Hi, first let me say this forums been a great help to me already as nearly every problem I’ve had with BT has been thoroughly solved already by its members.

I’ve been having some trouble using Ettercap-ng (and backtrack 3) to sniff my Imap login.

My lan consists of two laptops, a desktop and a router. I‘ve set up the standard Arp Mitm attack on my laptop and run the mail client for my desktop (XP pro). The web SSL traffic is sniffed fine once the forged certificates are accepted. However, nothing is ever picked up for my Imap account. Inspecting the log files I can see the connection being handled, the “A00002 STARTTLS” command and then the certificate, after which the all the traffic is encrypted.

On the Ettercap features page it says there’s SSL support for Imap as well as several other protocols. Has anyone been able to use this feature or have any advice as to where I’m going wrong?

p.s. I’ve been using the GUI so far but I’m happy to switch to the command line as most posters seem to have more faith in it.