Results 1 to 4 of 4

Thread: ettercap sniffing

Hybrid View

  1. #1
    Just burned his ISO
    Join Date
    May 2011
    Posts
    14

    Default ettercap sniffing

    ok i got a simple question. hope its in the rite place. when i connect to an unsecure wireless network via my network card i get directed to a site or a page where i have to type in my username and password? ok now i have tryd to capture my password with ettercap while logging in but it doesnt work. my question. please read carfully, must the "attacker" be loged into this network (as in type a username and password) or does the "attacker" just have to be connected to the wireless network without typing a username and password(basically just sit and wait at the login page) ?
    oh and why is it called an unsecure network? i have read allot of posts that people say you can just sniff plain text outof an unsecure wireless network but you cant? i sniff while im doing things and i get nothing relavent. thanx for any help, i have tryd searching google and a number of forums but i cant get an answer anywhere. it seems so simple people dnt evan bother.

  2. #2
    Member
    Join Date
    May 2011
    Location
    Israel
    Posts
    74

    Default Re: ettercap sniffing

    Attacker must be connected to the network he must also perform arp poisoning to reroute network traffic between victim and for example GW to flow through his machine interface then the ettercap uses taps or hooks into network stack in order to intercept protocol level 3,4,7 packets and modify their content based on precompiled filters/plugiuns.
    Yes in so called open system you can sniff packets and use wireshark to dissect them.
    get nothing relavent. thanx for any help, i have tryd searching google and a number of forums but i cant get an answer anywhere. it seems so simple people dnt evan bother.
    It is based on wireshark ability to dissect packet.For example if you want to intercept your neighbour traffic when he watch porno movies (online streaming) i think you need to develop your own wireshark dissector for video compressed content.
    Scientia ac Labore

  3. #3
    Just burned his ISO
    Join Date
    Sep 2010
    Posts
    18

    Default Respuesta: Re: ettercap sniffing

    Quote Originally Posted by iliyapolak View Post
    Attacker must be connected to the network he must also perform arp poisoning to reroute network traffic between victim and for example GW
    Actually, for unsecured / WEP encrypted wireless networks that's not necessary. You just need to stick your card in monitor mode so it captures all packets. Since everything goes through the air, you don't need to be connected to receive the packets, as otherwise you wouldn't be able to crack networks.

    Picture the following: you are standing between 2 people who are talking. Instead of radio waves, they use sound waves and you don't need to be a part of their group (connected) to hear what they say. If they speak Mandarin (or WEP) you need to know the key (Mandarin, or WEP key) to decrypt what they say.

    You can even record (capture packets) what they say and then decrypt it later when you learned Mandarin (found the WEP key)

    ARP poisoning is used on Ethernet (wired) networks, so you force the traffic to go through your connection.

    For a better understanding of Wireless hacking, check out the book: Hacking Wireless Exposed. Might not include the latest tools, but once you know the basics, tools are easily understood.

  4. #4
    Member
    Join Date
    May 2011
    Location
    Israel
    Posts
    74

    Default Re: ettercap sniffing

    WEP encrypted wireless networks that's not necessary
    You provided here an example of your lack of knowledge because whene you have WEP encrypted network with rc4 cipher your sniffing software won't decrypt any data packet without the key you can only see management and control unencrypted frames.
    For a better understanding of Wireless hacking,
    Man read my posts and try to understand what i have said before you are trying to correct me or educate me
    check out the book: Hacking Wireless Exposed
    And what about reading 802.11 official standard this is ultimate source of knowledge.
    Picture the following: you are standing between 2 people who are talking. Instead of radio waves, they use sound waves and you don't need to be a part of their group (connected) to hear what they say. If they speak Mandarin (or WEP) you need to know the key (Mandarin, or WEP key) to decrypt what they say
    Sound waves blah blah and what about Fourier decomposition of wi-fi spectrum and maybe i should add DSSS spread xor keys (welsh function) needed to properly modulate signal in order to find it's maxima against the background noise and other dsss signal.
    ARP poisoning is used on Ethernet (wired) networks, so you force the traffic to go through your connection.
    Home router is an example of ESS gear which interconnects three networks LAN,WAN and wi-fi access in order to reroute network flow between wired clients(interfaces) from the point of view of wired client protocols (level 3,4,7) wireless client is abstracted
    by 802.11 level 2 protocols so you can use ettercap to arp poison between wireless and wired client thanks to the 802.11 abstraction mechanism.
    ARP poisoning is used on Ethernet (wired) networks, so you force the traffic to go through your connection.
    You can also use packet injection and modification without the ettercap flow rerouting but you will have always race condition with the AP.
    For a better understanding of Wireless hacking, check out the book: Hacking Wireless Exposed.
    You are trying to educate me but your minimal knowledge is based on the books for the noobs.
    Last edited by iliyapolak; 06-19-2011 at 06:55 AM.
    Scientia ac Labore

Similar Threads

  1. ettercap ssl sniffing
    By 0v3rl04d in forum Supporto Software
    Replies: 7
    Last Post: 04-02-2010, 08:58 PM
  2. ettercap.. help sniffing
    By bt4agostino in forum Angolo Wireless
    Replies: 2
    Last Post: 01-31-2010, 11:45 AM
  3. sniffing, ettercap, https, ssl
    By theoleek in forum OLD Newbie Area
    Replies: 1
    Last Post: 10-25-2009, 01:27 AM
  4. Ettercap Sniffing: What am I doing wrong?
    By got_milk? in forum OLD Latest Public Release - BackTrack4 Beta
    Replies: 0
    Last Post: 02-16-2009, 12:41 PM
  5. ettercap not sniffing...
    By hyder in forum OLD Newbie Area
    Replies: 2
    Last Post: 07-14-2008, 08:32 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •