I did exactly this...

Assuming, ettercap and others are set already.

up the eth0

echo "1" > /proc/sys/net/ipv4/ip_forward

iptables to NAT is not essential.

check the ip, subnet, gw using ifconfig

check the network (scan for victim and etc.)

now, the following command for ettercap MItM sniff with SSL...

ettercap -i eth0 -TqM arp:remote /victimIP/ /GatewayIP/

See the output.

and then I got an output... I just straight followed this... but again, just for once... I red the ettercap manual and found that ettercap can strip SSL and also though ettercap manual says as /routerIP/ /victimIP/, but i switched them and that worked... ettercap manual also told that it transperantly changes and bluffs the ssl certificate. I was caught for the certificate... then I had to allow it manually as "Trusted for now" and then it worked... but just for that time... and then it failed... no data pass... I tried to look for my fb account, yahoo account, gmail account and all were ok for that time. then the page open for facebook only... and rest of them, not ever opening till the ettercap is running. I tried this same for GUI also... and I was successfull for GUI and CLI both but for once...

now guys, any idea??

http://www.go4expert.com/forums/showthread.php?t=11842


Mishu~