Results 1 to 3 of 3

Thread: ettercap ssl questions

  1. #1
    Just burned his ISO
    Join Date
    Jul 2007
    Posts
    2

    Default ettercap ssl questions

    Okay, I've already configured etter.conf properly (No more ssl dissection error in the beginning), and turned on ip forwarding in my iptables script. Now I've tried to sniff ssl, but only managed to sniff non ssl logins+passwords. I've only tried http connections to my router which worked. I also tried with online email & a remote ssh over the internet which had unsucessful results. Any suggestions? Another thing is can I perform ssl sniffing on the same box where I executed ettercap? See I'm on the same box. I wanted to test ettercap, but I only have one running box at the time. I was going to try it with 2 nics. I figured that by adding an extra nic & try a mitm, ssl sniffing with that nic. Would that be possible?


    Thanks

    faceless_intruda

  2. #2
    Developer balding_parrot's Avatar
    Join Date
    May 2007
    Posts
    3,399

    Default

    Quote Originally Posted by faceless_intruda View Post
    Okay, I've already configured etter.conf properly (No more ssl dissection error in the beginning), and turned on ip forwarding in my iptables script. Now I've tried to sniff ssl, but only managed to sniff non ssl logins+passwords. I've only tried http connections to my router which worked. I also tried with online email & a remote ssh over the internet which had unsucessful results. Any suggestions? Another thing is can I perform ssl sniffing on the same box where I executed ettercap? See I'm on the same box. I wanted to test ettercap, but I only have one running box at the time. I was going to try it with 2 nics. I figured that by adding an extra nic & try a mitm, ssl sniffing with that nic. Would that be possible?


    Thanks

    faceless_intruda
    This is really not clear, as to what you have done, what you are trying to do and what you want to do.
    Please ask this again in more detail.

    Remember this is not like sending a text, you don't have quite the same limits on how much you can put and in how little space.

    The more you put in the easier it is for us to see what you actually want and then know how to answer you.

    Hardware
    Software
    commands
    etc

    All this helps us to help you.

  3. #3
    Just burned his ISO
    Join Date
    Jul 2007
    Posts
    2

    Default

    Quote Originally Posted by balding_parrot View Post
    This is really not clear, as to what you have done, what you are trying to do and what you want to do.
    Please ask this again in more detail.

    Remember this is not like sending a text, you don't have quite the same limits on how much you can put and in how little space.

    The more you put in the easier it is for us to see what you actually want and then know how to answer you.

    Hardware
    Software
    commands
    etc

    All this helps us to help you.
    My apologies. Let me rephrase that

    Quote Originally Posted by faceless_intruda View Post
    Okay, I've already configured etter.conf properly (No more ssl dissection error in the beginning), and turned on ip forwarding in my iptables script.
    When I first executed ettercap I was seeing a ssl dissection error. So I found out how to fix that, and turned on ipforwarding in my iptables script. So I don't think my problem has to do with the configuration.

    Quote Originally Posted by faceless_intruda View Post
    Now I've tried to sniff ssl, but only managed to sniff non ssl logins+passwords. I've only tried http connections to my router which worked. I also tried with online email & a remote ssh over the internet which had unsucessful results. Any suggestions?
    Heres what I did when I execute ettercap it doesn't sniff ssl or ssh usernames & passwords. For instance if I execute ettercap, and on the same computer connect to 192.168.1.1 using my browser and log into my router. Ettercap sniffs the username & password. When I try it when logging into to gmail, hotmail, yahoo,etc. it doesn't sniff the username & password. Even when I try ssh.

    ssh whoever@whereever

    It doesn't sniff the username & password when I login. So I'm wondering if anyone can help? Why can't I sniff the username & password in ssl, and ssh?

    Quote Originally Posted by faceless_intruda View Post
    Another thing is can I perform ssl sniffing on the same box where I executed ettercap? See I'm on the same box. I wanted to test ettercap, but I only have one running box at the time.
    I think this is the cause of my problem. Can I sniff ssl, ssh usernames & passwords from a connection on the same computer I initially executed ettercap? Does it only sniff ssl, ssh userames & passwords from other computers on a lan?

    Quote Originally Posted by faceless_intruda View Post
    I was going to try it with 2 nics. I figured that by adding an extra nic & try a mitm, ssl sniffing with that nic. Would that be possible?
    I figured if it can only sniff ssl, ssh userames & passwords from other computers on a lan. Is it possible to simulate 2 computers on a lan by having 2 nic's in one computer? Then I could try to accomplish my goal that way.


    Thanks

    faceless_intruda

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •