Deezer Posted November 14, 2011 Share Posted November 14, 2011 What is the best setup to capture some traffic and sniff it ? How to do so ? 1) Pineapple Windows 7 with wmware and backtrack5 Cell phone to tether internet 2) Pineapple Direct backtrack5 laptop cell phone to tether internet I got the working tether internet on both solutions. I got my pineapple working. I also got the internet redirection working on backtrack, however, what is best to analyse traffic. You know, i want to see the goodnesss....passwords, usernames, urls etc... not pure ip packets.... Quote Link to comment Share on other sites More sharing options...
zyrax Posted November 14, 2011 Share Posted November 14, 2011 What is the best setup to capture some traffic and sniff it ? How to do so ? 1) Pineapple Windows 7 with wmware and backtrack5 Cell phone to tether internet 2) Pineapple Direct backtrack5 laptop cell phone to tether internet I got the working tether internet on both solutions. I got my pineapple working. I also got the internet redirection working on backtrack, however, what is best to analyse traffic. You know, i want to see the goodnesss....passwords, usernames, urls etc... not pure ip packets.... Passwords, Usernames, URLs etc ARE pure IP-packets... Doesn't matter which setup you use to sniff. It is just a matter of using the right tools for the job. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted November 14, 2011 Share Posted November 14, 2011 (edited) Preferably I would install backtrack on a laptop, for stability and better driver compatibility. Windows is not the best OS when it comes for doing this sort of stuff. Edit: if you are only interested in sniffing passwords, a combination of Etheral or Arp poisoning with Wireshark. Now I really hope you are not doing this on someone else network, or you will be in deep shit. Edited November 14, 2011 by Infiltrator Quote Link to comment Share on other sites More sharing options...
zyrax Posted November 14, 2011 Share Posted November 14, 2011 Preferably I would install backtrack on a laptop, for stability and better driver compatibility. Windows is not the best OS when it comes for doing this sort of stuff. Edit: if you are only interested in sniffing passwords, a combination of Etheral or Arp poisoning with Wireshark. Agree, but he said that he was Using VMWare and Backtrack5 under Windows 7... So I can't see any problem with that setup either. I am using BT5 via VMWare on my MacBook Pro without problems. It is still the drivers from Backtrack that are used. Quote Link to comment Share on other sites More sharing options...
Deezer Posted November 14, 2011 Author Share Posted November 14, 2011 Thanks for the reply. I have successuflly donde so on my backtrack netbook, however, im unbale to sniff eth0 in vmware as imnot sure how to configure it (nat, bridged, host-only....) so i can sniff the network traffic shared by my wifi card and ethernet card hosted on windows. I dont think ill be in deep shit sniffing my girlfriend and brothers traffic. But thanks for the warning. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted November 14, 2011 Share Posted November 14, 2011 Agree, but he said that he was Using VMWare and Backtrack5 under Windows 7... So I can't see any problem with that setup either. I am using BT5 via VMWare on my MacBook Pro without problems. It is still the drivers from Backtrack that are used. I do agree with what you are saying, and I don't see anything wrong with the OPs set up either, it was just my option in terms of performance gains. Quote Link to comment Share on other sites More sharing options...
zyrax Posted November 14, 2011 Share Posted November 14, 2011 Who gave you a warning? ;) Well, you can only sniff packets going through your computer unless sniffing wireless packets from unencrypted clients. Via ethernet you have to do a mitm-attack or arp-poisoning or something like that. If you use Bridged newtork in vmware it should work as a dedicated computer. Quote Link to comment Share on other sites More sharing options...
Infiltrator Posted November 14, 2011 Share Posted November 14, 2011 Via ethernet you have to do a mitm-attack or arp-poisoning or something like that. If you use Bridged newtork in vmware it should work as a dedicated computer. If you haven't checked already, you should try Cain and Abel, its a great Windows utility for performing ARP and DNS poisoning. Quote Link to comment Share on other sites More sharing options...
Deezer Posted November 14, 2011 Author Share Posted November 14, 2011 Who gave you a warning? ;) Well, you can only sniff packets going through your computer unless sniffing wireless packets from unencrypted clients. Via ethernet you have to do a mitm-attack or arp-poisoning or something like that. If you use Bridged newtork in vmware it should work as a dedicated computer. Thanks for the answer. The setup im trying to do is: Pineapple connected from it's ethernet port to my windows 7 laptop ethernet port. Internet is provided from my windows 7 wifi card, shared in windows 7 to my laptop ethernet port. Backtrack5 is running as a vm and want to use it to monitor traffic on my ethernet port with eth0 or eth1 Not sure how to configure eth0 to listen to traffic on my laptop ethernet port. Quote Link to comment Share on other sites More sharing options...
zyrax Posted November 14, 2011 Share Posted November 14, 2011 Thanks for the answer. The setup im trying to do is: Pineapple connected from it's ethernet port to my windows 7 laptop ethernet port. Internet is provided from my windows 7 wifi card, shared in windows 7 to my laptop ethernet port. Backtrack5 is running as a vm and want to use it to monitor traffic on my ethernet port with eth0 or eth1 Not sure how to configure eth0 to listen to traffic on my laptop ethernet port. Just listen on the port that is attached to the Pineapple(eth0) since all traffic is going trough that interface. I use a USB to Ethernet adaptor myself connected to the Pineapple since I like to still be able to connect to the host computer. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.