Homeless Posted September 24, 2009 Share Posted September 24, 2009 I was wondering if it was possible to disable the certificate that ettercap displays when a user visits a SSL site. I am using a fresh copy of ettercap if that makes a difference. Quote Link to comment Share on other sites More sharing options...
Sparda Posted September 24, 2009 Share Posted September 24, 2009 you could disable ssl proxying, but if you do that you won't be able to see what's in the encrypted traffic. You could try sslstrip which attempts to convince a web browser to not to use SSL. Alternatively you could plant your CA certificate on the machine. Quote Link to comment Share on other sites More sharing options...
Homeless Posted September 25, 2009 Author Share Posted September 25, 2009 you could disable ssl proxying, but if you do that you won't be able to see what's in the encrypted traffic. You could try sslstrip which attempts to convince a web browser to not to use SSL. Alternatively you could plant your CA certificate on the machine. Seeing SSL traffic isn't that important to me. How would I disable ssl proxying? Quote Link to comment Share on other sites More sharing options...
Sparda Posted September 25, 2009 Share Posted September 25, 2009 There will be a file called etter.ssl.crt some where (could be at /usr/share/ettercap/etter.ssl.crt), just delete or move it. Quote Link to comment Share on other sites More sharing options...
Homeless Posted September 25, 2009 Author Share Posted September 25, 2009 There will be a file called etter.ssl.crt some where (could be at /usr/share/ettercap/etter.ssl.crt), just delete or move it. I found that file in /usr/local/share/ettercap/etter.ssl.crt (backtrack3). However, if that file is removed or replaced with a blank text file, ettercap displays an error stating that the file does not exist and then the program terminates. Quote Link to comment Share on other sites More sharing options...
Sparda Posted September 25, 2009 Share Posted September 25, 2009 So it does. Need to remove redir_command_on from the config, which is probably at /etc/ettercap. Quote Link to comment Share on other sites More sharing options...
Homeless Posted September 25, 2009 Author Share Posted September 25, 2009 So it does. Need to remove redir_command_on from the config, which is probably at /etc/ettercap. Removing that line worked, thank you very much. The location was /usr/local/etc/etter.conf if anyone else wants to know. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.