×
Create a new article
Write your page title here:
We currently have 3,186 articles on s23. Type your article name above or create one of the articles listed here!



    s23
    3,186Articles

    Ettercap: Difference between revisions

    imported>firewall.galenica.ch
    No edit summary
    imported>(logged).elkton01.md.comcast.net
    No edit summary
    Line 1: Line 1:
    http://ettercap.sourceforge.net/images/ettercap.gif
    +
    http://ettercap.sourceforge.net/images/ettercap.png
       
     
    http://ettercap.sourceforge.net
     
    http://ettercap.sourceforge.net
       
    0.6.9 RELEASED !!
    +
    NG-0.7.0_rc1 RELEASED !!
       
       
    Line 24: Line 24:
       
     
    Password collector for :
     
    Password collector for :
      +
    TELNET, FTP, POP, RLOGIN, SSH1, ICQ, SMB, MySQL, HTTP, NNTP, X11, NAPSTER,
    TELNET,
     
      +
    IRC, RIP, BGP, SOCKS 5, IMAP 4, VNC, LDAP, NFS, SNMP, HALF LIFE, QUAKE 3,
    FTP,
     
    POP,
    +
    MSN, YMSG
    RLOGIN,
     
    SSH1,
     
    ICQ,
     
    SMB,
     
    MySQL,
     
    HTTP,
     
    NNTP,
     
    X11,
     
    NAPSTER,
     
    IRC,
     
    RIP,
     
    BGP,
     
    SOCKS 5,
     
    IMAP 4,
     
    VNC,
     
    LDAP,
     
    NFS,
     
    SNMP,
     
    HALF LIFE,
     
    QUAKE 3,
     
    MSN,
     
    YMSG
     
     
    (other protocols coming soon...)
     
    (other protocols coming soon...)
       
    Line 63: Line 41:
     
    Bind sniffed data to a local port: you can connect to that port with a client and decode unknown portocols or inject data to it (only in arp based mode)
     
    Bind sniffed data to a local port: you can connect to that port with a client and decode unknown portocols or inject data to it (only in arp based mode)
     
     
    Interface: All this feature are integrated with a easy-to-use and pleasureful ncurses interface. (see screenshots)
    +
    Interface: Ettercap NG includes a ncurses, text and GTK+ interface.
     
     
     
    Platform: Linux 2.0.x
     
    Platform: Linux 2.0.x
    Line 70: Line 48:
     
    OpenBSD 2.[789] 3.0
     
    OpenBSD 2.[789] 3.0
     
    NetBSD 1.5 Mac OS X (darwin 1.3 1.4 5.1)
     
    NetBSD 1.5 Mac OS X (darwin 1.3 1.4 5.1)
    Windows 9x/NT/2000/XP
    +
    Windows 9x/NT/2000/XP (port in progress)
     
    Solaris 2.x
     
    Solaris 2.x
     
     
    Required Library: It doesn't require any lib such as libpcap, libnet or libnids, even ncurses is not necessary, but strongly recommended ;)
    +
    Required Library: Recent versions of libpcap and libnet are required now. The interface libraries like ncurses and GTK+ are optional.
       
     
    If you want SSH1 and/or HTTPS support, ettercap requires OpenSSL libraries
     
    If you want SSH1 and/or HTTPS support, ettercap requires OpenSSL libraries

    Revision as of 16:22, 1 July 2004

    http://ettercap.sourceforge.net/images/ettercap.png

    http://ettercap.sourceforge.net

    NG-0.7.0_rc1 RELEASED !!


    Short Description:

    Ettercap is a multipurpose sniffer/interceptor/logger for switched LAN. It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis.


    Cool Features: Characters injection in an established connection : you can inject character to server (emulating commands) or to client (emulating replies) maintaining the connection alive !!

    SSH1 support : you can sniff User and Pass, and even the data of an SSH1 connection. ettercap is the first software capable to sniff an SSH connection in FULL-DUPLEX

    HTTPS support : you can sniff http SSL secured data... and even if the connection is made through a PROXY

    Remote traffic through GRE tunnel: you can sniff remote traffic through a GRE tunnel from a remote cisco router and make mitm attack on it

    Plug-ins support : You can create your own plugin using the ettercap's API. List of available plugins

    Password collector for :

        TELNET, FTP, POP, RLOGIN, SSH1, ICQ, SMB, MySQL, HTTP, NNTP, X11, NAPSTER, 
        IRC, RIP, BGP, SOCKS 5, IMAP 4, VNC, LDAP, NFS, SNMP, HALF LIFE, QUAKE 3, 
        MSN, YMSG 
        (other protocols coming soon...)
    

    Paket filtering/dropping: You can set up a filter that search for a particular string (even hex) in the TCP or UDP payload and replace it with yours or drop the entire packet.

    OS fingerprint: you can fingerprint the OS of the victim host and even its network adapter

    Kill a connection: from the connections list you can kill all the connections you want

    Passive scanning of the LAN: you can retrive infos about: hosts in the lan, open ports, services version, type of the host (gateway, router or simple host) and extimated distance in hop.

    Check for other poisoners: ettercap has the ability to actively or passively find other poisoners on the LAN

    Bind sniffed data to a local port: you can connect to that port with a client and decode unknown portocols or inject data to it (only in arp based mode)

    Interface: Ettercap NG includes a ncurses, text and GTK+ interface.

    Platform: Linux 2.0.x Linux 2.2.x Linux 2.4.x FreeBSD 4.x OpenBSD 2.[789] 3.0 NetBSD 1.5 Mac OS X (darwin 1.3 1.4 5.1) Windows 9x/NT/2000/XP (port in progress) Solaris 2.x

    Required Library: Recent versions of libpcap and libnet are required now. The interface libraries like ncurses and GTK+ are optional.

    If you want SSH1 and/or HTTPS support, ettercap requires OpenSSL libraries

    Cookies help us deliver our services. By using our services, you agree to our use of cookies.
    Cookies help us deliver our services. By using our services, you agree to our use of cookies.