Introduction To Man-In-The-Middle Attacks -
Man in the middle attacks (Or Janus Attacks) is known as eavesdropping in the computer world.In these attacks,the attackers makes a fake bridge connections with the victims and relays message so they think that the connection is working the way it is supposed to work.
Introduction To ETTERCAP -
Ettercap,short for Ethernet Capture,Is an open source app that creates an fake connection to your victim and the router,captures and send's data to its destination.It features sniffing of live connections, content filtering on the fly and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis.
Installing ETTERCAP -
For Debian (Linux) based editions -
Debian based editions (Ubuntu,backtrack,etc) can install Ettercap by using these steps -
1-Open Your Terminal.
2-Type- sudo apt-get install ettercap-gtk ettercap-common
3 -When you have installed it, type on the terminal: sudo gedit /etc/etter.conf
4 - Look for something like "iptables" and delete the #.
5 -It Should look like :
redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport".
For Windows based editions -
1-Get the installer from Here
2 -Install it by using the on-screen steps.
Setting Up ETTERCAP -
1 - Run the application.
2 - Click "Sniff -Unified Sniffing",then choose the network from the drop-down list you want to attack.
3 - Once you have chosen the interface the something like this will open:
4 - Now go to - “Hosts->Scan for Host",now it will scan the network for other computers.
5 - When completed,click on "Hosts-> Host List",it will show up the available computers.
6 - Now select the computer you want to attack (example 192.168.0.5) as TARGET 1,And the ip of router (example 192.168.0.1) as TARGET 2.
7 - Now go to "MITM -> Arp Poisoning,and select the “Sniff Remote Connection” and click “ok”.
5 - When completed,click on "Hosts-> Host List",it will show up the available computers.
6 - Now select the computer you want to attack (example 192.168.0.5) as TARGET 1,And the ip of router (example 192.168.0.1) as TARGET 2.
7 - Now go to "MITM -> Arp Poisoning,and select the “Sniff Remote Connection” and click “ok”.
8 - Click "Start" and choose "Start Sniffing".
How Could the Attacker use this data -
The captured data can be easily used for sniffing password for Google Facebook,yahoo etc and they can also use it as a monitoring device,and see what kind of porn you like :P
NOTE : ETTERCAP can cause instability of network and the windows version is not too much stable, Restart the router in order to regain stability.
ConversionConversion EmoticonEmoticon