Well youre not going to just get the passwords in clear text but ettercap is capable of sniffing SMB traffic. It's not really even necessary to arp poison your victim machine to grab his or her hash.
Learn the difference between LM, NTLM and NTLMv2. Google for smb packet capture. Once you learn how it all works it should be a piece of cake to create a senario in your test environmnet.