Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: remote_explorer in ettercap

  1. #1
    Member Vagabond's Avatar
    Join Date
    Feb 2010
    Posts
    50

    Default remote_explorer in ettercap

    Hi evryone !

    Has someone actually figuered out how to make the remote_explorer plugin work in BT2 ?

    I was trying severaly strings in ETTER.CONF, but Firefox just doesn´t want to show me anything, even though ettercap says in its status screen, that it sent the command.. Which is the right string to put into etter.conf ?

    I read somewhere else that it might be an user account issue, but I´m logged in as ROOT, so what might it be ?

    Thanx !!

  2. #2
    Just burned his ISO
    Join Date
    Mar 2006
    Posts
    17

    Default

    ive never tried the remote_browser plugin with ettercap, but ive been able to have firefox follow another computers browsing with webspy, maybe you should try that.

  3. #3
    Member
    Join Date
    Mar 2007
    Posts
    335

    Default

    im was wondering if it works wirelessly, cause i got it working through ethernet but get nothing through my wifi card. i'll have another go when i get some sleep and see if i can get it working with my card. i'll post back tomorrow.

  4. #4
    Just burned his ISO
    Join Date
    Mar 2007
    Posts
    6

    Default

    I figured out not too long ago you have to run the Mozilla Browser under root to get the remote browser plugin to work. I tried with Firefox and Swiftfox and couldn't get either to work.

  5. #5
    Member Vagabond's Avatar
    Join Date
    Feb 2010
    Posts
    50

    Default

    Thanx guys ! Hiperlitemofo, how did you get Webspy working with Firefox Doesn´t it require Netscape ?

    Baxter: Lan our wireless is of no diference to the Router AFAIK, if you do ARPPoisining right in ettercap it should work all right !

  6. #6
    Just burned his ISO
    Join Date
    Mar 2006
    Posts
    17

    Default

    yeah it says netscape but it works fine in firefox. Found that out because i was trying to surf the net in firefox and then the browser started to go to all different sites without me doing anything

  7. #7
    Member
    Join Date
    Mar 2007
    Posts
    335

    Default

    i changed the two priv lines in etter.conf to 0 but ARPPoisining was only working through ethernet. but the remote_browser was working. i dont know how to get it working properly but im sure someone can.

  8. #8
    Just burned his ISO
    Join Date
    Jan 2006
    Posts
    21

    Default

    Be`nice if someone wrote a tutorial on how to use 'webspy' and
    the 'remote_browser' plugin for ettercap.
    I would do it but i have't a clue on how to get either of them working.
    anyone?

  9. #9
    Member
    Join Date
    Mar 2007
    Posts
    335

    Default

    i got remote_browser half working for me.
    this is what i did. open etter.conf.
    nano /usr/local/etc/etter.conf
    edit the lines

    [privs]
    ec_uid = 65534 # nobody is the default
    ec_gid = 65534 # nobody is the default

    to

    [privs]
    ec_uid = 0 # nobody is the default
    ec_gid = 0 # nobody is the default


    and the other part i changed was the command used.
    from this

    # the command used by the remote_browser plugin
    remote_browser = "mozilla -remote openurl(http://%host%url)"

    to this

    the command used by the remote_browser plugin
    remote_browser = "firefox -remote= openurl http://%host%url"


    now save it. i could only get it working through ethernet but someone could work this out cause i cant. now when you scan for hosts, remember to check the host list a delete yourself off the list. there must be a better way then this but im still new to BT and i dont know how to do this yet. if you dont then you'l soon find out why lol. also goto your plugin tab and activate you remote_browser plugin.
    now the rest is the same as if your sniffing passwords. Mitm tab and click arp poisoning then remote connection. then Start and start sniffing.
    For those who dont know this, when your finished dont forget to stop your arp poisoning before you exit ettercap. i dont know if this maks a difference but you should also uncomment your iptables in etter.conf.
    from this

    # if you use iptables:
    #redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT %rport"
    #redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT %rport"

    to this

    # if you use iptables:
    redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT %rport"
    redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT %rport"

  10. #10
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    Quote Originally Posted by hyperlitemofo View Post
    yeah it says netscape but it works fine in firefox. Found that out because i was trying to surf the net in firefox and then the browser started to go to all different sites without me doing anything
    Firefox is built off netscape
    dd if=/dev/swc666 of=/dev/wyze

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •