Today I will be covering how to obtain login credentials with Ettercap-gtk in Backtrack 5 and R variants. The attack we will be performing is commonly referred to as a "man in the middle" (MitM) attack; we will cover why it is referred to as this later on in this thread. So, without further ado, let's get started.
Prerequisite:
A copy of Backtrack 5 Linux (or R varaint) installed. There are a multitude of ways to install BT 5 Linux, which can be found in the following links below (as well as the DL). I downloaded the ISO of Backtrack 5 R3 GNOME and ran it in VMware Workstation, however, you can also dual-boot and run it live off of a flashdrive or CD.
How-To guides for installing BT 5 Linux: http://
Download for BT 5 Linux: http://
~Note: I recommend the GNOME version of BT 5 Linux in comparison to KDE, as GNOME is more user-friendly and reliable; it will be what I will be using in this tutorial.
Now that you have installed BT 5 (whether it be LIVE or in a VM), boot into BT 5 Linux and hit "ENTER" if you hit a black-screen mentioning Debian. You will then be prompted for the user-name, type in "root", followed with the password "toor" (you can change this later in the preferences if you would like). Once you get the boot modes, simply choose the first one (default) and hit "ENTER". Wait for BT 5 Linux to process, and once you are in the final command-line interface, type in "startx" and hit "ENTER"; that's it!
You should be greeted with a screen, with no icons except one at the top left that says "Install Backtrack".
Now, the first thing you are going to want to do is go to the top left and click: Applications-->Internet-->Fire
How to install Aircrack-ng suite in Linux with terminal/ console: http://www.aircrack-ng.org/
Now that you have the Aircrack suite installed, you are going to want to go back to your Desktop (if not already there) and go to: Applications--> Backtrack--> Privilege Escalation--> Network Sniffers--> Ettercap.gtk (if you want to, you can drag and drop it to your desktop for quicker access).
Now, before we open up Ettercap, we are goign to want to edit the conf file to fabricate a network certificate for our MitM attack (I will go into detail later). Go to: Places--> File System--> and etc. Click on the magnifying glass by the arrow keys on the top left of the File Browser and type in "etter.conf". Wait for the results, then right click on the file and click "Open with gedit Text Editor". Scroll down until you see a section titled "Linux" like so:
#--
# Linux
#--
Scroll down just a little bit more until you see: # if you use iptables.
Image: http://on.fb.me/ZNqTaI
Today I will be covering how to obtain login credentials with Ettercap-gtk in Backtrack 5 and R variants. The attack we will be performing is commonly referred to as a "man in the middle" (MitM) attack; we will cover why it is referred to as this later on in this thread. So, without further ado, let's get started.
Prerequisite:
A copy of Backtrack 5 Linux (or R varaint) installed. There are a multitude of ways to install BT 5 Linux, which can be found in the following links below (as well as the DL). I downloaded the ISO of Backtrack 5 R3 GNOME and ran it in VMware Workstation, however, you can also dual-boot and run it live off of a flashdrive or CD.
How-To guides for installing BT 5 Linux: http://
Download for BT 5 Linux: http://
~Note: I recommend the GNOME version of BT 5 Linux in comparison to KDE, as GNOME is more user-friendly and reliable; it will be what I will be using in this tutorial.
Now that you have installed BT 5 (whether it be LIVE or in a VM), boot into BT 5 Linux and hit "ENTER" if you hit a black-screen mentioning Debian. You will then be prompted for the user-name, type in "root", followed with the password "toor" (you can change this later in the preferences if you would like). Once you get the boot modes, simply choose the first one (default) and hit "ENTER". Wait for BT 5 Linux to process, and once you are in the final command-line interface, type in "startx" and hit "ENTER"; that's it!
You should be greeted with a screen, with no icons except one at the top left that says "Install Backtrack".
Now, the first thing you are going to want to do is go to the top left and click: Applications-->Internet-->Fire
How to install Aircrack-ng suite in Linux with terminal/ console: http://www.aircrack-ng.org/
Now that you have the Aircrack suite installed, you are going to want to go back to your Desktop (if not already there) and go to: Applications--> Backtrack--> Privilege Escalation--> Network Sniffers--> Ettercap.gtk (if you want to, you can drag and drop it to your desktop for quicker access).
Now, before we open up Ettercap, we are goign to want to edit the conf file to fabricate a network certificate for our MitM attack (I will go into detail later). Go to: Places--> File System--> and etc. Click on the magnifying glass by the arrow keys on the top left of the File Browser and type in "etter.conf". Wait for the results, then right click on the file and click "Open with gedit Text Editor". Scroll down until you see a section titled "Linux" like so:
#--
# Linux
#--
Scroll down just a little bit more until you see: # if you use iptables.
Image: http://on.fb.me/ZNqTaI
Before both "dports" you should see a single hashtag. In Linux, this just means that these to commands are nothing but notes, but we need these to be active in order for us to create a fake certificate. Luckily enough, the guys who coded Ettercap already put the code in, so you can kind of think of it like "unlocking" the feature. Simply remvoe the two hashtags and go to: File--> Save.
Once you are done, close the conf file and open up Ettercap-gtk. The first thing you are going to want to do is click "Sniff" and then "Unified Sniffing". Ettercap should then prompt you for your wireless interface (usually wlan0 or eth0, mine is eth0). Simply click "OK". Now, click on "Hosts" and then "Scan for hosts". This will show you the computers connected to the network if you then decide to click "Hosts" and then "Host List".
Image: http://on.fb.me/13Ufau6
From here, click "Mitm" and then "ARP Poisoning"; tack the "Sniff remote connections" box and hit "OK".
Now that you are ready to start sniffing, you can go and head to "Start" and then "Start Sniffing". Now, if anyone on the network is loging into a service, they will most likely be under an HTTP Connection. The only reason we didn't use Wireshark or another protocol analyzer in this case is because, behind secure http, there is no way to view the encrypted packets in a manner that humans can comprehend, thus, ettercap will allow us to bypass the secure layer in the http connection with the fabricated certificate. If we were to not get rid of the hashtags in the conf file, we would most likely not get the results we desired.
If anyone logs into something like Netflix or Gmail, it will show the user and pass for it in the box at the bottom of Ettercap's GUI.
Learn Hmei-7.blogspot.com Hacking Training Course In Pune and CCNA Networking Course In Pune by Sysaptech
Prerequisite:
A copy of Backtrack 5 Linux (or R varaint) installed. There are a multitude of ways to install BT 5 Linux, which can be found in the following links below (as well as the DL). I downloaded the ISO of Backtrack 5 R3 GNOME and ran it in VMware Workstation, however, you can also dual-boot and run it live off of a flashdrive or CD.
How-To guides for installing BT 5 Linux: http://
Download for BT 5 Linux: http://
~Note: I recommend the GNOME version of BT 5 Linux in comparison to KDE, as GNOME is more user-friendly and reliable; it will be what I will be using in this tutorial.
Now that you have installed BT 5 (whether it be LIVE or in a VM), boot into BT 5 Linux and hit "ENTER" if you hit a black-screen mentioning Debian. You will then be prompted for the user-name, type in "root", followed with the password "toor" (you can change this later in the preferences if you would like). Once you get the boot modes, simply choose the first one (default) and hit "ENTER". Wait for BT 5 Linux to process, and once you are in the final command-line interface, type in "startx" and hit "ENTER"; that's it!
You should be greeted with a screen, with no icons except one at the top left that says "Install Backtrack".
Now, the first thing you are going to want to do is go to the top left and click: Applications-->Internet-->Fire
How to install Aircrack-ng suite in Linux with terminal/ console: http://www.aircrack-ng.org/
Now that you have the Aircrack suite installed, you are going to want to go back to your Desktop (if not already there) and go to: Applications--> Backtrack--> Privilege Escalation--> Network Sniffers--> Ettercap.gtk (if you want to, you can drag and drop it to your desktop for quicker access).
Now, before we open up Ettercap, we are goign to want to edit the conf file to fabricate a network certificate for our MitM attack (I will go into detail later). Go to: Places--> File System--> and etc. Click on the magnifying glass by the arrow keys on the top left of the File Browser and type in "etter.conf". Wait for the results, then right click on the file and click "Open with gedit Text Editor". Scroll down until you see a section titled "Linux" like so:
#--
# Linux
#--
Scroll down just a little bit more until you see: # if you use iptables.
Image: http://on.fb.me/ZNqTaI
Today I will be covering how to obtain login credentials with Ettercap-gtk in Backtrack 5 and R variants. The attack we will be performing is commonly referred to as a "man in the middle" (MitM) attack; we will cover why it is referred to as this later on in this thread. So, without further ado, let's get started.
Prerequisite:
A copy of Backtrack 5 Linux (or R varaint) installed. There are a multitude of ways to install BT 5 Linux, which can be found in the following links below (as well as the DL). I downloaded the ISO of Backtrack 5 R3 GNOME and ran it in VMware Workstation, however, you can also dual-boot and run it live off of a flashdrive or CD.
How-To guides for installing BT 5 Linux: http://
Download for BT 5 Linux: http://
~Note: I recommend the GNOME version of BT 5 Linux in comparison to KDE, as GNOME is more user-friendly and reliable; it will be what I will be using in this tutorial.
Now that you have installed BT 5 (whether it be LIVE or in a VM), boot into BT 5 Linux and hit "ENTER" if you hit a black-screen mentioning Debian. You will then be prompted for the user-name, type in "root", followed with the password "toor" (you can change this later in the preferences if you would like). Once you get the boot modes, simply choose the first one (default) and hit "ENTER". Wait for BT 5 Linux to process, and once you are in the final command-line interface, type in "startx" and hit "ENTER"; that's it!
You should be greeted with a screen, with no icons except one at the top left that says "Install Backtrack".
Now, the first thing you are going to want to do is go to the top left and click: Applications-->Internet-->Fire
How to install Aircrack-ng suite in Linux with terminal/ console: http://www.aircrack-ng.org/
Now that you have the Aircrack suite installed, you are going to want to go back to your Desktop (if not already there) and go to: Applications--> Backtrack--> Privilege Escalation--> Network Sniffers--> Ettercap.gtk (if you want to, you can drag and drop it to your desktop for quicker access).
Now, before we open up Ettercap, we are goign to want to edit the conf file to fabricate a network certificate for our MitM attack (I will go into detail later). Go to: Places--> File System--> and etc. Click on the magnifying glass by the arrow keys on the top left of the File Browser and type in "etter.conf". Wait for the results, then right click on the file and click "Open with gedit Text Editor". Scroll down until you see a section titled "Linux" like so:
#--
# Linux
#--
Scroll down just a little bit more until you see: # if you use iptables.
Image: http://on.fb.me/ZNqTaI
Before both "dports" you should see a single hashtag. In Linux, this just means that these to commands are nothing but notes, but we need these to be active in order for us to create a fake certificate. Luckily enough, the guys who coded Ettercap already put the code in, so you can kind of think of it like "unlocking" the feature. Simply remvoe the two hashtags and go to: File--> Save.
Once you are done, close the conf file and open up Ettercap-gtk. The first thing you are going to want to do is click "Sniff" and then "Unified Sniffing". Ettercap should then prompt you for your wireless interface (usually wlan0 or eth0, mine is eth0). Simply click "OK". Now, click on "Hosts" and then "Scan for hosts". This will show you the computers connected to the network if you then decide to click "Hosts" and then "Host List".
Image: http://on.fb.me/13Ufau6
From here, click "Mitm" and then "ARP Poisoning"; tack the "Sniff remote connections" box and hit "OK".
Now that you are ready to start sniffing, you can go and head to "Start" and then "Start Sniffing". Now, if anyone on the network is loging into a service, they will most likely be under an HTTP Connection. The only reason we didn't use Wireshark or another protocol analyzer in this case is because, behind secure http, there is no way to view the encrypted packets in a manner that humans can comprehend, thus, ettercap will allow us to bypass the secure layer in the http connection with the fabricated certificate. If we were to not get rid of the hashtags in the conf file, we would most likely not get the results we desired.
If anyone logs into something like Netflix or Gmail, it will show the user and pass for it in the box at the bottom of Ettercap's GUI.
Learn Hmei-7.blogspot.com Hacking Training Course In Pune and CCNA Networking Course In Pune by Sysaptech
Posting Komentar