Script for sniffing traffic.

[comaX]

Ok, the update glitch should be fixed !
For the FakeSSL, I'm still trying to figure it out, and I don't have much time these days to do such "important" tests.
And since I need to do some searching and all, it's not for right now. But it'll come eventually

Off-topic : there is this site hackershandbook.org that make people pay to access "hacker knowledge", use THE "Anonymous" as identity to make money, and they seem to have included a part on yamas since I saw referral traffic from them. I blocked their users from seeing my site, but it's not enough.
Such a behaviour just makes me sick, so if you guys don't know what to do, they have a Facebook, Twitter and Android App (paying, of course...) that are just waiting for insults /Off-topic

[ShadowMaster]

root@bt:~# yamas
No update available
Script is installed

run at 2:04 pm est....

I downloaded the script from your website and reinstalled. I'm now running version 20120212 instead of 20120202. I'm hoping that that is the latest version, because I still get no update available.

[comaX]

Yup, it is !

[wewe73]

hey comaX,

i used your script and i have to say it's more stable and afective then ettercap! easy to download and install and i got it working with in a minuts, not like wise every time i fix something, somthing eles come's up, so thank you very much for your script,

merci beaucoup :-)

[ericmilam]

hey comaX,

i used your script and i have to say it's more stable and afective then ettercap! easy to download and install and i got it working with in a minuts, not like wise every time i fix something, somthing eles come's up, so thank you very much for your script,

merci beaucoup :-)

With all due respect to ComaX and his awesome script and hard work. (ComaX you know I'm a huge fan/supporter) wewe73, I must break words with you about the stability and effectiveness of ettercap. Do tell? What are your issues, perhaps something that could be fixed?

If there are issues with ettercap, please let us know and we'd be happy to research, address, fix them.

Best regards,
J0hnnyBrav0

[wewe73]

Hi J0hnnyBrav0

Firt of all I must thank you for easy-creds, it’s an awesome toll and I love it! Much appriciated,
And thank you for interests and offer your help with ettercap,
First issue with ettercap-gtk is when I was scanning for hosts it shut down!
After a day searching the forum and goggling I managed to find a fix for that,
had a problem with arp.poisoning, when I check if the poisoning had a success, it says no poisoning between the 192.168.X.X .> 192.168.X.XX that has been fixed too
now the problem is ettercap-gtk doesn’t show anything like logins and passwds!
My command was simple just ettercap-gtk and of course I have edit etter.conf and uncommented both lines in iptables for linux to be able to read it, am confused to be honest, it could be me not ettercap after all !

your help will be really appreciated,

Kind Regards
issak

[ira787]

This script is getting very close to perfection! Thank you!!

I added a few lines to mine, just to anonymize for fun:

Code:

ifconfig eth0 down
sleep 2
macchanger -e eth0
ifconfig eth0 up
dhclient eth0
sleep 1

These take eth0 offline, then spoof the mac, keeping the same vendor, then reconnects eth0 to the network.

[whjte]

Hello. First of all thanks for the great script you're sharing with us. I just have one question: how can i catch auto-logging enabled passwords with YAMAS? I mean when the user has checked the "remmember me" option in his browser?
Thanks in advance.

[whjte]

Hello. First of all thanks for the great script you're sharing with us. I just have one question: how can i catch auto-logging enabled passwords with YAMAS? I mean when the user has checked the "remmember me" option in his browser?
Thanks in advance.

[comaX]

This script is getting very close to perfection! Thank you!!

I added a few lines to mine, just to anonymize for fun:

Code:

ifconfig eth0 down
sleep 2
macchanger -e eth0
ifconfig eth0 up
dhclient eth0
sleep 1

These take eth0 offline, then spoof the mac, keeping the same vendor, then reconnects eth0 to the network.

That's a good idea ! I intentionally didn't put something like that because I expect people needing anonymity to do what is necessary to be anonymous... Anyway, thanks for sharing !

Hello. First of all thanks for the great script you're sharing with us. I just have one question: how can i catch auto-logging enabled passwords with YAMAS? I mean when the user has checked the "remmember me" option in his browser?
Thanks in advance.

Well, you cannot ! Because the password isn't transmitted in this case, but a cookie is. You can sniff cookies and use them with Wireshark for instance.
With that said, sslstrip has an option (-k) that is enabled in yamas that is supposed to kill sessions by preventing cookies to be sent, hence forcing reauthentication, that then can be sniffed.

Thanks to all you guys for your posts