Jump to content

Recommended Posts

Hi there !

As there are some discussions around ettercap which pop out recently, this gave me the idea to develop a module dedicated to it.

Features

- Ettercap options selection
- Filter building
- History

316d1451d9fe6d1c92ab4421db24c1d0e1c409ef

f932a5b8a255f86c6b4f50e63fbb7a0741c17b65

Edited by Whistle Master
Link to post
Share on other sites
  • 1 month later...

Could you please give me some hints to how you get this plugin working?

I've tried adding a image-replace filter from this site: http://www.irongeek.com/i.php?page=security/ettercapfilter

But I cant get it working.

Usually the log only states.


[1mettercap NG-0.7.3[0m copyright 2001-2004 ALoR & NaGA
[/CODE]

Also when not using any filter whatsoever..

Link to post
Share on other sites
  • 2 weeks later...

I haven't had much luck getting it working either. Given how my sslstrip was crashing I was hoping to replace it with ettercap. No such luck..

Could you please give me some hints to how you get this plugin working?

I've tried adding a image-replace filter from this site: http://www.irongeek..../ettercapfilter

But I cant get it working.

Usually the log only states.


[1mettercap NG-0.7.3[0m copyright 2001-2004 ALoR & NaGA
[/CODE]

Also when not using any filter whatsoever..

Link to post
Share on other sites
  • 3 weeks later...

Okey, to report some findings regarding the ettercap module.

I'm now able to actually run ettercap via the module but I still can't make any filter working.

Oh, and it seems that this will only work on external wlan1. Ettercap will not run if choosing wlan0.

1. Edit /etc/etter.conf.


[privs]
ec_uid = 0 # nobody is the default
ec_gid = 0 # nobody is the default


------snip--------


#---------------
# Linux
#---------------
# if you use ipchains:
redir_command_on = "ipchains -A input -i %iface -p tcp -s 0/0 -d 0/0 %port -j REDIRECT %rport"
redir_command_off = "ipchains -D input -i %iface -p tcp -s 0/0 -d 0/0 %port -j REDIRECT %rport"

[/CODE]

Just change privs to 0, and remove the # in front of the lines under Linux. I also commented out dns under dissector.

2. Choose your settings for the command. I would recommend not to choose to much options. Less is more. [s]Before you start the command you will have to edit the beginning of the commandline into "ettercap -T ". This is because ettercap requires you to enter an User Interface. Text beeing the right one in this case. And this is not the same as choosing text under Visualization.[/s]

Edit: Seems this might not be the case afterall, I can run without the -T now..

This is just my findings, might not be the same for everybody. Anywho, I would really like to know if you guys have any good filters for ettercap lying around? :)

Edited by loozr
Link to post
Share on other sites
  • 3 months later...
  • 2 weeks later...

I'm unable to get ettercap to work at all, even with no "options" assigned.

If I attempt to start ettercap, with or without any options, ettercap will state that it is running, but as soon as the page is refreshed there is a message in the output window that ettercap has stopped running.

Also, I saw the earlier post stating that ettercap will not work on wlan0, but I only have wlan0 in my interface options.

If need be, I can post the log when I get home.

Does anyone have an idea of what might be going on?

***EDIT: I read loozr's comment a bit closer and I'll check these settings when I get home.

Edited by noxferatu
Link to post
Share on other sites
  • 2 weeks later...
  • 2 months later...

Looks like there is something missing in the commandline that the gui build ?

I tried to set different filters in the gui and pressed start. The file /usb/infusions/ettercap/ettercap.sh with the selected filters was created.

But if i try to run the same command manualy i get an error:

root@Pineapple:/usb/infusions/ettercap# ls -l
drwxr-xr-x    2 501      20            4096 May 16 22:12 css
-rw-r--r--    1 501      20            7460 Feb  9 20:53 ettercap.php
-rwxr-xr-x    1 root     root           138 May 16 22:22 ettercap.sh
-rw-r--r--    1 501      20            1275 Feb  9 20:53 ettercap_actions.php
-rw-r--r--    1 501      20            1512 Dec 23 13:31 ettercap_data.php
-rw-r--r--    1 501      20            1705 Aug  5  2012 ettercap_filters.php
-rw-r--r--    1 501      20            2012 Feb  9 20:53 ettercap_vars.php
drwxr-xr-x    2 501      20            4096 Aug  5  2012 filters
drwxr-xr-x    2 501      20            4096 May 16 22:12 js
drwxr-xr-x    2 501      20            4096 May 16 22:22 log
root@Pineapple:/usb/infusions/ettercap# cat ettercap.sh
#!/bin/sh
ettercap -i br-lan -M arp -w /usb/infusions/ettercap/log/log_1368742926.pcap > /usb/infusions/ettercap/log/log_1368742926.log &
root@Pineapple:/usb/infusions/ettercap# ettercap -i br-lan -M arp -w /usb/infusions/ettercap/log/log_1368742926.pcap > /usb/infusions/ettercap/log/log_1368742926.log

Please select an User Interface

root@Pineapple:/usb/infusions/ettercap#

So there is a User Interface type missing ?

User Interface Type:
  -T, --text                  use text only GUI
       -q, --quiet                 do not display packet contents
       -s, --script <CMD>          issue these commands to the GUI
  -C, --curses                use curses GUI
  -G, --gtk                   use GTK+ GUI
  -D, --daemon                daemonize ettercap (no GUI)

I added a "-T" and the most commands works on the shell so far. Sometimes it stops also directly. No running process with "ps" found.

DonĀ“t know if this helps anybody out there or if this is the real problem. Only want to share it...

Greez

BeNe

Link to post
Share on other sites
  • 3 months later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...