Man in the middle attack against Windows Xp SP3 with Backtrack 4 R1 - problem

**sickness** · 08-10-2010, 10:21 PM

The main reason would be that he did not fix ip_forward and the iptables correct, that's a reason why the victim looses all connectivity, another one might be a firewall on the attacker machine that maybe blocks packages.

Here you go

YouTube - ‪sslstrip and ettercap‬&lrm;

Edit: Forum problem, posted 2 times sorry.

**killadaninja** · 08-11-2010, 09:51 AM

Fire up my script and have done with it HAPPY TIMES

**hakermania** · 08-11-2010, 01:11 PM

Originally Posted by Snayler

hakermania, an important question: Have you uncommented the iptables part in etter.conf?

Also, try using ettercap arp poisoning capabilities instead of arpspoof, because it's odd that you don't have connectivity after running arpspoof.

Well, after a lot of tuts, I see what I was doing wrong. I uncommented the iptables rows in etter.conf but not the ipchains. I uncomment the ip_chains and then it worked really fine

BUTTT::
1) In the victim Firefox prevent https (secure http --> pages like gmail or facebook). It shows a warning like: "Security certificate not confirmed" or something similar. The user can add exception but this is not "nice". The user by this way can understand that something is not going well.(especially when he sees a security certificate at gmail.com xD )
2) In the victim when the attack finishes (stop sniffing from ettercap) there is no connectivity neither to the net nor to the modem at all. Suspicious too ;-)
Any ways to solve these 2 problems?

**sickness** · 08-11-2010, 01:51 PM

hakermania to get it working with iptables rule you need to modify the UID and GID from etter.conf to 0.
And now the answeres to your questions, start sslstrip with ettercap to prevent the certificate from appearing.
How are yo closing ettercap ? If you are using the GUI you should stop arp poisoning and sniffing than close.

**hakermania** · 08-11-2010, 03:01 PM

None of the tutorial talked about sslstrip when using with ettercap. Can you tell me the way with sslstrip and arpspoof in co-operation with ettercap?

**aerokid240** · 08-13-2010, 01:03 PM

Read my blog post. Setting it up with ettercap was trouble free for me.

sslstrip tutorial

BackTrack Linux - Penetration Testing Distribution

Thread: Man in the middle attack against Windows Xp SP3 with Backtrack 4 R1 - problem

Thread Tools

Search Thread

Display

Re: Man in the middle attack against Windows Xp SP3 with Backtrack 4 R1 - problem

Re: Man in the middle attack against Windows Xp SP3 with Backtrack 4 R1 - problem

Re: Man in the middle attack against Windows Xp SP3 with Backtrack 4 R1 - problem

Re: Man in the middle attack against Windows Xp SP3 with Backtrack 4 R1 - problem

Re: Man in the middle attack against Windows Xp SP3 with Backtrack 4 R1 - problem

Similar Threads

[Video] Attack: Man In The Middle {MITM} (ettercap, metasploit, SBD)

Acceso a Windows 7 por Medio de SET (Java Applet Attack)

[Video] Man In The Middle (MITM) Attack (ettercap, metasploit, sbd)

[Video] Man In The Middle (MITM) Attack (ettercap, metasploit, sbd)

Posting Permissions