geoff Posted November 27, 2012 Share Posted November 27, 2012 Hello all, I am having an issue with DNS spoofing in backtrack 5 r3 ove rmy wireless interface. My attacking computer is a hp pavilion laptop with 2 gigs of ram, x64 processor, backtrack 5 r3, and my wireless card is a Atheros AR2425 with driver ath5k. My victim computer is a windows 7 serv pack 1 box with kasperski antivirus (turned off) and firewall down. I first modified my set_config file to set ETTERCAP=ON and the ETTERCAP_INTERFACE=wlan0. I then ran SET and chose >Social-Engineering Attacks>Website Attack Vectors>Java Applet Attack Method>Site Cloner>Nat/protforwarding NO>Ip addy for reverse connection"192.168.0.8">url to clone: http://www.google.com>Windows'>http://www.google.com>Windows Reverse_TCP Meterpreter>Backdoored Executable>Port 443>It tells me Arp Cache Poisoning is ON>Site to redirect: http://www.google.com>Says'>http://www.google.com>Says its launching attack,loads up metasploit and starts two listners. At this point when I browse to http://www.google.com on my victim computer using ie it simply loads the real google website. Now if I type my subnet ip for the attackign computer SET is hosting the server on it will take me to the fake page and the java applet will appear and work when clicked. My problem is it does not seem to be redirectiong traffic on my wifi network to the fake site when i try to go to the real one. I have tried doing this the old way as well and turning off ETTERCAP inside the SET_config file. I then would launch my fake site in SET and then edit the ETTER.dns file wif the website connect info and my attacker ip. This did not work either. I have also apt-get updated and upgraded backtrack, as well as msfupdate for metasploit and svn updates for set and ettercap. What could I be missing about getting Ettercap to redirect my network traffic? Thank you for your help and let me know if there is any more information you need to help you trouble shoot this issue! Quote Link to comment Share on other sites More sharing options...
lmnewey Posted May 25, 2013 Share Posted May 25, 2013 Hi Geoff, I'm having a similar problem, only I am using ettercap directly from the command line. It simply does not redirect any traffic, I noticed that the /usr/share/ettercap/etter.dns file does not exist to begin with and I had to create it. not sure whats going on here :( Quote Link to comment Share on other sites More sharing options...
newbi3 Posted May 25, 2013 Share Posted May 25, 2013 (edited) Why are you still using backtrack? It is no longer being developed. Try Kali (Offensive Securities new project) http://www.kali.org/. EDIT: just read the post date... Edited May 25, 2013 by newbi3 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.