cheeto Posted February 25, 2015 Share Posted February 25, 2015 Hey guys, As Hsts becomes wider spread, would it be correct to assume that Ettercap is becoming more limited? Let's face it a simple Google search these days is HTTPS. Thanks! Quote Link to comment Share on other sites More sharing options...
DataHead Posted February 25, 2015 Share Posted February 25, 2015 I still get my use from it ;-) Quote Link to comment Share on other sites More sharing options...
cheeto Posted February 25, 2015 Author Share Posted February 25, 2015 But doesn't HSTS interfere with your findings. Like passwords? Quote Link to comment Share on other sites More sharing options...
DataHead Posted February 25, 2015 Share Posted February 25, 2015 Well, I guess I should have been a bit more clear. I use ettercap for arp poisoning. So while it has a lot of features in its arsenal, my use cases require just the arp poisoning. Quote Link to comment Share on other sites More sharing options...
cheeto Posted February 25, 2015 Author Share Posted February 25, 2015 I've done some Arp poisoning with Kali a while back. If i recall correctly, you have to choose a specific client (after performing a scan) then inject ARP posioning... But the results would be limited because of HSTS, right? (I hope im wrong) THX!! Quote Link to comment Share on other sites More sharing options...
DataHead Posted February 25, 2015 Share Posted February 25, 2015 (edited) well defining the source & target can be set to discover and redirect all on the network with -M arp: oneway,remote // // . What arp poisoning does, is tells the networked devices "hey, I'm the router you're connected to, connect to me instead of the real one". but still, if using it for stripping reasons then hsts will be limited as you would still need to set up that bit or run an external program to strip data from now all connected local and external network devices (such as sslstrip), but for general network monitoring / sniffing, it works great. But I don't use it to sniff any passwords or anything like that, just use it for better monitoring on my network. Edited February 25, 2015 by DataHead Quote Link to comment Share on other sites More sharing options...
DataHead Posted February 25, 2015 Share Posted February 25, 2015 But all in all, do a quick google for the ettercap manpage for a better detailed description of its features :-) ettercap has plenty of use, just depends on what you use it for Quote Link to comment Share on other sites More sharing options...
cheeto Posted February 25, 2015 Author Share Posted February 25, 2015 Thanks Datahead, that made a lot of sense. Now it's my understanding that ARP will not work with IPV6. (only with ipv4). Would you recommend a Evil Foca? (works on ipv4 and 6)' thanks!!! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.