Page 3 of 3 FirstFirst 123
Results 21 to 26 of 26

Thread: Man in the middle attack against Windows Xp SP3 with Backtrack 4 R1 - problem

  1. #21
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default

    The main reason would be that he did not fix ip_forward and the iptables correct, that's a reason why the victim looses all connectivity, another one might be a firewall on the attacker machine that maybe blocks packages.

    Here you go

    YouTube - ‪sslstrip and ettercap‬‎

    Edit: Forum problem, posted 2 times sorry.
    Last edited by Archangel-Amael; 08-14-2010 at 01:22 PM.
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

  2. #22
    Very good friend of the forum killadaninja's Avatar
    Join Date
    Oct 2007
    Location
    London, United Kingdom.
    Posts
    526

    Default Re: Man in the middle attack against Windows Xp SP3 with Backtrack 4 R1 - problem

    Fire up my script and have done with it HAPPY TIMES
    Sometimes I try to fit a 16-character string into an 8–byte space, on purpose.

  3. #23
    Junior Member
    Join Date
    Jan 2010
    Posts
    33

    Default Re: Man in the middle attack against Windows Xp SP3 with Backtrack 4 R1 - problem

    Quote Originally Posted by Snayler View Post
    hakermania, an important question: Have you uncommented the iptables part in etter.conf?

    Also, try using ettercap arp poisoning capabilities instead of arpspoof, because it's odd that you don't have connectivity after running arpspoof.
    Well, after a lot of tuts, I see what I was doing wrong. I uncommented the iptables rows in etter.conf but not the ipchains. I uncomment the ip_chains and then it worked really fine
    BUTTT::
    1) In the victim Firefox prevent https (secure http --> pages like gmail or facebook). It shows a warning like: "Security certificate not confirmed" or something similar. The user can add exception but this is not "nice". The user by this way can understand that something is not going well.(especially when he sees a security certificate at gmail.com xD )
    2) In the victim when the attack finishes (stop sniffing from ettercap) there is no connectivity neither to the net nor to the modem at all. Suspicious too ;-)

    Any ways to solve these 2 problems?
    LoooL

  4. #24
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Re: Man in the middle attack against Windows Xp SP3 with Backtrack 4 R1 - problem

    hakermania to get it working with iptables rule you need to modify the UID and GID from etter.conf to 0.
    And now the answeres to your questions, start sslstrip with ettercap to prevent the certificate from appearing.
    How are yo closing ettercap ? If you are using the GUI you should stop arp poisoning and sniffing than close.
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

  5. #25
    Junior Member
    Join Date
    Jan 2010
    Posts
    33

    Default Re: Man in the middle attack against Windows Xp SP3 with Backtrack 4 R1 - problem

    None of the tutorial talked about sslstrip when using with ettercap. Can you tell me the way with sslstrip and arpspoof in co-operation with ettercap?
    LoooL

  6. #26
    Senior Member
    Join Date
    Jul 2009
    Posts
    135

    Default Re: Man in the middle attack against Windows Xp SP3 with Backtrack 4 R1 - problem

    Read my blog post. Setting it up with ettercap was trouble free for me.

    sslstrip tutorial

Page 3 of 3 FirstFirst 123

Similar Threads

  1. Replies: 2
    Last Post: 08-23-2010, 10:53 AM
  2. Acceso a Windows 7 por Medio de SET (Java Applet Attack)
    By šØrτĦacK in forum BT Videos - ES
    Replies: 0
    Last Post: 05-01-2010, 07:36 PM
  3. [Video] Man In The Middle (MITM) Attack (ettercap, metasploit, sbd)
    By imported_g0tmi1k in forum OLD BT4 Videos
    Replies: 6
    Last Post: 01-16-2010, 08:47 PM
  4. Replies: 2
    Last Post: 07-08-2009, 08:56 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •