emilam

Help Request: Ettercap oneway configuration

2 posts in this topic

Hello,

I have a pentest next week where I know they will kill my port if

detected. Normally I use Cain, one b/c its such a great tool, but two

because I am lazy (because its such a great tool)

I have read through the man pages, looked through the ettercap forums

(tried to register but it errors out) I have been look for a few days,

but no one really knows how to properly set it up.

I put together a script (text file included) and I was hoping anyone could

help me with the following line:

ettercap -M arp:oneway -T -q -p -L ettercap$(date +%F-%H%M) -i $IFACE // //

I guess my question is what do I put in the // //'s. The man page is

missing the context for me to fully understand what the IPs shown actually

represent.

In addition, per the man page note, I used the following command to create

a route to the gw (11.11.14.1) on my attacking system.

route add -net 11.11.14.0 netmask 255.255.255.0 gw 11.11.14.1 eth0

Not sure that is correct either.

Please enjoy the script..would like to hear how it does for others.

Best Regards

easy-creds.txt

0

Share this post


Link to post
Share on other sites

Hello,

I have a pentest next week where I know they will kill my port if

detected. Normally I use Cain, one b/c its such a great tool, but two

because I am lazy (because its such a great tool)

I have read through the man pages, looked through the ettercap forums

(tried to register but it errors out) I have been look for a few days,

but no one really knows how to properly set it up.

I put together a script (text file included) and I was hoping anyone could

help me with the following line:

ettercap -M arp:oneway -T -q -p -L ettercap$(date +%F-%H%M) -i $IFACE // //

I guess my question is what do I put in the // //'s. The man page is

missing the context for me to fully understand what the IPs shown actually

represent.

In addition, per the man page note, I used the following command to create

a route to the gw (11.11.14.1) on my attacking system.

route add -net 11.11.14.0 netmask 255.255.255.0 gw 11.11.14.1 eth0

Not sure that is correct either.

Please enjoy the script..would like to hear how it does for others.

Best Regards

I was able to get it figured out....

for oneway the config is /targets-ips/ /gateway/ such as the following

ettercap -M arp:oneway -T -q -p -i eth0 /11.11.14.100-150/ /11.11.14.1/

So you can add a line to my script that is a copy of the remote arp poision and just edit the 'arp:opneway' and switch the targets around.

I may port to python to remove the manual editing...but it works fine for me right now.

Best Regards

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now