Results 1 to 8 of 8

Thread: mitm issues

  1. #1
    Junior Member
    Join Date
    May 2007
    Posts
    37

    Default mitm issues

    Hello all.

    First off i'd like to applaud the BT3 team for doing such an excellent job! BT3 is wonderful! keep up the great work.

    Now, for my issue with trying to get mitm to work. right.
    On my private network which consists of about 4 pcs connected to a linksys switch. I then have a wrt54g wireless router connected to that acting as an AP. The mikrotik server has a hotspot system enabled. (www.mikrotik.com)
    Basically i connect to the wireless system just fine and get an ip and i get the hotspot login page as expected.

    So then I try to do the mitm procedure and this is where things take a dive.
    For group 1 i have set the gateway (192.168.0.1) and for group 2 i have all pcs. (//) so it shows up as a blank list in the target list.
    I have also tried both targets blanks (as in for all)
    but i am not intercepting anything.
    if i load the plugin that checks for poisoning it says "Nothing poisoned".

    Also sometimes when I do a host scan it only picks up 1 or two pcs instead of all 4. why is that?

    Please advise.

  2. #2
    Senior Member imported_spankdidly's Avatar
    Join Date
    Feb 2006
    Posts
    1,031

    Default

    Can you ping any of the other machines? What good is a Wifi login page if it lets you on the network without providing a password, lol.
    I felt like bending the bars back, and ripping out the window frames and eating them. yes, eating them! Leaping, leaping, leaping! Colonics for everyone! All right! You dumb*sses. I'm a mental patient. I'm *supposed* to act out!

  3. #3
    Junior Member
    Join Date
    May 2007
    Posts
    37

    Default

    Quote Originally Posted by spankdidly View Post
    Can you ping any of the other machines? What good is a Wifi login page if it lets you on the network without providing a password, lol.
    No cause they have the windows firewall up which doesnt respond to pings.

    I am just really trying to figure out why poisoning isnt working. its frustrating to say the least.

  4. #4
    Senior Member imported_spankdidly's Avatar
    Join Date
    Feb 2006
    Posts
    1,031

    Default

    Then take one of the firewalls down.
    I felt like bending the bars back, and ripping out the window frames and eating them. yes, eating them! Leaping, leaping, leaping! Colonics for everyone! All right! You dumb*sses. I'm a mental patient. I'm *supposed* to act out!

  5. #5
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    If your using ettercap it is for ethernet networks. In some case it can sniff wired traffic wirelesly but for the most part no.

  6. #6
    Senior Member imported_spankdidly's Avatar
    Join Date
    Feb 2006
    Posts
    1,031

    Default

    Really? Weird, I've gotten it to work very well wirelessly. Especially running the Dsniff stuff. Maybe I had it setup a different way? I'd have to think back.

    EDIT: Ettercap wont work with a card in monitor mode from what I'm reading. It also has some issues with the wireless headers. Should work at least a bit though. I used ettercap and driftnet and got PWNT. Some rather disturbing images appeared across my screen.

    Also, are you using the GUI version of ettercap? Or the command line version? The gui version sucked for me, I only use CL version.

    "Ettercap -T -q -M arp:remote // //" baby!

    This article has been around a long time, but if follow it exactly, it should work great.

    http://www.irongeek.com/i.php?page=s...ettercapfilter

    Make sure you have created a valid working cert. It does look a bit odd when you are trying to connect to Gmail and keep getting angry popups about the unknown cert, but the majority of people just keep clicking yes. At least that's what I did when I ran it on my own network.
    I felt like bending the bars back, and ripping out the window frames and eating them. yes, eating them! Leaping, leaping, leaping! Colonics for everyone! All right! You dumb*sses. I'm a mental patient. I'm *supposed* to act out!

  7. #7
    Junior Member
    Join Date
    May 2007
    Posts
    37

    Default

    Quote Originally Posted by pureh@te View Post
    If your using ettercap it is for ethernet networks. In some case it can sniff wired traffic wirelesly but for the most part no.
    Then what would you recommend for a wifi network?

  8. #8
    Junior Member
    Join Date
    May 2007
    Posts
    37

    Default

    Quote Originally Posted by spankdidly View Post
    Really? Weird, I've gotten it to work very well wirelessly. Especially running the Dsniff stuff. Maybe I had it setup a different way? I'd have to think back.

    EDIT: Ettercap wont work with a card in monitor mode from what I'm reading. It also has some issues with the wireless headers. Should work at least a bit though. I used ettercap and driftnet and got PWNT. Some rather disturbing images appeared across my screen.

    Also, are you using the GUI version of ettercap? Or the command line version? The gui version sucked for me, I only use CL version.

    "Ettercap -T -q -M arp:remote // //" baby!

    This article has been around a long time, but if follow it exactly, it should work great.

    http://www.irongeek.com/i.php?page=s...ettercapfilter

    Make sure you have created a valid working cert. It does look a bit odd when you are trying to connect to Gmail and keep getting angry popups about the unknown cert, but the majority of people just keep clicking yes. At least that's what I did when I ran it on my own network.
    Ya I like the command line also. But like i said when it does a host scan sometimes it doesnt discover all hosts so doing // does a good job.
    All i end up with most of the time is DHCP requests showing up and when i activate the "show poisoning status" i get Nothing poisoned.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •