Notices


Reply
Thread Tools
Saturn's Avatar
Posts: 1,648 | Thanked: 2,122 times | Joined on Mar 2007 @ UNKLE's Never Never Land
#351
Originally Posted by ivgalvez View Post
Package ettercap is not installable, depends on libltdl3 which seems not to be present in the repositories.
Yes, big mess still.

Get it from here in the meantime:
http://talk.maemo.org/showpost.php?p...2&postcount=17

Maybe Colin can help us here..
 

The Following User Says Thank You to Saturn For This Useful Post:
Posts: 1,397 | Thanked: 2,126 times | Joined on Nov 2009 @ Dublin, Ireland
#352
Originally Posted by Saturn View Post
Yes, big mess still.

Get it from here in the meantime:
http://talk.maemo.org/showpost.php?p...2&postcount=17

Maybe Colin can help us here..
Thank you both, I had already installed manually, just pointing it.

It's really close to be a single click install.
 
Posts: 10 | Thanked: 7 times | Joined on Sep 2010
#353
Originally Posted by meLi View Post
I have problem with ettercap shutting down terminated. also dns not supported etter.conf line 70. Anybody can help me ?

TQ
Good Day Meli
I had a similar problem (crashing-ettercap terminating xterm window), and I went to re-install nmap.
The DNS error is non-related to ettercap crashing.
Actually I did a downgrade because the auto-updates had upgraded my n900 nmap to ver. Beta something.

code:
apt-get -f install nmap=5.50-2

This will downgrade to a compatible nmap.

I hope this will help you.

I have upgraded to the 'New' Yamas today, leaving the old NMAP, and It works superbly even with the DNS ettercap error.


lost_bro

Last edited by lost_bro; 2011-08-09 at 20:56. Reason: brain stuck | reboot loop
 

The Following 5 Users Say Thank You to lost_bro For This Useful Post:
Posts: 10 | Thanked: 7 times | Joined on Sep 2010
#354
Originally Posted by adhrie View Post
disector dns problem didnt occur if i run yamas from xterm by previously becoming root via the sudo gainroot command

but if become root with the command 'root' or 'sudo yamas' i will still get the disector dns problem

maybe somebody knows the difference between those command and come up with a solution to this problem
Good afternoon:

Yes, I have always gotten the DNS error message on the Ettercap xterm.

I have tried 'Sudo Gainroot' 'Root' and the Desktop shortcut. ALL three give the same error.
I have tried all versions of Ettercap and Ettercap-GTK. ALL versions give the same DNS error.

The strange part is that I CAN recover the Logins and Passwords just fine. Have tested successfully with ie: Facebook, yahoo.mail, etc.

So: for me, ettercap IS functional with the DNS error, and I have always had this DNS since I first installed Yamas many weeks ago.

I would be interested to know WHY the error occurs.

Take care
lost_bro
 
Posts: 1,163 | Thanked: 1,873 times | Joined on Feb 2011 @ The Netherlands
#355
Originally Posted by lost_bro View Post
Good afternoon:

Yes, I have always gotten the DNS error message on the Ettercap xterm.

I have tried 'Sudo Gainroot' 'Root' and the Desktop shortcut. ALL three give the same error.
I have tried all versions of Ettercap and Ettercap-GTK. ALL versions give the same DNS error.

The strange part is that I CAN recover the Logins and Passwords just fine. Have tested successfully with ie: Facebook, yahoo.mail, etc.

So: for me, ettercap IS functional with the DNS error, and I have always had this DNS since I first installed Yamas many weeks ago.

I would be interested to know WHY the error occurs.

Take care
lost_bro
Same for me, always had that error but no problems.
I can also confirm that the nmap=5.59BETA is giving problems with the script and ettercap!

Version 5.50-2 works OK

Edit: Something I found out:
Also when logging in on gmail from FF using saved password, so all text is filled in and you only have to click log in, or something. SSLstrip cannot capture/snif it when using this script. However if you TYPE the password it GET's sniffed by this scripted.

Last edited by mr_pingu; 2011-08-09 at 21:07.
 
Posts: 10 | Thanked: 7 times | Joined on Sep 2010
#356
Originally Posted by mr_pingu View Post

Edit: Something I found out:
Also when logging in on gmail from FF using saved password, so all text is filled in and you only have to click log in, or something. SSLstrip cannot capture/snif it when using this script. However if you TYPE the password it GET's sniffed by this scripted.
Yes: This is same for me.

If the password is saved in the field beforehand, SSLstrip does not decode it.

If the password is entered into the field in real-time, Ettercap will capture it and SSLstrip will decode it.

I believe this is because the P/W is NOT being relayed/sent in real-time as it is already stored for use. Please correct me if I am wrong in this assumption.

lost_bro
 

The Following User Says Thank You to lost_bro For This Useful Post:
Posts: 1,163 | Thanked: 1,873 times | Joined on Feb 2011 @ The Netherlands
#357
Originally Posted by lost_bro View Post
Yes: This is same for me.

If the password is saved in the field beforehand, SSLstrip does not decode it.

If the password is entered into the field in real-time, Ettercap will capture it and SSLstrip will decode it.

I believe this is because the P/W is NOT being relayed/sent in real-time as it is already stored for use. Please correct me if I am wrong in this assumption.

lost_bro

I think you are right, but Im not as experienced and have that much knowledge as ComaX, hope he can confirm or explain why this is happening.

Did you also used firefox?
 
Posts: 83 | Thanked: 142 times | Joined on Jun 2011 @ Paris, France
#358
Originally Posted by mr_pingu View Post
I think you are right, but Im not as experienced and have that much knowledge as ComaX, hope he can confirm or explain why this is happening.

Did you also used firefox?
That's very nice of you to say that, but I wouldn't say I know too much either.

Anyway, in this case I think a cookie is sent instead of encrypted or plain text. The only way to know for sure is to manually check the whole log (so at the end of the attack, you say yes to keep it, and then search for the pass you entered). Well I'm pretty sure it's that tough, because I already did this check for the same reason.

It's worth giving it a shot on your side though
__________________
http://comax.fr/
"I like to dissect girls. Did you know I am utterly insane ?"
 

The Following User Says Thank You to comaX For This Useful Post:
Posts: 1,163 | Thanked: 1,873 times | Joined on Feb 2011 @ The Netherlands
#359
I see, well if it are cookies then they can be intercepted too. Think of sidejacking(or HTTP session hijacking).

Will check it out tomorrow, as I am now laying in my bed with only my n900 and I don't wanna perform the attack on my parents :P
 

The Following User Says Thank You to mr_pingu For This Useful Post:
K9999's Avatar
Posts: 168 | Thanked: 116 times | Joined on Mar 2011 @ Malaysia
#360
as far as I know, back in Back Track, they used to say this error appears when the version 64bits installed. but now ettercap on N900 doing the same thing? that was not the problem then.

p/s: I'm also having that dissector error line but I can still get logins. I only dun get anything if the hosts are many, or at a large number of users within the network.
 
Reply

Tags
pentesting, tester of pens

Thread Tools

 
Forum Jump


All times are GMT. The time now is 09:46.