Jump to content

Recommended Posts

Posted (edited)

Hello everyone,

I'm having a problem with how to use ettercap on the pineapple.

I have my pineapple connecting to my router with wlan1, I then use:

ettercap -i wlan1 -M arp // // -Tq
and in another window urlsnarf -i wlan1
But the pineapple does not seem to be arping nor sniffing anything...
Can anyone give me a hint to what am I doing wrong?
Edited by Catware
Posted

Hello everyone,

I'm having a problem with how to use ettercap on the pineapple.

I have my pineapple connecting to my router with wlan1, I then use:

ettercap -i wlan1 -M arp // // -Tq
and in another window urlsnarf -i wlan1
But the pineapple does not seem to be arping nor sniffing anything...
Can anyone give me a hint to what am I doing wrong?

Anyone?

I still can't arp any network... Is wlan1 capable of arp-poison?

Any lights on what I'm doing wrong would be great, I'm able to arp with my PC but would love to be able to do it on my pineapple!

Posted

Is ipforwarding on? To check, do the following:

cd /proc

cat $(find . -name ip_forward)

1

In my instance, ipforward is turned on denoted by a '1'.

If the command returns a '0', then ipforward is off. To turn it on, enter the following:

echo 1 > /proc/sys/net/ipv4/ip_forward

Posted

Is ipforwarding on? To check, do the following:

cd /proc

cat $(find . -name ip_forward)

1

In my instance, ipforward is turned on denoted by a '1'.

If the command returns a '0', then ipforward is off. To turn it on, enter the following:

echo 1 > /proc/sys/net/ipv4/ip_forward

Yes, ipforward is enabled, I've checked and nothing happens. I arp the network, do urlsnarf -i wlan1, and no traffic :wacko:

Posted

Sure :)

root@Pineapple:~# ifconfig
br-lan    Link encap:Ethernet  HWaddr 00:13:37:A5:0C:10
          inet addr:172.16.42.1  Bcast:172.16.42.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:14982 errors:0 dropped:56 overruns:0 frame:0
          TX packets:16819 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1672082 (1.5 MiB)  TX bytes:5280980 (5.0 MiB)

eth0      Link encap:Ethernet  HWaddr 00:13:37:A5:0C:10
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:13635 errors:0 dropped:0 overruns:0 frame:0
          TX packets:15926 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1752550 (1.6 MiB)  TX bytes:3935375 (3.7 MiB)
          Interrupt:4

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:540 errors:0 dropped:0 overruns:0 frame:0
          TX packets:540 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:40376 (39.4 KiB)  TX bytes:40376 (39.4 KiB)

wlan0     Link encap:Ethernet  HWaddr 00:13:37:A5:0C:10
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1620 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2466 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:198535 (193.8 KiB)  TX bytes:1577990 (1.5 MiB)

wlan1     Link encap:Ethernet  HWaddr 00:13:37:89:85:36
          inet addr:192.168.1.93  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:4444 errors:0 dropped:85 overruns:0 frame:0
          TX packets:7556 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:2041821 (1.9 MiB)  TX bytes:595424 (581.4 KiB)

Posted

I'm sorry but why exactly are you using wlan1? It's supposed to be in Client Mode bringinging Internet to the pineapple. You are playing Man In The Middle but wlan1 isn't the middle.... You can use urlsnarf in br-lan because that's where the traffic is flowing back and forth. I'm no expert on ettercap but from what I can gather you should be using it on br-lan as well.

Posted

I'm sorry but why exactly are you using wlan1? It's supposed to be in Client Mode bringinging Internet to the pineapple. You are playing Man In The Middle but wlan1 isn't the middle.... You can use urlsnarf in br-lan because that's where the traffic is flowing back and forth. I'm no expert on ettercap but from what I can gather you should be using it on br-lan as well.

I'm using wlan1 because that's what's connected to my home router. I want to MITM my home router, so it would be something like:

Without ettercap:

Pineapple & other devices -> Home router

With:

Other devices -> Pineapple -> Home router

Since the connection between the router and the pineapple are using wlan1, shouln't I use wlan1 with ettercap?

I think that br-lan would be to MITM the clients connected to the pineapple?

Please correct me if my logic is incorrect. And thank you for the feedback, I've tried to use br-lan, but It did not work.

Posted (edited)

Wouldn't you have to declare at least the router ip?

ettercap -i wlan1 -M arp /192.168.1.254/ // -Tq

You are just trying to do a simple scratch -n- sniff right?

Edited by King Crimson
Posted

I guess, it's some bug with that because I also have problem with this.

That's command which I paste into ettercap:

ettercap -i br-lan -M arp:remote 172.16.42.214

and It showed me

ettercap is not running...

Firmware 1.0.4 ;)

Posted

Wouldn't you have to declare at least the router ip?

ettercap -i wlan1 -M arp /192.168.1.254/ // -Tq

You are just trying to do a simple scratch -n- sniff right?

Even declaring the router, no traffic. Or if I try to use a filter, no results, It's like it's not arping the network... :wacko:

Posted

I have been messing with Reaver and Aircrack lately. I need to start messing with etter again. Seems like when I first got my MKV, I was able to do a simple poison on my home network from wlan1 but not sure I am remembering right. Like you, I use the command line as well for etter.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...