[Sniffing on the local network]

Use Wireshark doesn't seem like starters level program to use.

That be like jumping into a deep end of the pool rather starting out in the waist deep water to learn to swim.

This is way i make the kinda videos i do is because a lot of the guys who make videos wanna use big tech words that beginners don't understand i try to explain at a beginners level so that even someone with no computer knowledge can do it.

I have been lacking on releasing videos like what hes wanting to do but im mainly trying to redo all my old ones heh.

Will get around to doing a video on doing something like this when i can.

I have a few scripts on my site that were made by some other people online they are pretty decent for sniffing data like passwords and stuff like that.

But if you really wanna understand the behind the scenes of the tools you might wanna focus on looking at their source code and researching what the file is doing.

your site is really nice..great job with the videos..

[Sniffing on the local network]

I believe in ettercap, there are plenty if tutorials out there for this attack, I'm sure your missing a few little settings.

on backtrack. A fewcommands

Locate etter.conf

You have to edit 3 lines, first set guid => 0

And scrole down you will find 2 lines of iptables, remove the # on both iptable lines to enable

Then you have to locate IP_forwarding and edit it to show 1

Ettercap -T -q -M ARP // //

I do agree with whar wassaid above, I would start out with a distro like Linux mint or something...

on your test machine try surfing multiple websites like yahoo.com msn.com etc...

Thanks,

I editted the etter.conf file but i couldn't locate the IP_forwarding file?

where is it located?

[Sniffing on the local network]

I'm trying to do some sniffing on my local network using Kali but I'm not being too successful. I'm mainly using ettercap.

Can someone please help me with the steps and explain them in detail so that it's easy to understand?

[SSLstrip 0.9]

It seems you don't have a clear understanding of what sslstrip does.

Read this thread on this very forum for some additional insight.

TL;DR: Once it's https it stays https. All SSLStrip does is prevent the remote site from upgrading the existing http connection to https and having it appear to the target as if the site is secure when in fact it isn't.

The way to clear an htst entry from the target machine is to have the remote site specify a duration of 1 for its hsts header. The value is the amount of seconds after the moment the browser sees this header field that any subsequent connection attempt by the browser must be made using https, so use that, wait a second, then access via http and it will do just that.

Ok...that breakdown you did on that post was really helpful.. Thanks.

So if what I understood is right..what if the victim clears all the cookies and history everything and then goes to any https website while the attacker has already started sslstrip..then he should get a http site, right?

[SSLstrip 0.9]

Most websites these days like social media sites force https by default not an expert at https but i will just say that sslstrip is pretty much out dated when it comes to trying to target websites that have https even if you were able to generate a "legit" SSL Cert i wouldn't know how to tell you how you go about decrypting the SSL traffic not like i've seen any public tools out for that.

Also thanks to HTTP Strict Transport Security (HSTS) built into all the web browsers expect IE the HTTPS is nicely cached in the browser so unles you can clear the target machines browser cache as soon as they go to a website like facebook the it's gonna load https.

okay...so how would you clear the target machine's browser cache? doing this seems a bit tough...

[SSLstrip 0.9]

What website are you trying to intercept? Are you sure your target is accessing it via HTTP (as opposed to HTTPS)?

Well, my main objective is to sniff passwords over the local network...so HTTPS transfers encrypted data which even if I sniff, it wont be readable...so thats why I want it to turn into HTTP so that things can get easier.

[SSLstrip 0.9]

Hello,
I am new to this hacking stuff. I'm curious so I'm trying out new things.

One thing I came across is SSLstrip...I read about it and its use so I wanted to try it on a system.
But after doing the steps as given in the video How To: Use SSLstrip On Kali Linux by Chris Haralson on YouTube, the victim system is still opening HTTPS.

I tried using SSLstrip from BackTrack 5 r3 also...but I wasn't successful.

I know I'm missing something..Please help me.