Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14

Thread: Ettercap script that workt in BT4 is not getting passwords in BT5

  1. #11
    Senior Member
    Join Date
    Dec 2010
    Posts
    127

    Default Re: Ettercap script that workt in BT4 is not getting passwords in BT5

    So ettercap works for traffic over 443 where a certificate is accepted. You'll also see stuff in the clear like snmp and I actually caught an Ldap response a couple weeks ago.

    When you run sslstrip, where it can, it passes traffic over port 80 instead of 443, so any traffic designated for port 80 actually goes to 10000 where sslstrip is listening. You will not see those creds in ettercap, you have to parse the sslstrip file to see those.

    Also, I have noticed in BT5 not everything seems to be working as seamlessly as BT4R2, I don't know why, (yet) but it just doesn't.

    Here's what I would try if I were you. Run my script in BT4R2, go to www.facebook.com and try to login in. See if its traversing over http or https. If it asks you to accept a certificate then its 443 and once you accept and login, you should see it in ettercap. If its over http, you won't see it in ettercap and you will have to parse sslstrip.

    Then try the BT5 version on google projects and do the exact same thing. They should produce the exact same results (though they may not).

    Let me know how it goes

  2. #12
    Senior Member
    Join Date
    Apr 2006
    Posts
    154

    Default Re: Ettercap script that workt in BT4 is not getting passwords in BT5

    Anyone got a solution to parse the traffic using ettercap?

  3. #13
    Senior Member
    Join Date
    Dec 2010
    Posts
    127

    Default Re: Ettercap script that workt in BT4 is not getting passwords in BT5

    Please see my response here:
    http://www.backtrack-linux.org/forum...tml#post204084

    I just tested it and it works fine with a standard ARP poison...but not with a one-way poison (client only) I am not sure why...

    Happy hunting...

  4. #14
    Just burned his ISO
    Join Date
    Jun 2011
    Location
    Seoul, South Korea
    Posts
    4

    Default Re: Ettercap script that workt in BT4 is not getting passwords in BT5

    Great job man, you just saved me a ton of time in using sslstrip, ettercap, etc... Thanks again, I appreciate it

Page 2 of 2 FirstFirst 12

Similar Threads

  1. NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh
    By killadaninja in forum BackTrack Howtos
    Replies: 87
    Last Post: 05-01-2011, 11:06 AM
  2. Replies: 44
    Last Post: 04-08-2011, 02:30 AM
  3. Replies: 5
    Last Post: 04-03-2011, 01:54 PM
  4. Is it possible to capture HTTP passwords (Ettercap)
    By OldGregg in forum OLD Newbie Area
    Replies: 8
    Last Post: 07-11-2009, 12:39 PM
  5. ettercap - sniffing works, but I can't see passwords
    By Trick17 in forum OLD BackTrack v2.0 Final
    Replies: 6
    Last Post: 08-29-2007, 09:09 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •