Search the Community

Hallo, I have one question about the Lan Turtle. When i connect the Lan turtle in a PC from a "big" network so the lan turtle has acces to the network, doesnt it? When i want to start a MITM attack, have the target device only be in the same network or should i connect the lan turtle directly to the targetet device? So for example i plug in the lan turtle in "PC206" and i want to attack the "PC259" does it works or should i plug in the turtle in PC259? I Hope you understand my question :) Thanks in advice, Simon PS: sorry for my bad englisch, im not a native speaker

so i was wondering if anyone here could tell me, link me or make a video on how to perform the man in the middle attack with the pineapple mark V. thank you - Stanly

Hello , i am currently working on MITM attacks and i am trying to redirect websites to my computer through dnsspoof and the problem is that ,although it is picking up traffic and i can see it registers all sites the victim is visiting , it is still letting the victim connect to the website instead of redirecting it to me. Here is a my procedure: -firstly i created a mon0 interface form wlan0 wireless card -i started up my access point [ airbase-ng --essid mitm -c 11 mon0 ] -then i created a bridge between at0 and eth0 : brctl addbr mitm-bridge brctl addif mitm-bridge eth0 brctl addif mitm-bridge at0 ifconfig eth0 0.0.0.0 up ifconfig at0 0.0.0.0 up -then i went into [ ifconfig ] to see my ip ( lets say it is 150.150.1.1 ) and did : ifconfig mitm-bridge 150.150.1.1 up -so now my machine and the bridge have the same ip -then i did ip forwarding: echo 1 > /proc/sys/net/ipv4/ip_forward -i connected the victim to the airbase-ng and everything was fine .The traffic was going through and there was no problem. -then i did: dnsspoof -i mitm-bridge -it started and when i went to google.com on the victim machine it didnt reroute it.It just went to google.com -when it connected to google.com it showed : 192.168.1.13 .<some random 5 digit number> > 192.186.1.1.53 A? google.com -from where i was getting my information about dnsspoof it showed that instead of the 192.168.1.13 ( the ip of the victim device ) should be 150.150.1.1 ( attacking device ) and it was stated that the connection would be refused but it wasnt! Please help me! I am trying to figure this out for a week now... Good day!

Hi! I am new to ettercap (although I am not new to security, and I am not a kiddy ). Because I am working on a mac I enabled the "quick and dirty fix" in etter.conf. I followed the standard tutorials to spoof arp (Added roter and victim to target 1 and 2, arp poisoning, start sniffing). What I expect: My victim is able to browse HTTP ordinarily. What I get: The arp is spoofed correctly (the cache got my attacker's mac instead of the router's), but I get request timeouts when pinging my router. I cannot open web pages anymore, nothing loads. Although the connections tab lists the victim's connections correctly. First I thought I needed a software that listens on my attacker in order to tunnel the traffic to the router (man in the middle). I found a thread saying it should listen on 8080. But after watching a video I guess that's already included when I select ARP poisoning? What point am I missing? I hope I provided enough information. Thanks for any help!