Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Everything posted by Motzart

  1. The output is: Listening on: en2 -> ***** (My MAC) ***** Privileges dropped to UID 65534 GID 65534... 33 plugins 40 protocol dissectors 54 ports monitored 16074 mac vendor fingerprint 1766 tcp OS fingerprint 2182 known services Randomizing 255 hosts for scanning... Scanning the whole netmask for 255 hosts... 7 hosts added to the hosts list... Host added to TARGET1 Host added to TARGET2 ARP poisoning victims: GROUP 1 : **** (MAC Router) GROUP 2 : (MAC victim) Starting Unified sniffing... DHCP: [] ACK : GW DNS "speedport.ip" I don't think this will be very helpful :( My terminal that is attached to ettercap shows ettercap 0.8.0 copyright 2001-2013 Ettercap Development Team 01000 fwd,59272 ip from any to any proto tcp dst-port 992 in via en2 01100 fwd,59273 tcp from any to any dst-port 465 in via en2 01200 fwd,59274 ip from any to any proto tcp dst-port 995 in via en2 01300 fwd,59275 ip from any to any proto tcp dst-port 563 in via en2 01400 fwd,59276 tcp from any to any dst-port 636 in via en2 01500 fwd,59277 tcp from any to any dst-port 994 in via en2 01600 fwd,59278 tcp from any to any dst-port 993 in via en2 01700 fwd,59279 tcp from any to any dst-port 8080 in via en2 01800 fwd,59280 tcp from any to any dst-port 443 in via en2
  2. Pinging works, but I don't understand my captures. Same scenario as above, I just pinged my pi instead of my router. Victim: Attacker: Pi: What I don't understand: In my attacker I only monitor tower->weiss (attacker->victim), nothing else. Is this normal? Still: Pinging my router, or sending DNS requests to it does not work at all. Thanks for your help again!
  3. I started wireshark on my victim ("weiss") and on my attacker ("tower") and pinged to my router ("speedport.ip"). I filtered for ICMP. Attacker: Victim: What I see: The ICMP requests are directed to my attacker (ofc I am not in promiscuous mode). My attacker sends them to the router, but the router does not answer. Thanks for your help!
  4. Hi! I am new to ettercap (although I am not new to security, and I am not a kiddy ). Because I am working on a mac I enabled the "quick and dirty fix" in etter.conf. I followed the standard tutorials to spoof arp (Added roter and victim to target 1 and 2, arp poisoning, start sniffing). What I expect: My victim is able to browse HTTP ordinarily. What I get: The arp is spoofed correctly (the cache got my attacker's mac instead of the router's), but I get request timeouts when pinging my router. I cannot open web pages anymore, nothing loads. Although the connections tab lists the victim's connections correctly. First I thought I needed a software that listens on my attacker in order to tunnel the traffic to the router (man in the middle). I found a thread saying it should listen on 8080. But after watching a video I guess that's already included when I select ARP poisoning? What point am I missing? I hope I provided enough information. Thanks for any help!
  • Create New...