Results 1 to 6 of 6

Thread: Help needed: Ettercap MITM not working

  1. #1
    Just burned his ISO xdobermanx's Avatar
    Join Date
    Mar 2010
    Posts
    9

    Default Help needed: Ettercap MITM not working

    Please help!

    I am ussing a Lynksis WRT54G router, Alfa AWUS036H and the Backtrack 4 R2 live cd. I don't untherstand why it is not working fom me. I have tested this exactly like many tut that I have watched.

    * First when starting I use the "start-network"
    * Connect with Wicd network manager to my network
    * Open command screen and: echo "1" > /proc/sys/net/ipv4/ip_forward (have also tried, without this option)
    * Open Ettercap-ng 0.7.3
    * Sniff -> I choose my adapter (also tried it with my built in laptop adapter)
    * Hosts -> Scan for hosts
    * I put 192.168.1.1 in target 1 and 192.168.1.2 in to target 2
    * Arp poisonin have tried without this and after that only one of the two options and then both.
    * Then start Sniffing

    It remains on "Starting Unified Sniffing..."

    The target on my net work is my other laptop running Vista. I login on my hotmail, gmail, facebook accounts but nothing happens on Ettercap.
    I then check the plugins chk_poison and it tells me that the poisoning was successful. Than check the plugin remote_browser and I can see all the website visited on my other laptop but still no username and password combination.

    I have been bssy with this for days now. What am I missing?

  2. #2
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Re: Help needed: Ettercap MITM not working

    Have you edited the etter.conf file ?
    Also have you tried using arpspoof + sslstrip ? without ettercap ?
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

  3. #3
    Just burned his ISO
    Join Date
    Mar 2011
    Posts
    12

    Default Re: Help needed: Ettercap MITM not working

    Quote Originally Posted by xdobermanx View Post
    * I put 192.168.1.1 in target 1 and 192.168.1.2 in to target 2
    Maybe a silly question, are you sure that one of these two target is the router?

  4. #4
    Very good friend of the forum drgr33n's Avatar
    Join Date
    Jan 2010
    Location
    Dark side of the moon ...
    Posts
    699

    Default Re: Help needed: Ettercap MITM not working

    The reason you cannot see the passwords is because the passwords are being entered via a secured SSL page. I've not been into the auditing scene for a while so don;t know what tools are available at the present time but if I can remember correctly the way around this is a plugin for ettercap that sends the client a spoofed SSL cert that you know the key to. Then you can decrypt the SSL encrypted packets with ease. On the downside most browsers for a while now check the SSL certs of websites and flag errors when things don't add up. A bit of google fu is what the doctor's going to prescribe here I'm 99% sure you will find what your looking for here try looking in the archived posts from the old forum for more info.

  5. #5
    Senior Member
    Join Date
    Jan 2011
    Location
    over the under
    Posts
    197

    Default Re: Help needed: Ettercap MITM not working

    from what you've posted it looks like you're not really specifying any options for ettercap. When I do this I typically type

    Code:
    ettercap -i <your interface> -TqM ARP:REMOTE // //
    this syntax would tell ettercap to perform a man in the middle attack and arp cache poison all hosts.

    as sickness said you need to first look into editing your etter.conf file.

    as sickness also stated you should look into arpspoof and sslstrip. I personally prefer it over ettercap as arpspoof doesn't display an untrusted certificate message.

  6. #6
    Just burned his ISO xdobermanx's Avatar
    Join Date
    Mar 2010
    Posts
    9

    Default Re: Help needed: Ettercap MITM not working

    Thank you for your help. I will start with checking out the arpspoof + sslstrip. I have seen that on this forum.
    This is new for me so I hoop I will find a tut how to work with that. I happy to find out that there are more ways to do this

Similar Threads

  1. Some problems with ettercap and MITM
    By h3d0x in forum Beginners Forum
    Replies: 8
    Last Post: 09-12-2010, 08:49 PM
  2. is a mitm penetration needed for this?
    By bwana in forum Beginners Forum
    Replies: 12
    Last Post: 07-10-2010, 07:33 PM
  3. fake AP & ettercap MITM
    By roonie in forum Beginners Forum
    Replies: 6
    Last Post: 05-18-2010, 06:54 PM
  4. MITM on TCP with ettercap.
    By n010n in forum OLD Newbie Area
    Replies: 1
    Last Post: 11-10-2009, 01:17 PM
  5. Ettercap MITM
    By antihaxer in forum OLD Newbie Area
    Replies: 13
    Last Post: 07-09-2007, 06:40 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •