Jump to content

What Is Best Setup ? For Sniffing Traffic ?


Deezer
 Share

Recommended Posts

What is the best setup to capture some traffic and sniff it ? How to do so ?

1)

Pineapple

Windows 7 with wmware and backtrack5

Cell phone to tether internet

2)

Pineapple

Direct backtrack5 laptop

cell phone to tether internet

I got the working tether internet on both solutions. I got my pineapple working. I also got the internet redirection working on backtrack, however, what is best to analyse traffic. You know, i want to see the goodnesss....passwords, usernames, urls etc... not pure ip packets....

Link to comment
Share on other sites

What is the best setup to capture some traffic and sniff it ? How to do so ?

1)

Pineapple

Windows 7 with wmware and backtrack5

Cell phone to tether internet

2)

Pineapple

Direct backtrack5 laptop

cell phone to tether internet

I got the working tether internet on both solutions. I got my pineapple working. I also got the internet redirection working on backtrack, however, what is best to analyse traffic. You know, i want to see the goodnesss....passwords, usernames, urls etc... not pure ip packets....

Passwords, Usernames, URLs etc ARE pure IP-packets... Doesn't matter which setup you use to sniff. It is just a matter of using the right tools for the job.

Link to comment
Share on other sites

Preferably I would install backtrack on a laptop, for stability and better driver compatibility.

Windows is not the best OS when it comes for doing this sort of stuff.

Edit: if you are only interested in sniffing passwords, a combination of Etheral or Arp poisoning with Wireshark. Now I really hope you are not doing this on someone else network, or you will be in deep shit.

Edited by Infiltrator
Link to comment
Share on other sites

Preferably I would install backtrack on a laptop, for stability and better driver compatibility.

Windows is not the best OS when it comes for doing this sort of stuff.

Edit: if you are only interested in sniffing passwords, a combination of Etheral or Arp poisoning with Wireshark.

Agree, but he said that he was Using VMWare and Backtrack5 under Windows 7... So I can't see any problem with that setup either. I am using BT5 via VMWare on my MacBook Pro without problems. It is still the drivers from Backtrack that are used.

Link to comment
Share on other sites

Thanks for the reply.

I have successuflly donde so on my backtrack netbook, however, im unbale to sniff eth0 in vmware as imnot sure how to configure it (nat, bridged, host-only....) so i can sniff the network traffic shared by my wifi card and ethernet card hosted on windows.

I dont think ill be in deep shit sniffing my girlfriend and brothers traffic. But thanks for the warning.

Link to comment
Share on other sites

Agree, but he said that he was Using VMWare and Backtrack5 under Windows 7... So I can't see any problem with that setup either. I am using BT5 via VMWare on my MacBook Pro without problems. It is still the drivers from Backtrack that are used.

I do agree with what you are saying, and I don't see anything wrong with the OPs set up either, it was just my option in terms of performance gains.

Link to comment
Share on other sites

Who gave you a warning? ;)

Well, you can only sniff packets going through your computer unless sniffing wireless packets from unencrypted clients. Via ethernet you have to do a mitm-attack or arp-poisoning or something like that. If you use Bridged newtork in vmware it should work as a dedicated computer.

Link to comment
Share on other sites

Via ethernet you have to do a mitm-attack or arp-poisoning or something like that. If you use Bridged newtork in vmware it should work as a dedicated computer.

If you haven't checked already, you should try Cain and Abel, its a great Windows utility for performing ARP and DNS poisoning.

Link to comment
Share on other sites

Who gave you a warning? ;)

Well, you can only sniff packets going through your computer unless sniffing wireless packets from unencrypted clients. Via ethernet you have to do a mitm-attack or arp-poisoning or something like that. If you use Bridged newtork in vmware it should work as a dedicated computer.

Thanks for the answer.

The setup im trying to do is:

Pineapple connected from it's ethernet port to my windows 7 laptop ethernet port.

Internet is provided from my windows 7 wifi card, shared in windows 7 to my laptop ethernet port.

Backtrack5 is running as a vm and want to use it to monitor traffic on my ethernet port with eth0 or eth1

Not sure how to configure eth0 to listen to traffic on my laptop ethernet port.

Link to comment
Share on other sites

Thanks for the answer.

The setup im trying to do is:

Pineapple connected from it's ethernet port to my windows 7 laptop ethernet port.

Internet is provided from my windows 7 wifi card, shared in windows 7 to my laptop ethernet port.

Backtrack5 is running as a vm and want to use it to monitor traffic on my ethernet port with eth0 or eth1

Not sure how to configure eth0 to listen to traffic on my laptop ethernet port.

Just listen on the port that is attached to the Pineapple(eth0) since all traffic is going trough that interface. I use a USB to Ethernet adaptor myself connected to the Pineapple since I like to still be able to connect to the host computer.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...