Sujet : sniffing ..... | |  Posté le 28-11-2009 ŕ 09:41:05
| sniffing .....
ools...
Ettercap
nano
1. For SSL Dissection support (hotmail,gmail), you need to do this:
Open a shell, type: "nano /usr/local/etc/etter.conf", use the down arrow until you reach "redir_command_on/off", look at the linux part, your gonna need to unccomment
http://tinypaste.com/1d42ddd
to
http://tinypaste.com/94af0
after your done, press F2, Y, Return.
Now boot Ettercap: Menu --> Backtrack --> Spoofing --> Ettercap
Go to: Sniff --> Unified Sniffing -->ethX(what interface you want to sniff).
Then Press: Ctrl+S to scan hosts.
Then Go to: Mitm --> ARP poisoning, select sniff remote connections, and press ok.
Then Go to: Start --> Start Sniffing.
For an Example, Walk to another pc, go to your internet email account (Hotmail, Gmail), and log in, you will be asked to trust the certificate, Trust it, and watch your sniffing computer, the username and password should appear.
When your done, go to Start --> Stop Sniffing, And go to Mitm --> Stop mitm attack(s)
with wireshack...
In order to start the program, (assuming Windows XP) click on Start, Programs, Wireshark (Group) and click on Wireshark.
Once the application starts-
Click on Capture and go to Interfaces. Select the active network card. Now click on the Options button in the Window.
Make sure the Capture packets in promiscuous mode box is check in the Wireshark Capture Options check box.
Now click on Start (This starts the capture process)
You will now see packets of data that are now passing across the network. Allow this application to run for several minutes. Return to the menu and click Stop.
You can find packets by typing key words or the word password and hitting enter to find the packets that may contain the password |
|
|
|