Jump to content

An Automatic Script For Ettercap / Sslstrip


aeiah
 Share

Recommended Posts

my blog post regarding it

the actual script

depends on:

linux

iptables nat

nmap

ettercap (with iptables enabled in etter.conf)

sslstrip

it just gives you a list of available targets on your lan, sets things up and leaves you with ettercap for when passwords start showing up.

let me know how you get on if anyone decides to use it. its not coded very beautifully but it works for me and ill try and get it working for others too.

Edited by aeiah
Link to comment
Share on other sites

my blog post regarding it

the actual script

depends on:

linux

iptables nat

nmap

ettercap (with iptables enabled in etter.conf)

sslstrip

it just gives you a list of available targets on your lan, sets things up and leaves you with ettercap for when passwords start showing up.

let me know how you get on if anyone decides to use it. its not coded very beautifully but it works for me and ill try and get it working for others too.

Awesome, thanks for this, I can't wait to give it a try.

Link to comment
Share on other sites

I´ve been trying to use your script and I run into some trouble, first, the nmap output that your script was using was differente from the output nmap was sending here (mine shows the latency, I'm using nmap v5.0) that was easy to solve.

I've modifed the "issue" command to use the greppable output (-oG) and modified the "replace" command accordingly , after that I've noticied that the hostScan was never receiving any ip, the source of this problem was because using the "not in" comparison it was checking for the existence of a substring so a gateway 192.168.1.1 and an ip 192.168.1.105 would return false and this made the script fail to add any ip to the list.

The solution is pretty simple, just replacing the "not in" to != was enough.

Anyway, thanks for the great script, I hope I was able to help, and sorry for any english mistakes since it's not my primary language

Link to comment
Share on other sites

I´ve been trying to use your script and I run into some trouble, first, the nmap output that your script was using was differente from the output nmap was sending here (mine shows the latency, I'm using nmap v5.0) that was easy to solve.

I've modifed the "issue" command to use the greppable output (-oG) and modified the "replace" command accordingly , after that I've noticied that the hostScan was never receiving any ip, the source of this problem was because using the "not in" comparison it was checking for the existence of a substring so a gateway 192.168.1.1 and an ip 192.168.1.105 would return false and this made the script fail to add any ip to the list.

The solution is pretty simple, just replacing the "not in" to != was enough.

Anyway, thanks for the great script, I hope I was able to help, and sorry for any english mistakes since it's not my primary language

thanks for the description of your changes. grabbing nmap output was bound to be a bit funky over different versions. ill look into making it more bullet proof in the coming days. by the sounds of things using -oG might simplify things. im not a regular user of nmap.

do you fancy posting your modified script here or on my blog?

Link to comment
Share on other sites

# find our targets
nmapScan = issue('nmap', '-sP','-oG','-', gateway+'/24')
hostScan = []
for line in nmapScan.splitlines():
	if 'Host' in line:
		line = line.replace('Host: ','').replace(' ()	Status: Up','')
		if ip != line and gateway != line:
			hostScan.append(line)

That's the modified function

Link to comment
Share on other sites

  • 2 weeks later...
# find our targets
nmapScan = issue('nmap', '-sP','-oG','-', gateway+'/24')
hostScan = []
for line in nmapScan.splitlines():
	if 'Host' in line:
		line = line.replace('Host: ','').replace(' ()	Status: Up','')
		if ip != line and gateway != line:
			hostScan.append(line)

That's the modified function

thanks for that. curiously, ive got nmap v5.00 too, so i assume you were getting errors because of what the gateway was reporting. ive updated my script (located at the same location) with your amendments. hopefully this script will now be a bit more robust.

Link to comment
Share on other sites

  • 5 months later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...