Not sure what you're doing but you can always do it manually
I have a LAB I use in my class that works with BT4 R2. I have tried it with BT5 and it did not work. I found this thread and issue that I thought my be close, although this issue shows fixed, my problem still exists.
Backtrack 5 - Bug #45: etterlog doesn't extract passwords from *.eci file - Redmine
What I do in my lab is start Ettercap get a list of servers, select the FTP server as target 1 and the host system accessing the FTP server as target 2. I start ARP poisoning and start Ettercap's sniffing. I log into the FTP server from the host and in BT4 R2 the Ettercap message window shows the user name and password. The message window does not show the user name and password in BT5 or BT5 R1. Is there something I can do to get this to work, or must I wait for a fix?
With all due respect, you seem to be missing the point. Both version 4 and version 5 have the same Ettercap version (0.7.3). In Backtrack 4 this works correctly. Please look at both of the following videos they show basically the same thing I do with my Lab.
10078 - ettercap ARP poisoning MITM attack - YouTube
BackTrack 4 Man In The Middle Attack - YouTube
This is very important to me, because I am teaching the very first security class the students take. Most of the students have been in a Windows GUI so I need to keep them in a GUI as much as possible since almost none of them have ever seen a command line environment. Keep in mind student in this class can move onto more security classes, networking classes, or software classes. What this means that is that only some of my students may even have a chance to use a command line environment and that will be well after this class.
Doing this manually will introduce more variables that may side track many of my student from the goal of learn how these tools work and are used. With the other issue I referred to shows that something was wrong with the package that made the use of Ettercap on the WireShark file not work. I am assuming that there is something similar here.
I hope this clears up why I need this to work.
I'm having the same problem as described here:
ettercap doesn't show username/passwords!
I'm using ettercap NG-0.7.3 under BT5R1.
Same ettercap-version works fine under BT4R1.
ARP-poissoning works and I can find FTP-username/passwords with wireshark. But it's not shown in ettercap itself nor in the ettercap log files.
Does anyone have a solution?
Thanks in advance