website I use. I am using a basic 5 port switch, with a DHCP on my router (and ettercap does detect DHCP requests, but obviously they are passed through the network openly anyway). I am just currently unsure if it is an issue with my switch, or whether it's a software thing. If you could look, that would be greatly appreciated. Thanks man!

    -Stephen

  9. #129
    Member The_Denv's Avatar
    Join Date
    Nov 2006
    Posts
    364

    Default

    Quote Originally Posted by phoenix910 View Post
    Well, command-wise, there is no issues there, nor in the uncommenting of the files involved or anything, and all of the instructions in ettercap appear to function fine, however when I surf with other PC's (linux or windows), no certificate is issued, and no passwords are passed through ettercap, no matter what sort of protocol or website I use. I am using a basic 5 port switch, with a DHCP on my router (and ettercap does detect DHCP requests, but obviously they are passed through the network openly anyway). I am just currently unsure if it is an issue with my switch, or whether it's a software thing. If you could look, that would be greatly appreciated. Thanks man!

    -Stephen
    It works perfectly on my end. Have you ticked the box within ARP posioning that states 'Sniff Remote Connections'? Do you have the target/s down as 'ANY'? Im using B|T3b aswell, it should work fine for you. Post back any problems.

  10. #130

    Default

    Yeah, I've ticked the Sniff Remote Connections box and all. Basically, everything it said here, I did exactly the same, and also followed a similar one using driftnet. Hasn't worked for me so far. If it works fine for others, I'll try it out on a more corporate switch through one of my pentests. I'd just prefer to have it downpacked before then.

    -Stephen

Page 13 of 25 FirstFirst ... 3111213141523 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •