Jump to content

Search the Community

Showing results for tags 'ettercap'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL







Enter a five letter word.

  1. Module: ettercap Version: 1.4 Features: Manage dependencies Configure ettercap options Manager filters Live output Run History Change log: 1.4 Bug fixes
  2. Hi, i've just upgraded firmware to 2.6.1 and have some problem with installing Dependencies of SSLSplit and Ettercap. Besides i could not start Dwall listening. Anyone could help plz!
  3. Hello , i bought new Wifi Pineapple NANO and i i've tried to install Ettercap module but i can not run it , and there is no log to check what is going on . is there any way to apply MITM attack on public network without forcing the clients to connect to my own evil AP , i want to spoof ARP and tcpdump all the traffic in nano sd. Thanks
  4. Noob here. Been trying to run some ettercap filters through my virtual machine while ARP-poisoning my host computer.
  5. I'm trying to perform a javascript injection with ettercap 0.8.2 and its filter, but it did not work. All the relevant topics I found are before 2016, I am not sure if this kind of attack still works now? Anyway, this is my filter script if (ip.proto == TCP && tcp.dst == 80) { if (search(DATA.data, "Accept-Encoding")) { replace("Accept-Encoding", "Accept-Nothing!"); msg("zapped Accept-Encoding!\n"); } } if (ip.proto == TCP && tcp.dst == 80) { if (search(DATA.data, "<head>")) { replace("<head>", "<HEAD>"); msg("Code injected"); } } And I run it as e
  6. Hi I'm experimenting with Ettercap to perform MiTM attacks, and DNS-spoof. My setup exists out of two laptops. Laptop A running Kali Linux 2.0 and is the 'attacker' machine (IP:, and Laptop B running Windows 7 as 'victim' (IP: I'm encountering a few problems when I try this, first of all, the command 'route' doesn't find my actual default gateway. It says the default is '', but Ettercap and the Windows machine say it is '' which is the correct one. But that ain't he biggest problem, the biggest problem is, that my D
  7. Hello guys, I'm looking for a tool to gather informations about hosts connected to my network (eventualy pirates hosts), the only way that I found to do that on a passive way (not active by discovering the whole network everytime using nmap or snmp scan for example), are tools like ettercap and p0f or python scapy with passive OS fingerprinting, but what I need is to gather informations on host each time a new one is discovered, so ettercap (or another tool) have to send me this information in real time, i'm trying to use API that those tools gives but they don't work this way. For example,
  8. So here are the facts i am working with kali sana trying to spoof dns with ethercap 1.internal network 2.I can spoof dns ===> when pinging facebook.com from victim machine i get my internal IP ( 3.but when i try to browse with edge, chrome to facebook.com it says no connection 4.when i spoof a different url i get the index page of the server of the attacker 5.tried to spoof dns on xp and on windows 10 same results how can i solve this problem and what is the cause Thank you in advance
  9. I'm trying to do some sniffing on my local network using Kali but I'm not being too successful. I'm mainly using ettercap. Can someone please help me with the steps and explain them in detail so that it's easy to understand?
  10. What are some effective attacks using the pineapple against encrypted networks where the passphrase is already known? Let's assume you only get to use the pineapple, so no kali or laptops or anything like that. One method I can think is for an attacker to respond to beacon requests with an encrypted, spoofed AP using the known passphrase, but I don't think that is possible using the pineapple. I realize that may be a convoluted, ill-thought up method, but is that even possible at all? I understand a bit about handshakes etc, but would it be possible if the pineapple had a little different ha
  11. Hello everyone, I am trying to sniff a network. Adapter TL-WN722N Target AP signal: %80-85 Target network topology: 1 router, 15 clients (mostly windows) My steps are: echo 1 > /proc/sys/net/ipv4/ip_forward airmon-ng start wlan0 going to /etc/ettercap/etter.conf to set: ec_uid = 0 ec_gid = 0 -- Commenting out iptables # if you use iptables: redir_command_on = "iptables -t n.... redir_command_off = "iptables -t ...... and then ettercap -G Sniff -> Unified Sniffing, selecting adapter wlan0 Hosts -> Scan Hosts -> Add victims to target list and then MITM->Arp and t
  12. Hi I was always able to do a mitm attack targetting a specific IP and using sslstrip, ettercap, arpspoof, ... But today I tried (for the first time) to do the whole network at once and it was like sslstrip wasn't doing anything. No errors whatsoever and yet all I could see was the usual "sslstrip 0.9 by Moxie Marlinspike" and then nothing. When I target one computer I usually do something like: echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000 sslstrip -a -k -f arpspoof -i wlan0 -t <targetIP> -r <gat
  13. So I just want to bring to the attention of the experts.. We're currently on assignment and our Mark V is really dropping the ball for us. Scenario 1.) Pine AP - enabled Karma MK5 - enabled Beacon Responder - enabled Harvester - Enabled using the TILE FOR ETTERCAP ettercap on br-lan, hit start. using the TILE FOR SSLSTRIP hit start. -- So long and short, we activate this. Ettercap turns off / stops working after about 30 seconds. -- In otherwords it STOPS WORKING. SSL Strip looks like its working Pine AP, Karma, Beacon, Harvester all reset back to 'disabled' after about 5 minutes.
  14. I am attempting to perform a MitM-style attack from my machine (MacBook Pro running 64-Bit Kali), by means of ARP-poisoning the communication between my router and my targetted machine (a MacBook Air running OSX Mavericks) on my WLAN (WPA2-secured network). In addition, I would like to employ a dns_spoof. I am using a combination of the following: - SSLStrip - Ettercap (with the dns_spoof plugin enabled). - urlsnarf - Wireshark (for examining post-test PCAP results) The commands I perform are as follows: iptables --flush iptables --table nat --flush iptables --delete-chain iptables --tab
  15. Ettercap and sslstrip will not install on my MK5. Notifications says they install successfully; but when I go back to the infusion list is says they need to be updated again. I have tried removing and rebooting but no love. Still does the same thing on these 2 infusions.
  16. Hi! I am new to ettercap (although I am not new to security, and I am not a kiddy ). Because I am working on a mac I enabled the "quick and dirty fix" in etter.conf. I followed the standard tutorials to spoof arp (Added roter and victim to target 1 and 2, arp poisoning, start sniffing). What I expect: My victim is able to browse HTTP ordinarily. What I get: The arp is spoofed correctly (the cache got my attacker's mac instead of the router's), but I get request timeouts when pinging my router. I cannot open web pages anymore, nothing loads. Although the connections tab lists the victi
  17. Hi Ettercap is no longer working. As soon I hit the start the process stops. how can i find out what is not working without reflashing it. Im seeing the following errors when I try to download previous captures ettercap log_1389567143.log [January 12 2014 22:52:25] Listening on eth0... (Ethernet) eth0 -> 00:13:37:XXXXXXXX invalid invalid SSL dissection needs a valid 'redir_command_on' script in the etter.conf file Privileges dropped to UID 65534 GID 65534... 28 plugins 39 protocol dissectors 53 ports monitored 7587 mac vendor fingerprint 1698 tcp OS fin
  18. To get ettercap going , do i need to edit the iptables like i would in Linux ? Or should it work out of the box? any tips or tutorials would be very helpful
  19. I recently started to experiment with ettercap and its filters to see what can be done with them. I read through some tutorials avaliable online and was able to successfull create my own filter. Now my problem is that inside the filter I have the replace function that should replace the first sting with the second one. However this is not the case. My filter is very simple and is as follows: I compile this filter as filter .eg and run ettercap, replacing the * with the relevant IP address. ettercap -T -F filter.eg -w testdump -M arp /***.***.***.***/ // output: I activate the filter and
  20. masler77


    is there anyone who can explain how ettercap works? the different opportunities the program has? settings that can be used? thanks in advance masler77
  21. I'm having a problem with my tablet and laptop losing internet connection through the pineapple after running ettercap for the first time. The first time ettercap runs, it works great, but the 2nd, 3rd, 4th, etc times, it creates a problem. Here is what my setup looks like: Tablet and Laptop -> Pineapple -> Home Access Point -> Internet I boot the pineapple up that is directly connected to a reliable AC outlet and connect to it from my laptop wireless network card. I then configure the pineapple through the web interface to connect to my WPA2 home network. I'm able to browse the
  22. Hello all, I am having an issue with DNS spoofing in backtrack 5 r3 ove rmy wireless interface. My attacking computer is a hp pavilion laptop with 2 gigs of ram, x64 processor, backtrack 5 r3, and my wireless card is a Atheros AR2425 with driver ath5k. My victim computer is a windows 7 serv pack 1 box with kasperski antivirus (turned off) and firewall down. I first modified my set_config file to set ETTERCAP=ON and the ETTERCAP_INTERFACE=wlan0. I then ran SET and chose >Social-Engineering Attacks>Website Attack Vectors>Java Applet Attack Method>Site Cloner>Nat/protforwardi
  23. Hello Guys, This is my first post here, so please correct me if i'm doing something wrong. :) OK, so I'm experiencing a very strange problem... I want to be able to redirect traffic to a local IP address, so I recently installed dsniff on my PC. Well, I firstly arpspoof the victims successfully and then fire up dnsspoof, using an ordinary dnsspoof.conf file which contains something like this: facebook.com <ip adress here> *facebook.com <ip adress here> When IP forwarding is set to 0, the redirection works perfectly. However, when the victim tries to visit or ping another si
  24. Hello there, i am interested in ettercap. I want to know, if there is possible way to have ettercap on one laptop and be on it both, as a victim an attacker. for example, i start ettercap with filter setting instead of acceptencoding to acceptrubbish and as parameter i set my ip address, so i can edit my packets? i can't make it work fro some unknown reasons. thanks for reply
  25. I have installed dsniff on my linux laptop (linux mint 14, nadia) and have figured out how to use arpspoof/ettercap to deliver an ARP poison. The problem: whenever I deliver the attacks to the devices that I am test-attacking (usually my other laptop or smart phone via wifi), their internet connections merely stop working! When I killall arpspoof, the internet on the test machines goes back to working. I cannot figure out what I am doing wrong! For people who want more detail (arpspoof method I use): 1. set up port forwarding by editing the /proc/sys/net/ipv4/ip_forward file 2. change the
  • Create New...