Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: Ettercap not scanning for hosts

  1. #1
    Just burned his ISO
    Join Date
    Aug 2011
    Posts
    2

    Default Ettercap not scanning for hosts

    Hi all,

    I'm having a problem with ettercap.

    I do:

    ettercap -G

    Sniff > Unified sniffing > OK

    Hosts > Scan for hosts

    and I get this in my ettercap GUI:

    Listening on eth0... (Ethernet)

    eth0 -> 00:23:8B:4C:8E:85 invalid invalid

    Privileges dropped to UID 65534 GID 65534...

    28 plugins
    39 protocol dissectors
    53 ports monitored
    7587 mac vendor fingerprint
    1698 tcp OS fingerprint
    2183 known services
    Randomizing -1 hosts for scanning...
    Scanning the whole netmask for -1 hosts...
    0 hosts added to the hosts list...

    Two things that I find that are different from the tutorials I'm following is the invalid part and the -1 parts.

    Anyone know how I can fix this? Thanks so much!

  2. #2
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Re: Ettercap not scanning for hosts

    Did you edit your etter.conf file? Did you select the right interface? Did you set the correct netmask?
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

  3. #3
    Just burned his ISO
    Join Date
    Jan 2012
    Posts
    9

    Default Re: Ettercap not scanning for hosts

    Hi

    i have a problem with ettercap

    Code:
    root@bt:~# ettercap -G
    
    ettercap NG-0.7.3 copyright 2001-2004 ALoR & NaGA
    
    Dissector "dns" not supported (etter.conf line 70)
    
    (<unknown>:2391): GLib-GObject-WARNING **: /build/buildd/glib2.0-2.24.1/gobject/gsignal.c:3079: signal name `depressed' is invalid for instance `0x85fb00'
    i select right interface but i did not edit etter.conf and i try for scan hosts and my result

    Code:
    Listening on ppp0... (Linux cooked)
    
      ppp0 ->	00:00:00:00:00:00       10.20.30.32   255.255.255.255
    
    SSL dissection needs a valid 'redir_command_on' script in the etter.conf file
    Privileges dropped to UID 65534 GID 65534...
    
      28 plugins
      39 protocol dissectors
      53 ports monitored
    7587 mac vendor fingerprint
    1698 tcp OS fingerprint
    2183 known services
    Randomizing 0 hosts for scanning...
    Scanning the whole netmask for 0 hosts...
    0 hosts added to the hosts list...
    where is my problem ?

    how do i con edit etter.conf ?

    tnx in advance

  4. #4
    Very good friend of the forum maverik35's Avatar
    Join Date
    Sep 2009
    Location
    Debian land
    Posts
    734

    Default Re: Ettercap not scanning for hosts

    Did you change the etter.conf?...
    I quote:
    "SSL dissection needs a valid 'redir_command_on' script in the etter.conf file
    Privileges dropped to UID 65534 GID 65534..."
    You need to uncomment the lines in /etc/etter.conf file: "redir_command_on and redir_command_off" in Linux section...
    You cannot dissect SSL if iptables are not configured..That's why you need to uncomment those lines I mentioned...This is the reason to the warning mentioned above.

    Also configure the ec_uid and ec_gid = 0 if not so...You need root priviledges to configure interfaces, once they are done by ettercap, then drops priviledges, to whom?..You tell that: 0=root, 65535 = nobody, or type at terminal prompt: id and it will give you your id and group. If prompt as #, is 0, if prompt as $, in my case is 1000.

    If you are using BT5, leave it as 0 (root)..If in Debian (my case), Ubuntu, etc (ettercap installed in those OS) use id in $ mode, otherwise it wont work. I speak on my experience...

    Once you configure your ettercap, try again..

    Also make sure you are in the same subnet, as said by sickness, because if not, you just cannot scan any hosts, because there is nobody but you...

    This how i use it: xx@xx#: ettercap -Tqi eth1 -M arp:remote // /gateway/ -P autoadd
    My interface is eth1, you use yours accordingly.
    gateway, you use the one in your subnet, in my case the gateway is 10.0.0.1
    The plugin used by my is just in case after running ettercap, anyone connecting, is autoadded to the sniffing...
    Hope it helps

  5. #5
    Just burned his ISO
    Join Date
    Jan 2012
    Posts
    9

    Default Re: Ettercap not scanning for hosts

    Hi

    Thank you maverik35 i did not change etter.conf , becuse i am newbie

    i use BT5 and i type at terminal nano etter.conf and i saw etter.conf file is empty

    i know my all problem is etter.conf but i can't solve this problem . i should edit etter.conf but i am newbie

    can u tell me step by step for edit etter.conf ? or give me video for my problem i serached but i did not find

    sorry for my bad english

    tnx in advance

  6. #6
    Just burned his ISO
    Join Date
    Jan 2012
    Posts
    9

    Default Re: Ettercap not scanning for hosts

    I did edited etter.conf i changed uid and gid = 0

    and i changed
    Code:
    #---------------
    #     Linux 
    #---------------
    
    # if you use ipchains:
       #redir_command_on = "ipchains -A input -i %iface -p tcp -s 0/0 -d 0/0 %port -j REDIRECT %rport"
       #redir_command_off = "ipchains -D input -i %iface -p tcp -s 0/0 -d 0/0 %port -j REDIRECT %rport"
    
    # if you use iptables:
       #redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
       #redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
    to
    Code:
    #---------------
    #     Linux 
    #---------------
    
    # if you use ipchains:
       #redir_command_on = "ipchains -A input -i %iface -p tcp -s 0/0 -d 0/0 %port -j REDIRECT %rport"
       #redir_command_off = "ipchains -D input -i %iface -p tcp -s 0/0 -d 0/0 %port -j REDIRECT %rport"
    
    # if you use iptables:
       redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
       redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
    but i still did succeed and i type at terminal ettercap -G and i gave the same error
    Code:
    ettercap NG-0.7.3 copyright 2001-2004 ALoR & NaGA
    
    Dissector "dns" not supported (etter.conf line 70)
    and i worked with ettercap and i try for scan host but before I get the results

    Code:
    Randomizing 0 hosts for scanning...
    Scanning the whole netmask for 0 hosts...
    0 hosts added to the hosts list...

  7. #7
    Very good friend of the forum maverik35's Avatar
    Join Date
    Sep 2009
    Location
    Debian land
    Posts
    734

    Default Re: Ettercap not scanning for hosts

    That's ok, I understand, no problem cuate..Here is what you have to do:
    1. Open up a terminal.
    2. In linux OS, you have a Hierarchical structure, so always keep this in mind: "/" is the root directory, the first level of the File structure.
    The etter.conf is a configuration file to ettercap. So you have to type: nano /etc/etter.conf
    The etter.conf is located under the /etc directory (etc is under "/" root directory, that is why /etc your are pointing to that directory)
    3. You have to move within the file with the arrows, and take a look at the bottom, you will see the commands to write, exit, etc.Th. ey are represented as: ^X Exit, ^O Save..===== "^" = Ctl
    4. Look for the "redir_command_on/off. Then go to the "linux" section.
    5. You will see this:
    # if you use iptables:
    #redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
    #redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
    Change it to this (uncomment the 2 lines) (Quitele el signo de gato):
    # if you use iptables:
    redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
    redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
    6. Then go to the top of the file, and you will see this:
    [privs]
    ec_uid = 65534 # nobody is the default
    ec_gid = 65534 # nobody is the default
    Change it to this
    ec_uid = 0 # nobody is the default
    ec_gid = 0 # nobody is the default

    Then just save it (Ctl + O) and then exit (Ctl + X).
    Try again.

    The scanning problem is not related to this matter I post above, you have to know if you are in the same subnet, do this:
    1. Open up a terminal.
    2. type: ifconfig
    3 See your IP address.
    4 Ex: router IP = 10.0.0.1
    Subnet ID is = 10.0.0.0
    Subnet Broadcast = 10.0.0.255
    Subnet DHCP range = 10.0.0.1 to 254. Some routers have ranges starting from certain IP addresses.
    So, all PC's in the subnet should be between 10.0.0.1 to 10.0.0.254, including gateway (router)..
    If your IP is 10.0.0.102, all other hosts should be something like this: 10.0.0.106, 107, 108, and so on.

    So if your ettercap is not finding any hosts, perhaps there are none or your ip is not in the subnet...

    Any other help, please post to keep helping.

    Suerte.

  8. #8
    Just burned his ISO
    Join Date
    Jan 2012
    Posts
    1

    Default Re: Ettercap not scanning for hosts

    Make sure that you selected the right network interface that the targe PC are in

  9. #9
    Just burned his ISO
    Join Date
    Jan 2012
    Posts
    9

    Default Re: Ettercap not scanning for hosts

    Thanks maverik35

    i changed uid gid = 0

    and i changed
    Code:
    # if you use iptables:
    #redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
    #redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
    Change it to this (uncomment the 2 lines) (Quitele el signo de gato):
    # if you use iptables:
    redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
    redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"

    but i have still problem

    my ifconfig is
    Code:
    root@bt:~# ifconfig
    eth0      Link encap:Ethernet  HWaddr f4:6d:04:be:68:eb  
              inet6 addr: fe80::f66d:4ff:febe:68eb/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:512 errors:0 dropped:0 overruns:0 frame:0
              TX packets:337 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000 
              RX bytes:160914 (160.9 KB)  TX bytes:84961 (84.9 KB)
              Interrupt:44 
    
    lo        Link encap:Local Loopback  
              inet addr:127.0.0.1  Mask:255.0.0.0
              inet6 addr: ::1/128 Scope:Host
              UP LOOPBACK RUNNING  MTU:16436  Metric:1
              RX packets:59 errors:0 dropped:0 overruns:0 frame:0
              TX packets:59 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0 
              RX bytes:9345 (9.3 KB)  TX bytes:9345 (9.3 KB)
    
    ppp0      Link encap:Point-to-Point Protocol  
              inet addr:10.20.30.32  P-t-P:1.1.50.5  Mask:255.255.255.255
              UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1480  Metric:1
              RX packets:242 errors:0 dropped:0 overruns:0 frame:0
              TX packets:262 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:3 
              RX bytes:134707 (134.7 KB)  TX bytes:74581 (74.5 KB)
    
    wlan0     Link encap:Ethernet  HWaddr e0:b9:a5:7f:8e:5d  
              UP BROADCAST MULTICAST  MTU:1500  Metric:1
              RX packets:0 errors:0 dropped:0 overruns:0 frame:0
              TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000 
              RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

  10. #10
    Senior Member
    Join Date
    Jul 2011
    Posts
    236

    Default Re: Ettercap not scanning for hosts

    Try looking at
    /usr/local/etc/etter.conf
    -vs-
    /etc/etter.conf

    or you could do
    find / -name 'etter.conf'


    As well, stay away from the GUI till you understand what yer doing syntax wise.

    Do you know how to use other tools to scan for hosts? nmap...etc...??
    V/r,
    Snafu
    Pffbt..[quote]I made a discovery today. I found a computer. Wait a second, this is cool. It does what I want it to. If it makes a mistake, it's because I screwed it up. Not because it doesn't like me... Or feels threatened by me.. Or thinks I'm a smart ass.. [/quote]

Page 1 of 2 12 LastLast

Similar Threads

  1. Ettercap-gtk crashes while scanning for hosts
    By Jame5 in forum BackTrack 5 Bugs
    Replies: 20
    Last Post: 10-09-2012, 12:02 AM
  2. Ettercap hangs while scanning for hosts
    By michelinok in forum BackTrack 5 Beginners Section
    Replies: 15
    Last Post: 11-12-2011, 07:52 PM
  3. ettercap all hosts
    By rashwan in forum Beginners Forum
    Replies: 3
    Last Post: 02-19-2010, 05:57 AM
  4. Ettercap not detecting hosts
    By SilvaRizla in forum OLD Newbie Area
    Replies: 6
    Last Post: 08-09-2009, 07:41 PM
  5. Ettercap scanning new hosts
    By 1shot_1kill in forum OLD Newbie Area
    Replies: 3
    Last Post: 12-14-2008, 10:14 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •