grs Posted February 6, 2009 Share Posted February 6, 2009 I've got Ettercap installed on my Ubuntu PC but I think there is something wrong with it. I start it the following sudo ettercap -G -n 255.255.255.0 It starts fine then I select Sniff/Unified Sniffing and select the interface I want to monitor, nothing happens and after a few moments the window fades to grey. Any ideas what is causing this, and how to overcome it? Quote Link to comment Share on other sites More sharing options...
H@L0_F00 Posted February 7, 2009 Share Posted February 7, 2009 I've got Ettercap installed on my Ubuntu PC but I think there is something wrong with it. I start it the following sudo ettercap -G -n 255.255.255.0 It starts fine then I select Sniff/Unified Sniffing and select the interface I want to monitor, nothing happens and after a few moments the window fades to grey. Any ideas what is causing this, and how to overcome it? RTFM pretty please... From the question you ask, it seems like you have no clue what Ettercap does and haven't tried to learn anything about it on your own... And no, this is not a flame, you just need to do more research before coming here. I will give you a hint though... Sniffing will do nothing without a man in the middle Quote Link to comment Share on other sites More sharing options...
SomethingToChatWith Posted February 7, 2009 Share Posted February 7, 2009 Check out the man pages... that's what i'm doing :P man ettercap Use your left/right arrow keys to go through each page. Quote Link to comment Share on other sites More sharing options...
grs Posted February 7, 2009 Author Share Posted February 7, 2009 I have been following a simple guide that is doing it through the GUI and best I can tell from the guide and manual I have it set up as they mention but it still stalls. Maybe I posted in the wrong section. Quote Link to comment Share on other sites More sharing options...
shonen Posted February 7, 2009 Share Posted February 7, 2009 Agreed a sniffer wont do stuff all without a man in the middle, the only exception would be if you are situated on a hub seeing as packets are sent on all ports unlike switches, only the computer with the corresponding MAC address to the header information in the packet accepts it all others simply drop it. These days it's rare for anyone to use a hub, I have only ever came across them in some internet cafe's seeing as they dislike paying money for infrastructure. I am not to familiarized with ethercap (only read a bit here and there) but if you where after something with a purdy gui and a lot of documentation and video tutorials it may pay to check out Cain & Abel (windows). I know windows makes one feel slightly less 1337 to the nix apps but meh you are only interested in poisoning the ARP table. if your interested http://www.irongeek.com have some really good tutorials and youtube also has a nice collection. Quote Link to comment Share on other sites More sharing options...
grs Posted February 7, 2009 Author Share Posted February 7, 2009 I thought I was setting up man in the middle, after I select the interface shouldn't I get a list of devices I can connect to? My NIC is connected to a switch with two other PC on it and on the WIFI there are several wireless PC's and wireless access points in the area. Quote Link to comment Share on other sites More sharing options...
grs Posted February 7, 2009 Author Share Posted February 7, 2009 Well so far best I can tell there is a bug with Ettercap and I can't find a fix so the manual is no help in this situation. Has anyone else had similar problems with this program? Quote Link to comment Share on other sites More sharing options...
H@L0_F00 Posted February 7, 2009 Share Posted February 7, 2009 People these days... http://www.google.com/search?q=ettercap+tutorial Quote Link to comment Share on other sites More sharing options...
DingleBerries Posted February 7, 2009 Share Posted February 7, 2009 Sniffing doesnt have to have a man in the middle. It can be used to see if a program is calling a server and other useful things. The OP Lawl, its a bit harder than that. Google; ARP poisoning, MITM, Port Spanning, Monitor Mode v. Passive, ect. Install ettercap ng or wireshark if you want a gui or use tcpdump if you want awesomeness Quote Link to comment Share on other sites More sharing options...
grs Posted February 8, 2009 Author Share Posted February 8, 2009 Those are the tutorials I am following!! and as I have said before, when I get to step two of Arp Spoofing (from the first link in that google search) the program freezes. Dingle, I have wireshark installed too, but rfom my understanding its not capable of mitm. I have not looked at it fully as I'm still trying to work out Ettercap. Quote Link to comment Share on other sites More sharing options...
lnxr0x Posted February 8, 2009 Share Posted February 8, 2009 How about "the middler" ... saw Mubix posted the link over at room362.com.. although not sure how well it will work if your not actually setup as mitm... haven't had a chance to play with it yet .. http://www.room362.com/middler-0902071333.tgz Quote Link to comment Share on other sites More sharing options...
H@L0_F00 Posted February 8, 2009 Share Posted February 8, 2009 Those are the tutorials I am following!! and as I have said before, when I get to step two of Arp Spoofing (from the first link in that google search) the program freezes. Dingle, I have wireshark installed too, but rfom my understanding its not capable of mitm. I have not looked at it fully as I'm still trying to work out Ettercap. Actually... You never mentioned when it froze, or even that you knew how to start the MITM, and the information given above is still not enough for somebody to really help you. Give us more info about what you do and at what point it "freezes". Also make sure you're running Ettercap as root... Quote Link to comment Share on other sites More sharing options...
grs Posted February 8, 2009 Author Share Posted February 8, 2009 Well, i think it freezes, it certainly in not doing what its supposed to. I have being using it as root and I have tried all combinations of options from the menus, all with the same effect. Quote Link to comment Share on other sites More sharing options...
H@L0_F00 Posted February 8, 2009 Share Posted February 8, 2009 Well, i think it freezes, it certainly in not doing what its supposed to. I have being using it as root and I have tried all combinations of options from the menus, all with the same effect. Once again... Where exactly does it freeze? What do you do before it freezes? Put every step taken up until the point it freezes and we'll be able to help more. Quote Link to comment Share on other sites More sharing options...
grs Posted February 8, 2009 Author Share Posted February 8, 2009 I open terminal and type the command sudo ettercap -G -n 255.255.255.0 That starts it GUI mode and sets the netmask to 255.255.255.0. Once ettrecap opens I select Sniff/Unified sniffing a window opens for me to select the interface to monitor, I select eth1 the WIFI interface card, once selescted that window closes and nothing happens and after a few moments the ettercap windows fades to grey. The same thing happens when I choose the other interfaces. On this Ettercap Guide I get to the second image in the Arp Spoofing section when it seems to freeze. Quote Link to comment Share on other sites More sharing options...
H@L0_F00 Posted February 8, 2009 Share Posted February 8, 2009 I've never had this problem. Are all your programs and drivers updated? Quote Link to comment Share on other sites More sharing options...
Swathe Posted February 8, 2009 Share Posted February 8, 2009 Screenshots could prove useful. Quote Link to comment Share on other sites More sharing options...
grs Posted February 8, 2009 Author Share Posted February 8, 2009 The Ubuntu is a fresh install, just downloaded, and updated fully. The Ettercap is a fresh download and install. I will get a few screen shot when I'm at the PC next but the windows are coming up exactly as shown in the guide I posted the link to. When I type the command to launch ettercap the only info that comes up is the copyright and designers names grs@ubuntu:~$ sudo ettercap -G -n 255.255.255.0 [sudo] password for grs: ettercap NG-0.7.3 copyright 2001-2004 ALoR & NaGA When the program is running and stops there is no more output on the command line. Quote Link to comment Share on other sites More sharing options...
roberttt Posted February 10, 2009 Share Posted February 10, 2009 i used to have a similar problem and the only thing i had to change was from amd and broadcom to intel and atheros. oh the headaches i could have saved myself... if only i had known i would have broken that presario sooner Quote Link to comment Share on other sites More sharing options...
grs Posted February 12, 2009 Author Share Posted February 12, 2009 So you think might a hardware based problem. All the hardware seems to be running fine with everything else in Ubuntu Quote Link to comment Share on other sites More sharing options...
H@L0_F00 Posted February 13, 2009 Share Posted February 13, 2009 I just recently experienced Ettercap freezing in windows while I was scanning a pretty big network (more than 150 comps) and set it to resolve IP addresses. Once I unselected 'resolve IP addresses' it worked fine. Maybe this could be your problem? Quote Link to comment Share on other sites More sharing options...
grs Posted February 13, 2009 Author Share Posted February 13, 2009 I will give that a go, when I get a chance. I'm up to my eyeballs with work at the moment. Thanks for the tip. Quote Link to comment Share on other sites More sharing options...
grs Posted February 14, 2009 Author Share Posted February 14, 2009 There doesn't seem to be a Resolve IP Address option in the GUI version of Ettercap, maybe there is a command to type in when starting. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.