Jump to content

Ettercap & Pineapple


Catware
 Share

Recommended Posts

Hello everyone,

I'm having a problem with how to use ettercap on the pineapple.

I have my pineapple connecting to my router with wlan1, I then use:

ettercap -i wlan1 -M arp // // -Tq
and in another window urlsnarf -i wlan1
But the pineapple does not seem to be arping nor sniffing anything...
Can anyone give me a hint to what am I doing wrong?
Edited by Catware
Link to comment
Share on other sites

Hello everyone,

I'm having a problem with how to use ettercap on the pineapple.

I have my pineapple connecting to my router with wlan1, I then use:

ettercap -i wlan1 -M arp // // -Tq
and in another window urlsnarf -i wlan1
But the pineapple does not seem to be arping nor sniffing anything...
Can anyone give me a hint to what am I doing wrong?

Anyone?

I still can't arp any network... Is wlan1 capable of arp-poison?

Any lights on what I'm doing wrong would be great, I'm able to arp with my PC but would love to be able to do it on my pineapple!

Link to comment
Share on other sites

Is ipforwarding on? To check, do the following:

cd /proc

cat $(find . -name ip_forward)

1

In my instance, ipforward is turned on denoted by a '1'.

If the command returns a '0', then ipforward is off. To turn it on, enter the following:

echo 1 > /proc/sys/net/ipv4/ip_forward

Link to comment
Share on other sites

Is ipforwarding on? To check, do the following:

cd /proc

cat $(find . -name ip_forward)

1

In my instance, ipforward is turned on denoted by a '1'.

If the command returns a '0', then ipforward is off. To turn it on, enter the following:

echo 1 > /proc/sys/net/ipv4/ip_forward

Yes, ipforward is enabled, I've checked and nothing happens. I arp the network, do urlsnarf -i wlan1, and no traffic :wacko:

Link to comment
Share on other sites

Sure :)

root@Pineapple:~# ifconfig
br-lan    Link encap:Ethernet  HWaddr 00:13:37:A5:0C:10
          inet addr:172.16.42.1  Bcast:172.16.42.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:14982 errors:0 dropped:56 overruns:0 frame:0
          TX packets:16819 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1672082 (1.5 MiB)  TX bytes:5280980 (5.0 MiB)

eth0      Link encap:Ethernet  HWaddr 00:13:37:A5:0C:10
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:13635 errors:0 dropped:0 overruns:0 frame:0
          TX packets:15926 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1752550 (1.6 MiB)  TX bytes:3935375 (3.7 MiB)
          Interrupt:4

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:540 errors:0 dropped:0 overruns:0 frame:0
          TX packets:540 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:40376 (39.4 KiB)  TX bytes:40376 (39.4 KiB)

wlan0     Link encap:Ethernet  HWaddr 00:13:37:A5:0C:10
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1620 errors:0 dropped:0 overruns:0 frame:0
          TX packets:2466 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:198535 (193.8 KiB)  TX bytes:1577990 (1.5 MiB)

wlan1     Link encap:Ethernet  HWaddr 00:13:37:89:85:36
          inet addr:192.168.1.93  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:4444 errors:0 dropped:85 overruns:0 frame:0
          TX packets:7556 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:2041821 (1.9 MiB)  TX bytes:595424 (581.4 KiB)

Link to comment
Share on other sites

I'm sorry but why exactly are you using wlan1? It's supposed to be in Client Mode bringinging Internet to the pineapple. You are playing Man In The Middle but wlan1 isn't the middle.... You can use urlsnarf in br-lan because that's where the traffic is flowing back and forth. I'm no expert on ettercap but from what I can gather you should be using it on br-lan as well.

Link to comment
Share on other sites

I'm sorry but why exactly are you using wlan1? It's supposed to be in Client Mode bringinging Internet to the pineapple. You are playing Man In The Middle but wlan1 isn't the middle.... You can use urlsnarf in br-lan because that's where the traffic is flowing back and forth. I'm no expert on ettercap but from what I can gather you should be using it on br-lan as well.

I'm using wlan1 because that's what's connected to my home router. I want to MITM my home router, so it would be something like:

Without ettercap:

Pineapple & other devices -> Home router

With:

Other devices -> Pineapple -> Home router

Since the connection between the router and the pineapple are using wlan1, shouln't I use wlan1 with ettercap?

I think that br-lan would be to MITM the clients connected to the pineapple?

Please correct me if my logic is incorrect. And thank you for the feedback, I've tried to use br-lan, but It did not work.

Link to comment
Share on other sites

Wouldn't you have to declare at least the router ip?

ettercap -i wlan1 -M arp /192.168.1.254/ // -Tq

You are just trying to do a simple scratch -n- sniff right?

Edited by King Crimson
Link to comment
Share on other sites

Wouldn't you have to declare at least the router ip?

ettercap -i wlan1 -M arp /192.168.1.254/ // -Tq

You are just trying to do a simple scratch -n- sniff right?

Even declaring the router, no traffic. Or if I try to use a filter, no results, It's like it's not arping the network... :wacko:

Link to comment
Share on other sites

I have been messing with Reaver and Aircrack lately. I need to start messing with etter again. Seems like when I first got my MKV, I was able to do a simple poison on my home network from wlan1 but not sure I am remembering right. Like you, I use the command line as well for etter.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...